{"cve": [{"lastseen": "2020-10-03T12:45:53", "description": "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.", "edition": 3, "cvss3": {}, "published": "2013-02-08T19:55:00", "title": "CVE-2013-0166", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0166"], "modified": "2018-08-09T01:29:00", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:1.0.1a", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:redhat:openssl:0.9.7a-2", "cpe:/a:openssl:openssl:0.9.8u", "cpe:/a:openssl:openssl:1.0.1", "cpe:/a:openssl:openssl:0.9.8w", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8t", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:redhat:openssl:0.9.6b-3", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0h", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.8x", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:1.0.1b", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.8s", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:1.0.0i", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0f", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:1.0.1c", "cpe:/a:openssl:openssl:1.0.0e", "cpe:/a:openssl:openssl:1.0.0g", "cpe:/a:openssl:openssl:0.9.8r", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:1.0.0j", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.8v", "cpe:/a:openssl:openssl:1.0.0d", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.8p", "cpe:/a:redhat:openssl:0.9.6-15"], "id": "CVE-2013-0166", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0166", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openssl:0.9.6-15:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T00:16:35", "bulletinFamily": "software", "cvelist": ["CVE-2013-0166"], "edition": 1, "description": "\nF5 Product Development has assigned ID 410850, ID 410734, ID 407706 (BIG-IP), ID 410613, ID 411980 (FirePass), and ID 410742 (ARX) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/services/customer-support/ihealth/>) may list Heuristic H413586 on the **Diagnostics **> **Identified **> **High **screen.\n\nTo find out whether F5 has determined that your release is vulnerable, and to obtain information about releases or hotfixes that resolve the vulnerability, refer to the following table: \n\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.0.0 - 9.6.1 \n \n| 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 \n| OCSP profiles \n \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | 11.3.0 | 11.4.0 \n11.3.0 HF2 \n| OCSP profiles \nBIG-IP Analytics | 11.0.0 - 11.3.0 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n| OCSP profiles \nBIG-IP APM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP ASM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.2.0 - 9.4.8 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP Edge Gateway \n| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n| OCSP profiles \nBIG-IP GTM | None | 11.0.0 - 11.4.0 \n10.0.0 - 10.2.4 \n9.2.2 - 9.4.8 | None \nBIG-IP Link Controller | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.2.2 - 9.4.8 \n| 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP PEM | 11.3.0 \n| 11.4.0 \n11.3.0 HF2 \n| OCSP profiles \nBIG-IP PSM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.4.5 - 9.4.8 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.4.0 - 9.4.8 | 11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | 11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nARX | 6.0.0 - 6.4.0 \n5.0.0 - 5.3.1 | None | ARX GUI \n \nEnterprise Manager | None | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 - 3.1.1 | None \nFirePass | 7.0.0 \n6.0.0 - 6.1.0 | 7.0.0 HF-70-9 \n6.1.0 HF-610-11 | Administrative interface \nWebServices \n\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\n * [Common Vulnerabilities and Exposures (CVE-2013-0166)](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166>) \n\n\n**Note**: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K6845: Managing BIG-IP product hotfixes (9.x)](<https://support.f5.com/csp/article/K6845>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K10322: FirePass hotfix matrix](<https://support.f5.com/csp/article/K10322>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n * [K3430: Installing FirePass hotfixes](<https://support.f5.com/csp/article/K3430>)\n * [K6664: Obtaining and installing OPSWAT hotfixes](<https://support.f5.com/csp/article/K6664>)\n * [K10942: Installing OPSWAT hotfixes on BIG-IP APM systems](<https://support.f5.com/csp/article/K10942>)\n", "modified": "2016-01-09T02:30:00", "published": "2013-03-08T03:02:00", "id": "F5:K14261", "href": "https://support.f5.com/csp/article/K14261", "title": "OpenSSL OCSP vulnerability CVE-2013-0166", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-01T01:57:56", "description": "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d do\nnot properly perform signature verification for Online Certificate\nStatus Protocol (OCSP) responses, which allow remote attackers to\ncause a denial-of-service (DoS) (NULL pointer dereference and\napplication crash) by way of an invalid key.", "edition": 25, "published": "2014-10-10T00:00:00", "title": "F5 Networks BIG-IP : OpenSSL OCSP vulnerability (SOL14261)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL14261.NASL", "href": "https://www.tenable.com/plugins/nessus/78145", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL14261.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78145);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2013-0166\");\n script_bugtraq_id(57755, 60268);\n\n script_name(english:\"F5 Networks BIG-IP : OpenSSL OCSP vulnerability (SOL14261)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d do\nnot properly perform signature verification for Online Certificate\nStatus Protocol (OCSP) responses, which allow remote attackers to\ncause a denial-of-service (DoS) (NULL pointer dereference and\napplication crash) by way of an invalid key.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K14261\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL14261.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL14261\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.4.0\",\"11.3.0HF2\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.4.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.0.0-10.2.4\",\"9.2.0-9.4.8\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.4.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.4.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.0.0-10.2.4\",\"9.2.2-9.4.8\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.4.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.0.0-10.2.4\",\"9.0.0-9.6.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.4.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.4.0\",\"11.3.0HF2\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.0.0-10.2.4\",\"9.4.5-9.4.8\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.4.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.0.0-10.2.4\",\"9.4.0-9.4.8\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.0.0-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:54:04", "description": "Multiple vulnerabilities has been found and corrected in openssl :\n\nOpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d\ndoes not properly perform signature verification for OCSP responses,\nwhich allows remote attackers to cause a denial of service (NULL\npointer dereference and application crash) via an invalid key\n(CVE-2013-0166).\n\nThe TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as\nused in OpenSSL, OpenJDK, PolarSSL, and other products, do not\nproperly consider timing side-channel attacks on a MAC check\nrequirement during the processing of malformed CBC padding, which\nallows remote attackers to conduct distinguishing attacks and\nplaintext-recovery attacks via statistical analysis of timing data for\ncrafted packets, aka the Lucky Thirteen issue (CVE-2013-0169).\n\nThe updated packages have been upgraded to the 1.0.0k version which is\nnot vulnerable to these issues.", "edition": 25, "published": "2013-04-20T00:00:00", "title": "Mandriva Linux Security Advisory : openssl (MDVSA-2013:052)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-04-20T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:openssl", "p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl-devel", "p-cpe:/a:mandriva:linux:lib64openssl-static-devel"], "id": "MANDRIVA_MDVSA-2013-052.NASL", "href": "https://www.tenable.com/plugins/nessus/66066", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:052. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66066);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n script_xref(name:\"MDVSA\", value:\"2013:052\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openssl (MDVSA-2013:052)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in openssl :\n\nOpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d\ndoes not properly perform signature verification for OCSP responses,\nwhich allows remote attackers to cause a denial of service (NULL\npointer dereference and application crash) via an invalid key\n(CVE-2013-0166).\n\nThe TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as\nused in OpenSSL, OpenJDK, PolarSSL, and other products, do not\nproperly consider timing side-channel attacks on a MAC check\nrequirement during the processing of malformed CBC padding, which\nallows remote attackers to conduct distinguishing attacks and\nplaintext-recovery attacks via statistical analysis of timing data for\ncrafted packets, aka the Lucky Thirteen issue (CVE-2013-0169).\n\nThe updated packages have been upgraded to the 1.0.0k version which is\nnot vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20130204.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-devel-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-engines1.0.0-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-static-devel-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"openssl-1.0.0k-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:11:43", "description": "Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-03-04T00:00:00", "title": "Fedora 18 : openssl-1.0.1e-3.fc18 (2013-2834)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-03-04T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:openssl"], "id": "FEDORA_2013-2834.NASL", "href": "https://www.tenable.com/plugins/nessus/64982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-2834.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64982);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57755, 57778);\n script_xref(name:\"FEDORA\", value:\"2013-2834\");\n\n script_name(english:\"Fedora 18 : openssl-1.0.1e-3.fc18 (2013-2834)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=839735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=907589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=908052\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099470.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e08fe822\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"openssl-1.0.1e-3.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:18:39", "description": "The version of OpenSSL running on the remote host is affected by the\nfollowing vulnerabilities :\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing side-\n channel attacks on a MAC check requirement during the\n processing of malformed CBC padding, which allows\n remote attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the 'Lucky\n Thirteen' issue. (CVE-2013-0169)\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1\n before 1.0.1d does not properly perform signature\n verification for OCSP responses, which allows remote\n attackers to cause a denial of service (NULL pointer\n dereference and application crash) via an invalid key.\n (CVE-2013-0166)", "edition": 30, "published": "2014-04-16T00:00:00", "title": "AIX OpenSSL Advisory : openssl_advisory5.asc", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2014-04-16T00:00:00", "cpe": ["cpe:/o:ibm:aix"], "id": "AIX_OPENSSL_ADVISORY5.NASL", "href": "https://www.tenable.com/plugins/nessus/73563", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory openssl_advisory5.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73563);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n script_xref(name:\"CERT\", value:\"737740\");\n\n script_name(english:\"AIX OpenSSL Advisory : openssl_advisory5.asc\");\n script_summary(english:\"Checks the version of the openssl packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote AIX host is running a vulnerable version of OpenSSL.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of OpenSSL running on the remote host is affected by the\nfollowing vulnerabilities :\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing side-\n channel attacks on a MAC check requirement during the\n processing of malformed CBC padding, which allows\n remote attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the 'Lucky\n Thirteen' issue. (CVE-2013-0169)\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1\n before 1.0.1d does not properly perform signature\n verification for OCSP responses, which allows remote\n attackers to cause a denial of service (NULL pointer\n dereference and application crash) via an invalid key.\n (CVE-2013-0166)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\");\n script_set_attribute(attribute:\"solution\", value:\n\"A fix is available, and it can be downloaded from the AIX website.\n\nTo extract the fixes from the tar file :\n\n zcat openssl-0.9.8.2500.tar.Z | tar xvf -\n or\n zcat openssl-fips-12.9.8.2500.tar.Z | tar xvf -\n\nIMPORTANT : If possible, it is recommended that a mksysb backup of\nthe system be created. Verify it is both bootable and readable\nbefore proceeding.\n\nTo preview the fix installation :\n\n installp -apYd . openssl\n\nTo install the fix package :\n\n installp -aXYd . openssl\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/16\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\ninclude(\"aix.inc\");\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item_or_exit(\"Host/AIX/version\");\nif ( oslevel != \"AIX-5.3\" && oslevel != \"AIX-6.1\" && oslevel != \"AIX-7.1\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 5.3 / 6.1 / 7.1\", oslevel);\n}\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.2400\", fixpackagever:\"0.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.2400\", fixpackagever:\"0.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.2400\", fixpackagever:\"0.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"5.3\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.2400\", fixpackagever:\"12.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.2400\", fixpackagever:\"12.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.2400\", fixpackagever:\"12.9.8.2500\") > 0) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl.base / openssl-fips.base\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:11:43", "description": "Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-03-08T00:00:00", "title": "Fedora 17 : openssl-1.0.0k-1.fc17 (2013-2793)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-03-08T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:openssl"], "id": "FEDORA_2013-2793.NASL", "href": "https://www.tenable.com/plugins/nessus/65081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-2793.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65081);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57755, 57778);\n script_xref(name:\"FEDORA\", value:\"2013-2793\");\n\n script_name(english:\"Fedora 17 : openssl-1.0.0k-1.fc17 (2013-2793)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=839735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=907589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=908052\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099759.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?883de014\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"openssl-1.0.0k-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:01:06", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1\n before 1.0.1d does not properly perform signature\n verification for OCSP responses, which allows remote\n OCSP servers to cause a denial of service (NULL pointer\n dereference and application crash) via an invalid key.\n (CVE-2013-0166)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing\n side-channel attacks on a MAC check requirement during\n the processing of malformed CBC padding, which allows\n remote attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the 'Lucky\n Thirteen' issue. (CVE-2013-0169)", "edition": 25, "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : openssl (lucky_thirteen_vulnerability_in_solaris)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2015-01-19T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:openssl"], "id": "SOLARIS11_OPENSSL_20130716.NASL", "href": "https://www.tenable.com/plugins/nessus/80719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80719);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : openssl (lucky_thirteen_vulnerability_in_solaris)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1\n before 1.0.1d does not properly perform signature\n verification for OCSP responses, which allows remote\n OCSP servers to cause a denial of service (NULL pointer\n dereference and application crash) via an invalid key.\n (CVE-2013-0166)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing\n side-channel attacks on a MAC check requirement during\n the processing of malformed CBC padding, which allows\n remote attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the 'Lucky\n Thirteen' issue. (CVE-2013-0169)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/lucky-thirteen-vulnerability-in-solaris-openssl\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2d8ba7ad\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.7.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:openssl\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^openssl$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.7.0.5.0\", sru:\"SRU 11.1.7.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : openssl\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"openssl\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T04:33:00", "description": "According to its banner, the remote web server is running a version\nof OpenSSL 1.0.0 prior to 1.0.0k. The OpenSSL library is, therefore,\nreportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)", "edition": 23, "published": "2013-02-09T00:00:00", "title": "OpenSSL 1.0.0 < 1.0.0k Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_0K.NASL", "href": "https://www.tenable.com/plugins/nessus/64533", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64533);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n\n script_name(english:\"OpenSSL 1.0.0 < 1.0.0k Multiple Vulnerabilities\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server is running a version\nof OpenSSL 1.0.0 prior to 1.0.0k. The OpenSSL library is, therefore,\nreportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20130204.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.0k or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.0k', min:\"1.0.0\", severity:SECURITY_NOTE);\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T04:32:57", "description": "According to its banner, the remote web server is running a version\nof OpenSSL prior to 0.9.8y. The OpenSSL library is, therefore,\nreportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)", "edition": 23, "published": "2013-02-09T00:00:00", "title": "OpenSSL < 0.9.8y Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_8Y.NASL", "href": "https://www.tenable.com/plugins/nessus/64532", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64532);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n\n script_name(english:\"OpenSSL < 0.9.8y Multiple Vulnerabilities\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server is running a version\nof OpenSSL prior to 0.9.8y. The OpenSSL library is, therefore,\nreportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20130204.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 0.9.8y or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'0.9.8y', severity:SECURITY_NOTE);\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T09:47:46", "description": "Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues\n:\n\n - CVE-2013-0166\n OpenSSL does not properly perform signature verification\n for OCSP responses, which allows remote attackers to\n cause a denial of service via an invalid key.\n\n - CVE-2013-0169\n A timing side channel attack has been found in CBC\n padding allowing an attacker to recover pieces of\n plaintext via statistical analysis of crafted packages,\n known as the 'Lucky Thirteen' issue.", "edition": 17, "published": "2013-02-14T00:00:00", "title": "Debian DSA-2621-1 : openssl - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-02-14T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:openssl"], "id": "DEBIAN_DSA-2621.NASL", "href": "https://www.tenable.com/plugins/nessus/64623", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2621. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64623);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57755, 57778);\n script_xref(name:\"DSA\", value:\"2621\");\n\n script_name(english:\"Debian DSA-2621-1 : openssl - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues\n:\n\n - CVE-2013-0166\n OpenSSL does not properly perform signature verification\n for OCSP responses, which allows remote attackers to\n cause a denial of service via an invalid key.\n\n - CVE-2013-0169\n A timing side channel attack has been found in CBC\n padding allowing an attacker to recover pieces of\n plaintext via statistical analysis of crafted packages,\n known as the 'Lucky Thirteen' issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-0166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-0169\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2621\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze14.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcrypto0.9.8-udeb\", reference:\"0.9.8o-4squeeze14\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl-dev\", reference:\"0.9.8o-4squeeze14\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8o-4squeeze14\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8o-4squeeze14\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"openssl\", reference:\"0.9.8o-4squeeze14\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T03:19:25", "description": "According to its self-reported version number, the remote Junos device\nis using an outdated version of OpenSSL, which has multiple\nvulnerabilities including (but not limited to) :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)", "edition": 24, "published": "2013-07-16T00:00:00", "title": "Juniper Junos OpenSSL Multiple Vulnerabilities (JSA10575)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:juniper:junos"], "id": "JUNIPER_JSA10575.NASL", "href": "https://www.tenable.com/plugins/nessus/68908", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68908);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/12 19:01:15\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n\n script_name(english:\"Juniper Junos OpenSSL Multiple Vulnerabilities (JSA10575)\");\n script_summary(english:\"Checks version and build date\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its self-reported version number, the remote Junos device\nis using an outdated version of OpenSSL, which has multiple\nvulnerabilities including (but not limited to) :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10575\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant Junos upgrade referenced in Juniper advisory\nJSA10575.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:juniper:junos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Junos Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"junos_version.nasl\");\n script_require_keys(\"Host/Juniper/JUNOS/Version\", \"Host/Juniper/JUNOS/BuildDate\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"junos.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');\nbuild_date = get_kb_item_or_exit('Host/Juniper/JUNOS/BuildDate');\n\nif (compare_build_dates(build_date, '2013-06-13') >= 0)\n audit(AUDIT_INST_VER_NOT_VULN, 'Junos', ver + ' (build date ' + build_date + ')');\n\nfixes['11.4'] = '11.4R8';\nfixes['12.1'] = '12.1R6';\nfixes['12.2'] = '12.2R4';\nfixes['12.3'] = '12.3R3';\nfixes['13.1'] = '13.1R2';\nfix = check_junos(ver:ver, fixes:fixes, exit_on_fail:TRUE);\n\nif (report_verbosity > 0)\n{\n report = get_report(ver:ver, fix:fix);\n security_warning(port:0, extra:report);\n}\nelse security_warning(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "openssl": [{"lastseen": "2020-09-14T11:36:39", "bulletinFamily": "software", "cvelist": ["CVE-2013-0166"], "description": " A flaw in the OpenSSL handling of OCSP response verification can be exploited in a denial of service attack. Reported by Stephen Henson. \n\n * Fixed in OpenSSL 1.0.1d (Affected 1.0.1-1.0.1c)\n * Fixed in OpenSSL 1.0.0k (Affected 1.0.0-1.0.0j)\n * Fixed in OpenSSL 0.9.8y (Affected 0.9.8-0.9.8x)\n", "edition": 1, "modified": "2013-02-05T00:00:00", "published": "2013-02-05T00:00:00", "id": "OPENSSL:CVE-2013-0166", "href": "https://www.openssl.org/news/secadv/20130205.txt", "title": "Vulnerability in OpenSSL - OCSP invalid key DoS issue ", "type": "openssl", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:52:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166 \nOpenSSL does not properly perform signature verification for OCSP\nresponses, which allows remote attackers to cause a denial of\nservice via an invalid key.\n\nCVE-2013-0169A timing side channel attack has been found in CBC padding\nallowing an attacker to recover pieces of plaintext via statistical\nanalysis of crafted packages, known as the Lucky Thirteen \nissue.", "modified": "2017-07-07T00:00:00", "published": "2013-02-13T00:00:00", "id": "OPENVAS:892621", "href": "http://plugins.openvas.org/nasl.php?oid=892621", "type": "openvas", "title": "Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2621.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2621-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"openssl on Debian Linux\";\ntag_insight = \"This package contains the openssl binary and related tools.\";\ntag_solution = \"For the stable distribution (squeeze), these problems have been fixed in\nversion 0.9.8o-4squeeze14.\n\nFor the testing distribution (wheezy), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.1e-1.\n\nWe recommend that you upgrade your openssl packages.\";\ntag_summary = \"Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166 \nOpenSSL does not properly perform signature verification for OCSP\nresponses, which allows remote attackers to cause a denial of\nservice via an invalid key.\n\nCVE-2013-0169A timing side channel attack has been found in CBC padding\nallowing an attacker to recover pieces of plaintext via statistical\nanalysis of crafted packages, known as the Lucky Thirteen \nissue.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892621);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_name(\"Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-02-13 00:00:00 +0100 (Wed, 13 Feb 2013)\");\n script_tag(name: \"cvss_base\", value:\"5.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2621.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-05T00:00:00", "id": "OPENVAS:1361412562310865421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865421", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2013-2834", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2013-2834\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099470.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865421\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-05 09:41:43 +0530 (Tue, 05 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2013-2834\");\n script_name(\"Fedora Update for openssl FEDORA-2013-2834\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~3.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "VMware has updated the userworld OpenSSL library in vCenter Server\nto address multiple security vulnerabilities.", "modified": "2018-08-24T00:00:00", "published": "2014-01-09T00:00:00", "id": "OPENVAS:1361412562310103872", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103872", "type": "openvas", "title": "VMware Security Updates for vCenter Server (VMSA-2013-0009)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_vcenter_VMSA-2013-0009.nasl 11108 2018-08-24 14:27:07Z mmartin $\n#\n# VMware Security Updates for vCenter Server (VMSA-2013-0009)\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103872\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 11108 $\");\n script_name(\"VMware Security Updates for vCenter Server (VMSA-2013-0009)\");\n\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2013-0009.html\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-24 16:27:07 +0200 (Fri, 24 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-09 12:04:01 +0100 (Thu, 09 Jan 2014)\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_vcenter_detect.nasl\");\n script_mandatory_keys(\"VMware_vCenter/version\", \"VMware_vCenter/build\");\n\n script_tag(name:\"vuldetect\", value:\"Check the build number.\");\n script_tag(name:\"insight\", value:\"The userworld OpenSSL library is updated to version\nopenssl-0.9.8y to resolve multiple security issues.\");\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"VMware has updated the userworld OpenSSL library in vCenter Server\nto address multiple security vulnerabilities.\");\n script_tag(name:\"affected\", value:\"VMware vCenter Server before 5.0 update 3\");\n\n exit(0);\n\n}\n\ninclude(\"vmware_esx.inc\");\n\nif ( ! vcenter_version = get_kb_item(\"VMware_vCenter/version\"))exit(0);\nif ( ! vcenter_build = get_kb_item(\"VMware_vCenter/build\"))exit(0);\n\nfixed_builds = make_array(\"5.0.0\",\"1300600\");\n\nif ( ! fixed_builds[ vcenter_version] ) exit( 0 );\n\nif ( int( vcenter_build ) < int( fixed_builds[ vcenter_version ] ) )\n{\n security_message( port:0, data: esxi_remote_report( ver:vcenter_version, build: vcenter_build, fixed_build: fixed_builds[vcenter_version], typ:'vCenter' ) );\n exit(0);\n}\n\nexit(99);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166\nOpenSSL does not properly perform signature verification for OCSP\nresponses, which allows remote attackers to cause a denial of\nservice via an invalid key.\n\nCVE-2013-0169A timing side channel attack has been found in CBC padding\nallowing an attacker to recover pieces of plaintext via statistical\nanalysis of crafted packages, known as the Lucky Thirteen\nissue.", "modified": "2019-03-18T00:00:00", "published": "2013-02-13T00:00:00", "id": "OPENVAS:1361412562310892621", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892621", "type": "openvas", "title": "Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2621.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2621-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892621\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_name(\"Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-13 00:00:00 +0100 (Wed, 13 Feb 2013)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2621.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), these problems have been fixed in\nversion 0.9.8o-4squeeze14.\n\nFor the testing distribution (wheezy), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.1e-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166\nOpenSSL does not properly perform signature verification for OCSP\nresponses, which allows remote attackers to cause a denial of\nservice via an invalid key.\n\nCVE-2013-0169A timing side channel attack has been found in CBC padding\nallowing an attacker to recover pieces of plaintext via statistical\nanalysis of crafted packages, known as the Lucky Thirteen\nissue.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-31T10:49:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "VMware has updated the userworld OpenSSL library in vCenter Server\nto address multiple security vulnerabilities.", "modified": "2017-07-14T00:00:00", "published": "2014-01-09T00:00:00", "id": "OPENVAS:103872", "href": "http://plugins.openvas.org/nasl.php?oid=103872", "type": "openvas", "title": "VMware Security Updates for vCenter Server (VMSA-2013-0009)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_vcenter_VMSA-2013-0009.nasl 6724 2017-07-14 09:57:17Z teissa $\n#\n# VMware Security Updates for vCenter Server (VMSA-2013-0009)\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"VMware has updated the userworld OpenSSL library in vCenter Server\nto address multiple security vulnerabilities.\";\n\ntag_solution = \"Apply the missing patch(es).\";\ntag_affected = \"VMware vCenter Server before 5.0 update 3\";\ntag_vuldetect = \"Check the build number.\";\n\ntag_insight = \"The userworld OpenSSL library is updated to version\nopenssl-0.9.8y to resolve multiple security issues.\";\n\nif (description)\n{\n script_id(103872);\n script_cve_id(\"CVE-2013-0169\",\"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version (\"$Revision: 6724 $\");\n script_name(\"VMware Security Updates for vCenter Server (VMSA-2013-0009)\");\n\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2013-0009.html\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-14 11:57:17 +0200 (Fri, 14 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-09 12:04:01 +0100 (Thu, 09 Jan 2014)\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_vcenter_detect.nasl\");\n script_mandatory_keys(\"VMware_vCenter/version\",\"VMware_vCenter/build\");\n\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n\n exit(0);\n\n}\n\ninclude(\"vmware_esx.inc\");\n\nif ( ! vcenter_version = get_kb_item(\"VMware_vCenter/version\"))exit(0);\nif ( ! vcenter_build = get_kb_item(\"VMware_vCenter/build\"))exit(0);\n\nfixed_builds = make_array(\"5.0.0\",\"1300600\");\n\nif ( ! fixed_builds[ vcenter_version] ) exit( 0 );\n\nif ( int( vcenter_build ) < int( fixed_builds[ vcenter_version ] ) )\n{\n security_message( port:0, data: esxi_remote_report( ver:vcenter_version, build: vcenter_build, fixed_build: fixed_builds[vcenter_version], typ:'vCenter' ) );\n exit(0);\n} \n\nexit(99);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-02-06T13:10:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "Check for the Version of openssl", "modified": "2018-02-05T00:00:00", "published": "2013-03-05T00:00:00", "id": "OPENVAS:865421", "href": "http://plugins.openvas.org/nasl.php?oid=865421", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2013-2834", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2013-2834\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"openssl on Fedora 18\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099470.html\");\n script_id(865421);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-05 09:41:43 +0530 (Tue, 05 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2013-2834\");\n script_name(\"Fedora Update for openssl FEDORA-2013-2834\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~3.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:02:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120555", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120555", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-171)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120555\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:29:30 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-171)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenSSL. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-171.html\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0169\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "Oracle Linux Local Security Checks ELSA-2013-0587", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123684", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123684", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0587", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0587.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123684\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:12 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0587\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0587 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0587\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0587.html\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2012-4929\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~26.el5_9.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~26.el5_9.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~26.el5_9.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~27.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~27.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~27.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~27.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-08T00:00:00", "id": "OPENVAS:1361412562310881620", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881620", "type": "openvas", "title": "CentOS Update for openssl CESA-2013:0587 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2013:0587 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019264.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881620\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:19:35 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2013:0587\");\n script_name(\"CentOS Update for openssl CESA-2013:0587 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL leaked timing information when decrypting\n TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\n were used. A remote attacker could possibly use this flaw to retrieve plain\n text from the encrypted packets by using a TLS/SSL or DTLS server as a\n padding oracle. (CVE-2013-0169)\n\n A NULL pointer dereference flaw was found in the OCSP response verification\n in OpenSSL. A malicious OCSP server could use this flaw to crash\n applications performing OCSP verification by sending a specially-crafted\n response. (CVE-2013-0166)\n\n It was discovered that the TLS/SSL protocol could leak information about\n plain text when optional compression was used. An attacker able to control\n part of the plain text sent over an encrypted TLS/SSL connection could\n possibly use this flaw to recover other portions of the plain text.\n (CVE-2012-4929)\n\n Note: This update disables zlib compression, which was previously enabled\n in OpenSSL by default. Applications using OpenSSL now need to explicitly\n enable zlib compression to use it.\n\n It was found that OpenSSL read certain environment variables even when used\n by a privileged (setuid or setgid) application. A local attacker could use\n this flaw to escalate their privileges. No application shipped with Red Hat\n Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the\n system rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2013-03-05T00:00:00", "id": "OPENVAS:1361412562310870944", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870944", "type": "openvas", "title": "RedHat Update for openssl RHSA-2013:0587-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2013:0587-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00001.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870944\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-05 09:42:31 +0530 (Tue, 05 Mar 2013)\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2013:0587-01\");\n script_name(\"RedHat Update for openssl RHSA-2013:0587-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL leaked timing information when decrypting\n TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\n were used. A remote attacker could possibly use this flaw to retrieve plain\n text from the encrypted packets by using a TLS/SSL or DTLS server as a\n padding oracle. (CVE-2013-0169)\n\n A NULL pointer dereference flaw was found in the OCSP response verification\n in OpenSSL. A malicious OCSP server could use this flaw to crash\n applications performing OCSP verification by sending a specially-crafted\n response. (CVE-2013-0166)\n\n It was discovered that the TLS/SSL protocol could leak information about\n plain text when optional compression was used. An attacker able to control\n part of the plain text sent over an encrypted TLS/SSL connection could\n possibly use this flaw to recover other portions of the plain text.\n (CVE-2012-4929)\n\n Note: This update disables zlib compression, which was previously enabled\n in OpenSSL by default. Applications using OpenSSL now need to explicitly\n enable zlib compression to use it.\n\n It was found that OpenSSL read certain environment variables even when used\n by a privileged (setuid or setgid) application. A local attacker could use\n this flaw to escalate their privileges. No application shipped with Red Hat\n Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the\n system rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-05-29T14:33:37", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation (including all applications\nand configuration files).\n\nAll users of JBoss Enterprise Application Platform 5.2.0 for Solaris and\nMicrosoft Windows as provided from the Red Hat Customer Portal are advised\nto apply this update.", "modified": "2019-02-20T17:35:50", "published": "2013-05-01T21:58:17", "id": "RHSA-2013:0783", "href": "https://access.redhat.com/errata/RHSA-2013:0783", "type": "redhat", "title": "(RHSA-2013:0783) Moderate: openssl security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:10", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169"], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously enabled\nin OpenSSL by default. Applications using OpenSSL now need to explicitly\nenable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when used\nby a privileged (setuid or setgid) application. A local attacker could use\nthis flaw to escalate their privileges. No application shipped with Red Hat\nEnterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. For the update to take effect,\nall services linked to the OpenSSL library must be restarted, or the\nsystem rebooted.\n", "modified": "2018-06-06T20:24:09", "published": "2013-03-04T05:00:00", "id": "RHSA-2013:0587", "href": "https://access.redhat.com/errata/RHSA-2013:0587", "type": "redhat", "title": "(RHSA-2013:0587) Moderate: openssl security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:15", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2686", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160"], "description": "Red Hat Enterprise Virtualization Manager provides access to virtual\nmachines using SPICE. These SPICE client packages provide the SPICE client\nand usbclerk service for both Windows 32-bit operating systems and Windows\n64-bit operating systems.\n\nThe rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE\nclient. OpenSSL, a general purpose cryptography library with a TLS\nimplementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer\npackage has been updated to correct the following issues:\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the way OpenSSL handled\nTLS/SSL protocol handshake packets. A specially crafted handshake packet\ncould cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nThe updated mingw-virt-viewer Windows SPICE client further includes OpenSSL\nsecurity fixes that have no security impact on mingw-virt-viewer itself.\nThe security fixes included in this update address the following CVE\nnumbers:\n\nCVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166\n\nAll Red Hat Enterprise Virtualization Manager users are advised to upgrade\nto these updated packages, which address these issues.\n", "modified": "2018-06-07T09:00:06", "published": "2014-04-17T04:00:00", "id": "RHSA-2014:0416", "href": "https://access.redhat.com/errata/RHSA-2014:0416", "type": "redhat", "title": "(RHSA-2014:0416) Important: rhevm-spice-client security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-12-11T13:31:27", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1096", "CVE-2011-2487", "CVE-2012-4529", "CVE-2012-4572", "CVE-2012-5575", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-0218", "CVE-2013-2067"], "description": "JBoss Enterprise Application Platform 6 is a platform for Java applications\nbased on JBoss Application Server 7.\n\nThis release serves as a replacement for JBoss Enterprise Application\nPlatform 6.0.1, and includes bug fixes and enhancements. Refer to the 6.1.0\nRelease Notes for information on the most significant of these changes,\navailable shortly from https://access.redhat.com/site/documentation/\n\nSecurity fixes:\n\nXML encryption backwards compatibility attacks were found against various\nframeworks, including Apache CXF. An attacker could force a server to use\ninsecure, legacy cryptosystems, even when secure cryptosystems were enabled\non endpoints. By forcing the use of legacy cryptosystems, flaws such as\nCVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be\nrecovered from cryptograms and symmetric keys. (CVE-2012-5575)\n\nNote: Automatic checks to prevent CVE-2012-5575 are only run when\nWS-SecurityPolicy is used to enforce security requirements. It is best\npractice to use WS-SecurityPolicy to enforce security requirements.\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nWhen applications running on JBoss Web used the COOKIE session tracking\nmethod, the org.apache.catalina.connector.Response.encodeURL() method\nreturned the URL with the jsessionid appended as a query string parameter\nwhen processing the first request of a session. An attacker could possibly\nexploit this flaw by performing a man-in-the-middle attack to obtain a\nuser's jsessionid and hijack their session, or by extracting the jsessionid\nfrom log files. Note that no session tracking method is used by default,\none must be configured. (CVE-2012-4529)\n\nIf multiple applications used the same custom authorization module class\nname, and provided their own implementations of it, the first application\nto be loaded will have its implementation used for all other applications\nusing the same custom authorization module class name. A local attacker\ncould use this flaw to deploy a malicious application that provides\nimplementations of custom authorization modules that permit or deny user\naccess according to rules supplied by the attacker. (CVE-2012-4572)\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Application Platform administrator password and\nthe sucker password for the selected messaging system in plain text. A\nlocal user able to access the directory where the GUI installer was run\ncould use this flaw to gain administrative access to the JBoss Enterprise\nApplication Platform instance. (CVE-2013-0218)\n\nRed Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575.\nCVE-2012-4572 was discovered by Josef Cacek of the Red Hat JBoss EAP\nQuality Engineering team, and CVE-2013-0218 was discovered by Arun\nNeelicattu of the Red Hat Security Response Team.\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications.\n\nUsers of JBoss Enterprise Application Platform 6.0.1 as provided from the\nRed Hat Customer Portal are advised to upgrade to JBoss Enterprise\nApplication Platform 6.1.0.", "modified": "2019-02-20T17:35:03", "published": "2013-05-20T18:27:16", "id": "RHSA-2013:0833", "href": "https://access.redhat.com/errata/RHSA-2013:0833", "type": "redhat", "title": "(RHSA-2013:0833) Important: JBoss Enterprise Application Platform 6.1.0 update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:26", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4929", "CVE-2012-6075", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-0228", "CVE-2013-0268", "CVE-2013-0292", "CVE-2013-0338", "CVE-2013-0871", "CVE-2013-1619"], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nIt was discovered that GnuTLS leaked timing information when decrypting\nTLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A\nremote attacker could possibly use this flaw to retrieve plain text from\nthe encrypted packets by using a TLS/SSL server as a padding oracle.\n(CVE-2013-1619)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2013-0292 (dbus-glib issue)\n\nCVE-2013-0228, CVE-2013-0268, and CVE-2013-0871 (kernel issues)\n\nCVE-2013-0338 (libxml2 issue)\n\nThis update contains the builds from the following errata:\n\novirt-node: RHBA-2013:0634\n https://rhn.redhat.com/errata/RHBA-2013-0634.html\nkernel: RHSA-2013:0630\n https://rhn.redhat.com/errata/RHSA-2013-0630.html\ndbus-glib: RHSA-2013:0568\n https://rhn.redhat.com/errata/RHSA-2013-0568.html\nlibcgroup: RHBA-2013:0560\n https://rhn.redhat.com/errata/RHBA-2013-0560.html\nvdsm: RHBA-2013:0635\n https://rhn.redhat.com/errata/RHBA-2013-0635.html\nselinux-policy: RHBA-2013:0618\n https://rhn.redhat.com/errata/RHBA-2013-0618.html\nqemu-kvm-rhev: RHSA-2013:0610\n https://rhn.redhat.com/errata/RHSA-2013-0610.html\nglusterfs: RHBA-2013:0620\n https://rhn.redhat.com/errata/RHBA-2013-0620.html\ngnutls: RHSA-2013:0588\n https://rhn.redhat.com/errata/RHSA-2013-0588.html\nipmitool: RHBA-2013:0572\n https://rhn.redhat.com/errata/RHBA-2013-0572.html\nlibxml2: RHSA-2013:0581\n https://rhn.redhat.com/errata/RHSA-2013-0581.html\nopenldap: RHBA-2013:0598\n https://rhn.redhat.com/errata/RHBA-2013-0598.html\nopenssl: RHSA-2013:0587\n https://rhn.redhat.com/errata/RHSA-2013-0587.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "modified": "2018-06-07T08:59:36", "published": "2013-03-13T04:00:00", "id": "RHSA-2013:0636", "href": "https://access.redhat.com/errata/RHSA-2013:0636", "type": "redhat", "title": "(RHSA-2013:0636) Important: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "modified": "2013-03-02T19:55:52", "published": "2013-03-02T19:55:52", "id": "FEDORA:C041720764", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: openssl-1.0.1e-3.fc18", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2333", "CVE-2013-0166", "CVE-2013-0169"], "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "modified": "2013-03-08T00:02:36", "published": "2013-03-08T00:02:36", "id": "FEDORA:811AA20A83", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: openssl-1.0.0k-1.fc17", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "aix": [{"lastseen": "2019-05-29T19:19:11", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nIBM SECURITY ADVISORY\n\nFirst Issued: Fri Mar 15 03:20:11 CDT 2013\n\nThe most recent version of this document is available here:\n| Updated: Wed Jun 5 10:22:29 CDT 2013\n| Update: Fix available for FIPS version\n| Update: Corrected CVSS base score and vector\n\nhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc\nor\nftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc\n===============================================================================\n VULNERABILITY SUMMARY\n\nVULNERABILITY: Multiple OpenSSL vulnerabilities \n\nPLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.X\n\nSOLUTION: Apply the fix as described below.\n\nTHREAT: See below\n\nCVE Numbers: CVE-2013-0169\n CVE-2013-0166\n\nReboot required? NO\nWorkarounds? NO\nProtected by FPM? NO\nProtected by SED? NO\n===============================================================================\n DETAILED INFORMATION\n\nI. DESCRIPTION (From cve.mitre.org)\n \n CVE-2013-0169\n The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as\n used in OpenSSL, OpenJDK, PolarSSL, and other products, do not\n properly consider timing side-channel attacks on a MAC check \n requirement during the processing of malformed CBC padding, which \n allows remote attackers to conduct distinguishing attacks and \n plaintext-recovery attacks via statistical analysis of timing data\n for crafted packets, aka the \"Lucky Thirteen\" issue. \n\n CVE-2013-0166\n OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d \n does not properly perform signature verification for OCSP responses,\n which allows remote attackers to cause a denial of service (NULL \n pointer dereference and application crash) via an invalid key. \n\n Please see the following for more information:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166\n\nII. CVSS\n\n CVE-2013-0169\n| CVSS Base Score: 4.3\n CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/81902 for the\n current score\n CVSS Environmental Score*: Undefined\n| CVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2013-0166\n CVSS Base Score: 5.0\n CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/81904 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\nIII. PLATFORM VULNERABILITY ASSESSMENT\n\n To determine if your system is vulnerable, execute the following\n command:\n\n lslpp -L openssl.base\n\n On VIO Server:\n\n oem_setup_env\n lslpp -L openssl.base\n\n The following fileset levels are vulnerable:\n\n AIX 7.1, 6.1, 5.3: all versions less than or equal 0.9.8.2400\n AIX 7.1, 6.1, 5.3: FIPS capable versions less than or equal 12.9.8.2400\n VIOS 2.X: all versions less than or equal 0.9.8.2400\n\n IMPORTANT: If AIX OpenSSH is in use, it must be updated to version\n OpenSSH 6.0 or later, depending on the OpenSSL version according to\n following compatibility matrix:\n\n AIX OpenSSL OpenSSH\n ------------------------------------------------------------------\n 5.3,6.1,7.1 OpenSSL 0.9.8.25xx OpenSSH 6.0.0.61xx\n (Available)\n\n 5.3,6.1,7.1 OpenSSL-fips 12.9.8.25xx OpenSSH 6.0.0.61xx \n| (Available)\n\n VIOS OpenSSL OpenSSH\n ------------------------------------------------------------------\n 2.X OpenSSL 0.9.8.25xx OpenSSH 6.0.0.61xx\n (Available)\n\n AIX OpenSSH can be downloaded from:\n\n OpenSSH 6.0:\n http://sourceforge.net/projects/openssh-aix\n OpenSSH 6.0.0.61xx\n https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\n\nIV. FIXES\n\n A fix is available, and it can be downloaded from:\n\n https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\n\n To extract the fixes from the tar file:\n\n zcat openssl-0.9.8.2500.tar.Z | tar xvf -\n or\n zcat openssl-fips-12.9.8.2500.tar.Z | tar xvf -\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview the fix installation:\n\n installp -apYd . openssl\n\n To install the fix package:\n\n installp -aXYd . openssl\n\nV. WORKAROUNDS\n\n There are no workarounds.\n\nVI. CONTACT INFORMATION\n\n If you would like to receive AIX Security Advisories via email,\n please visit:\n\n http://www.ibm.com/systems/support\n\n and click on the \"My notifications\" link.\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team you can either:\n\n A. Send an email with \"get key\" in the subject line to:\n\n security-alert@austin.ibm.com\n\n B. Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pgpkey.txt\n\n C. Download the key from a PGP Public Key Server. The key ID is:\n\n\t 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n eServer is a trademark of International Business Machines\n Corporation. IBM, AIX and pSeries are registered trademarks of\n International Business Machines Corporation. All other trademarks\n are property of their respective holders.\n\n\nVII. REFERENCES:\n\n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/81902\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/81904\n CVE-2013-0169: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169\n CVE-2013-0166: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166\n\n *The CVSS Environment Score is customer environment specific and will\n ultimately impact the Overall CVSS Score. Customers can evaluate the\n impact of this vulnerability in their environments by accessing the links\n in the Reference section of this Flash.\n\n Note: According to the Forum of Incident Response and Security Teams\n (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry\n open standard designed to convey vulnerability severity and help to\n determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES\n \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF\n MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE\n RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY\n VULNERABILITY.\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (AIX)\n\niEYEARECAAYFAlGvV/sACgkQ4fmd+Ci/qhLVQQCfaZYvgKSY8UCYj6RJPbMaXlb3\nAxgAn0+qF+xmWSKNT6+43X/h/usZa3Bl\n=q2Sm\n-----END PGP SIGNATURE-----\n", "edition": 4, "modified": "2013-06-05T10:22:29", "published": "2013-03-15T03:20:11", "id": "OPENSSL_ADVISORY5.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc", "title": "Multiple OpenSSL vulnerabilities", "type": "aix", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:38", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "\n\nA flaw in the OpenSSL handling of OCSP response\n\t verification could be exploited to cause a denial of\n\t service attack.\nOpenSSL has a weakness in the handling of CBC\n\t ciphersuites in SSL, TLS and DTLS. The weakness could reveal\n\t plaintext in a timing attack.\n\n", "edition": 4, "modified": "2016-08-09T00:00:00", "published": "2013-04-02T00:00:00", "id": "69BFC852-9BD0-11E2-A7BE-8C705AF55518", "href": "https://vuxml.freebsd.org/freebsd/69bfc852-9bd0-11e2-a7be-8c705af55518.html", "title": "FreeBSD -- OpenSSL multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:41", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-2686"], "description": "\nOpenSSL security team reports:\n\nA flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1\n\t and TLS 1.2 on AES-NI supporting platforms can be exploited in a\n\t DoS attack.\nA flaw in the OpenSSL handling of OCSP response verification can\n\t be exploited in a denial of service attack.\n\n", "edition": 4, "modified": "2013-02-05T00:00:00", "published": "2013-02-05T00:00:00", "id": "00B0D8CD-7097-11E2-98D9-003067C2616F", "href": "https://vuxml.freebsd.org/freebsd/00b0d8cd-7097-11e2-98d9-003067c2616f.html", "title": "OpenSSL -- TLS 1.1, 1.2 denial of service", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:12:28", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2621-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nFebruary 13, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-0166 CVE-2013-0169\nDebian Bug : 699889\n\nMultiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166\n\n OpenSSL does not properly perform signature verification for OCSP\n responses, which allows remote attackers to cause a denial of\n service via an invalid key.\n\nCVE-2013-0169\n\n A timing side channel attack has been found in CBC padding\n allowing an attacker to recover pieces of plaintext via statistical\n analysis of crafted packages, known as the "Lucky Thirteen" issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.9.8o-4squeeze14.\n\nFor the testing distribution (wheezy), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.1e-1.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2013-02-13T20:08:31", "published": "2013-02-13T20:08:31", "id": "DEBIAN:DSA-2621-1:52BC0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00026.html", "title": "[SECURITY] [DSA 2621-1] openssl security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:39:54", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-2686"], "description": "Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly \nhandled certain crafted CBC data when used with AES-NI. A remote attacker \ncould use this issue to cause OpenSSL to crash, resulting in a denial of \nservice. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. \n(CVE-2012-2686)\n\nStephen Henson discovered that OpenSSL incorrectly performed signature \nverification for OCSP responses. A remote attacker could use this issue to \ncause OpenSSL to crash, resulting in a denial of service. (CVE-2013-0166)\n\nNadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used \nin OpenSSL was vulnerable to a timing side-channel attack known as the \n\"Lucky Thirteen\" issue. A remote attacker could use this issue to perform \nplaintext-recovery attacks via analysis of timing data. (CVE-2013-0169)", "edition": 5, "modified": "2013-02-21T00:00:00", "published": "2013-02-21T00:00:00", "id": "USN-1732-1", "href": "https://ubuntu.com/security/notices/USN-1732-1", "title": "OpenSSL vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "slackware": [{"lastseen": "2019-05-30T07:36:56", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-2686"], "description": "New openssl packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37,\n14.0, and -current to fix security issues.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/openssl-1.0.1d-i486-1_slack14.0.txz: Upgraded.\n Make the decoding of SSLv3, TLS and DTLS CBC records constant time.\n This addresses the flaw in CBC record processing discovered by\n Nadhem Alfardan and Kenny Paterson. Details of this attack can be found\n at: http://www.isg.rhul.ac.uk/tls/\n Thanks go to Nadhem Alfardan and Kenny Paterson of the Information\n Security Group at Royal Holloway, University of London\n (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and\n Emilia Käsper for the initial patch.\n (CVE-2013-0169)\n [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]\n Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode\n ciphersuites which can be exploited in a denial of service attack.\n Thanks go to and to Adam Langley <agl@chromium.org> for discovering\n and detecting this bug and to Wolfgang Ettlinger\n <wolfgang.ettlinger@gmail.com> for independently discovering this issue.\n (CVE-2012-2686)\n [Adam Langley]\n Return an error when checking OCSP signatures when key is NULL.\n This fixes a DoS attack. (CVE-2013-0166)\n [Steve Henson]\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2686\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1d-i486-1_slack14.0.txz: Upgraded.\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-0.9.8y-i486-1_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-solibs-0.9.8y-i486-1_slack12.1.tgz\n\nUpdated packages for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8y-i486-1_slack12.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8y-i486-1_slack12.2.tgz\n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8y-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8y-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8y-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8y-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8y-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8y-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8y-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8y-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8y-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8y-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8y-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8y-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1d-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1d-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1d-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1d-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1d-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1d-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1d-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1d-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 packages:\n5193bca00070ccac309ea3384e67a657 openssl-0.9.8y-i486-1_slack12.1.tgz\n76fb6bede444b059e575777092c78575 openssl-solibs-0.9.8y-i486-1_slack12.1.tgz\n\nSlackware 12.2 packages:\n5a3167936ba69442a795ed62f1ec29b2 openssl-0.9.8y-i486-1_slack12.2.tgz\ned20f551e0912a5f708da9a3c4d7ac5e openssl-solibs-0.9.8y-i486-1_slack12.2.tgz\n\nSlackware 13.0 packages:\nf059432e11a6b17643e7b8f1d78c5ce3 openssl-0.9.8y-i486-1_slack13.0.txz\n46c623b2e58053d308b3d9eb735be26b openssl-solibs-0.9.8y-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n4fb6f07f85ec4ea26cc67d8b1c037fa9 openssl-0.9.8y-x86_64-1_slack13.0.txz\n55bafd74f182806b1dcd076f31683743 openssl-solibs-0.9.8y-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n9713a64881622c63d0756ec9a5914980 openssl-0.9.8y-i486-1_slack13.1.txz\n5d8e3984389bd080bc37b9d1276c7a7d openssl-solibs-0.9.8y-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n821c76387f3ffa388af9e5bf81185758 openssl-0.9.8y-x86_64-1_slack13.1.txz\nb6d525a53b4cda641166f19ee70a9650 openssl-solibs-0.9.8y-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n5195be05b85f5eb2bd4bf9ebf0a73ff9 openssl-0.9.8y-i486-1_slack13.37.txz\n5248a839148fa91de52361335dc051f5 openssl-solibs-0.9.8y-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n15e13676d0def5f0dac1e7a4704e0016 openssl-0.9.8y-x86_64-1_slack13.37.txz\nd4e5bd308d2e918c6bd7616343370c49 openssl-solibs-0.9.8y-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n736ca80a05b57a6f9bf2821405757466 openssl-1.0.1d-i486-1_slack14.0.txz\n32aba4ad2fb26b5fb38fc4e5016dbc0f openssl-solibs-1.0.1d-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n8c227f3b54e4650971e965d64d99713b openssl-1.0.1d-x86_64-1_slack14.0.txz\n6dbd931a3718de68d42f20db99c4f578 openssl-solibs-1.0.1d-x86_64-1_slack14.0.txz\n\nSlackware -current packages:\n9a8de5df0464c0c9e2032edba2ffbd61 a/openssl-solibs-1.0.1d-i486-1.txz\nb4a36988d1c355041d2179d5f7190c92 n/openssl-1.0.1d-i486-1.txz\n\nSlackware x86_64 -current packages:\n35e1b575b406bc8a646f620467d4a27d a/openssl-solibs-1.0.1d-x86_64-1.txz\n063e0baf782651bdcab8c56f30df651d n/openssl-1.0.1d-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-1.0.1d-i486-1_slack14.0.txz openssl-solibs-1.0.1d-i486-1_slack14.0.txz", "modified": "2013-02-09T15:03:57", "published": "2013-02-09T15:03:57", "id": "SSA-2013-040-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.839296", "type": "slackware", "title": "openssl", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "[1.0.0-27.2]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)", "edition": 4, "modified": "2013-03-04T00:00:00", "published": "2013-03-04T00:00:00", "id": "ELSA-2013-0587", "href": "http://linux.oracle.com/errata/ELSA-2013-0587.html", "title": "openssl security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:11", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2012-2333", "CVE-2006-3738", "CVE-2009-1379", "CVE-2006-2940", "CVE-2006-2937", "CVE-2007-4995", "CVE-2011-4108", "CVE-2009-1377", "CVE-2013-0169", "CVE-2015-0286", "CVE-2013-6449", "CVE-2006-4343", "CVE-2003-0544", "CVE-2007-3108", "CVE-2003-0543", "CVE-2011-4576", "CVE-2003-0545", "CVE-2005-2946", "CVE-2005-2969", "CVE-2006-4339", "CVE-2004-0112", "CVE-2015-0288", "CVE-2009-4355", "CVE-2012-1165", "CVE-2011-4577", "CVE-2014-0224", "CVE-2010-0742", "CVE-2008-0891", "CVE-2004-0975", "CVE-2011-4619", "CVE-2003-0131", "CVE-2004-0079", "CVE-2007-5135", "CVE-2011-0014", "CVE-2009-1378", "CVE-2014-3470", "CVE-2012-4929", "CVE-2013-6450", "CVE-2012-0050", "CVE-2009-3555", "CVE-2010-1633", "CVE-2015-0293", "CVE-2010-5298", "CVE-2014-0160", "CVE-2013-4353", "CVE-2008-1672", "CVE-2014-0195", "CVE-2014-0198", "CVE-2015-0209", "CVE-2012-2110", "CVE-2012-0884", "CVE-2010-3864", "CVE-2005-0109", "CVE-2015-0287", "CVE-2011-3207", "CVE-2015-0289", "CVE-2015-0292", "CVE-2003-0078", "CVE-2003-0147", "CVE-2014-0221"], "description": "[1.0.1m-2.0.1]\n- update to upstream 1.0.1m\n- update to fips canister 2.0.9\n- regenerated below patches\n openssl-1.0.1-beta2-rpmbuild.patch\n openssl-1.0.1m-rhcompat.patch\n openssl-1.0.1m-ecc-suiteb.patch\n openssl-1.0.1m-fips-mode.patch\n openssl-1.0.1m-version.patch\n openssl-1.0.1m-evp-devel.patch\n[1.0.1j-2.0.4]\n- [Orabug 20182267] The openssl-fips-devel package should Provide:\n openssl-devel and openssl-devel(x86-64) like the standard -devel\n package\n- The openssl-fips-devel package should include fips.h and fips_rand.h\n for apps that want to build against FIPS* APIs\n[1.0.1j-2.0.3]\n- [Orabug 20086847] reintroduce patch openssl-1.0.1e-ecc-suiteb.patch,\n update ec_curve.c which gets copied into build tree to match the patch\n (ie only have curves which are advertised). The change items from the\n orignal patch are as follows:\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1j-2.0.2]\n- update README.FIPS with step-by-step install instructions\n[1.0.1j-2.0.1]\n- update to upstream 1.0.1j\n- change name to openssl-fips\n- change Obsoletes: openssl to Conflicts: openssl\n- add Provides: openssl\n[1.0.1i-2.0.3.fips]\n- update to fips canister 2.0.8 to remove Dual EC DRBG\n- run gcc -v so the gcc build version is captured in the build log\n[1.0.1i-2.0.2.fips]\n- flip EVP_CIPH_* flag bits for compatibility with original RH patched pkg\n[1.0.1i-2.0.1.fips]\n- build against upstream 1.0.1i\n- build against fips validated canister 2.0.7\n- add patch to support fips=1\n- rename pkg to openssl-fips and Obsolete openssl\n[1.0.1e-16.14]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-16.7]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-16.4]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-16.3]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-16.2]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-16.1]\n- add back some no-op symbols that were inadvertently dropped\n[1.0.1e-16]\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1e-15]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n[1.0.1e-14]\n- installation of dracut-fips marks that the FIPS module is installed\n[1.0.1e-13]\n- avoid dlopening libssl.so from libcrypto\n[1.0.1e-12]\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-11]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n[1.0.1e-9]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-8]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-7]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-6]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-5]\n- use _prefix macro\n[1.0.1e-4]\n- add relro linking flag\n[1.0.1e-2]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-1]\n- rebase to the 1.0.1e upstream version\n[1.0.0-28]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)\n[1.0.0-27]\n- fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645)\n- drop superfluous lib64 fixup in pkgconfig .pc files (#770872)\n- force BIO_accept_new(*:\n) to listen on IPv4\n[1.0.0-26]\n- use PKCS#8 when writing private keys in FIPS mode as the old\n PEM encryption mode is not FIPS compatible (#812348)\n[1.0.0-25]\n- fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n- properly initialize tkeylen in the CVE-2012-0884 fix\n[1.0.0-24]\n- fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)\n[1.0.0-23]\n- fix problem with the SGC restart patch that might terminate handshake\n incorrectly\n- fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n- fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n[1.0.0-22]\n- fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes\n[1.0.0-21]\n- fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery\n vulnerability and additional DTLS fixes (#771770)\n- fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n- fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778)\n- fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n[1.0.0-20]\n- fix x86cpuid.pl - patch by Paolo Bonzini\n[1.0.0-19]\n- add known answer test for SHA2 algorithms\n[1.0.0-18]\n- fix missing initialization of a variable in the CHIL engine (#740188)\n[1.0.0-17]\n- initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207\n (#736087)\n[1.0.0-16]\n- merge the optimizations for AES-NI, SHA1, and RC4 from the intelx\n engine to the internal implementations\n[1.0.0-15]\n- better documentation of the available digests in apps (#693858)\n- backported CHIL engine fixes (#693863)\n- allow testing build without downstream patches (#708511)\n- enable partial RELRO when linking (#723994)\n- add intelx engine with improved performance on new Intel CPUs\n- add OPENSSL_DISABLE_AES_NI environment variable which disables\n the AES-NI support (does not affect the intelx engine)\n[1.0.0-14]\n- use the AES-NI engine in the FIPS mode\n[1.0.0-11]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document\n[1.0.0-8]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0-7]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers (#619762)\n[1.0.0-6]\n- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864\n (#649304)\n[1.0.0-5]\n- fix race in extension parsing code - CVE-2010-3864 (#649304)\n[1.0.0-4]\n- openssl man page fix (#609484)\n[1.0.0-3]\n- fix wrong ASN.1 definition of OriginatorInfo - CVE-2010-0742 (#598738)\n- fix information leak in rsa_verify_recover - CVE-2010-1633 (#598732)\n[1.0.0-2]\n- make CA dir readable - the private keys are in private subdir (#584810)\n- a few fixes from upstream CVS\n- make X509_NAME_hash_old work in FIPS mode (#568395)\n[1.0.0-1]\n- update to final 1.0.0 upstream release\n[1.0.0-0.22.beta5]\n- make TLS work in the FIPS mode\n[1.0.0-0.21.beta5]\n- gracefully handle zero length in assembler implementations of\n OPENSSL_cleanse (#564029)\n- do not fail in s_server if client hostname not resolvable (#561260)\n[1.0.0-0.20.beta5]\n- new upstream release\n[1.0.0-0.19.beta4]\n- fix CVE-2009-4355 - leak in applications incorrectly calling\n CRYPTO_free_all_ex_data() before application exit (#546707)\n- upstream fix for future TLS protocol version handling\n[1.0.0-0.18.beta4]\n- add support for Intel AES-NI\n[1.0.0-0.17.beta4]\n- upstream fix compression handling on session resumption\n- various null checks and other small fixes from upstream\n- upstream changes for the renegotiation info according to the latest draft\n[1.0.0-0.16.beta4]\n- fix non-fips mingw build (patch by Kalev Lember)\n- add IPV6 fix for DTLS\n[1.0.0-0.15.beta4]\n- add better error reporting for the unsafe renegotiation\n[1.0.0-0.14.beta4]\n- fix build on s390x\n[1.0.0-0.13.beta4]\n- disable enforcement of the renegotiation extension on the client (#537962)\n- add fixes from the current upstream snapshot\n[1.0.0-0.12.beta4]\n- keep the beta status in version number at 3 so we do not have to rebuild\n openssh and possibly other dependencies with too strict version check\n[1.0.0-0.11.beta4]\n- update to new upstream version, no soname bump needed\n- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used\n so the compatibility with unfixed clients is not broken. The\n protocol extension is also not final.\n[1.0.0-0.10.beta3]\n- fix use of freed memory if SSL_CTX_free() is called before\n SSL_free() (#521342)\n[1.0.0-0.9.beta3]\n- fix typo in DTLS1 code (#527015)\n- fix leak in error handling of d2i_SSL_SESSION()\n[1.0.0-0.8.beta3]\n- fix RSA and DSA FIPS selftests\n- reenable fixed x86_64 camellia assembler code (#521127)\n[1.0.0-0.7.beta3]\n- temporarily disable x86_64 camellia assembler code (#521127)\n[1.0.0-0.6.beta3]\n- fix openssl dgst -dss1 (#520152)\n[1.0.0-0.5.beta3]\n- drop the compat symlink hacks\n[1.0.0-0.4.beta3]\n- constify SSL_CIPHER_description()\n[1.0.0-0.3.beta3]\n- fix WWW:Curl:Easy reference in tsget\n[1.0.0-0.2.beta3]\n- enable MD-2\n[1.0.0-0.1.beta3]\n- update to new major upstream release\n[0.9.8k-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Wed Jul 22 2009 Bill Nottingham \n- do not build special 'optimized' versions for i686, as that's the base\n arch in Fedora now\n[0.9.8k-6]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n- make CA dir absolute path (#445344)\n- change default length for RSA key generation to 2048 (#484101)\n[0.9.8k-5]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8k-4]\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n[0.9.8k-3]\n- correct the SHLIB_VERSION define\n[0.9.8k-2]\n- add support for multiple CRLs with same subject\n- load only dynamic engine support in FIPS mode\n[0.9.8k-1]\n- update to new upstream release (minor bug fixes, security\n fixes and machine code optimizations only)\n[0.9.8j-10]\n- move libraries to /usr/lib (#239375)\n[0.9.8j-9]\n- add a static subpackage\n[0.9.8j-8]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n[0.9.8j-7]\n- must also verify checksum of libssl.so in the FIPS mode\n- obtain the seed for FIPS rng directly from the kernel device\n- drop the temporary symlinks\n[0.9.8j-6]\n- drop the temporary triggerpostun and symlinking in post\n- fix the pkgconfig files and drop the unnecessary buildrequires\n on pkgconfig as it is a rpmbuild dependency (#481419)\n[0.9.8j-5]\n- add temporary triggerpostun to reinstate the symlinks\n[0.9.8j-4]\n- no pairwise key tests in non-fips mode (#479817)\n[0.9.8j-3]\n- even more robust test for the temporary symlinks\n[0.9.8j-2]\n- try to ensure the temporary symlinks exist\n[0.9.8j-1]\n- new upstream version with necessary soname bump (#455753)\n- temporarily provide symlink to old soname to make it possible to rebuild\n the dependent packages in rawhide\n- add eap-fast support (#428181)\n- add possibility to disable zlib by setting\n- add fips mode support for testing purposes\n- do not null dereference on some invalid smime files\n- add buildrequires pkgconfig (#479493)\n[0.9.8g-11]\n- do not add tls extensions to server hello for SSLv3 either\n[0.9.8g-10]\n- move root CA bundle to ca-certificates package\n[0.9.8g-9]\n- fix CVE-2008-0891 - server name extension crash (#448492)\n- fix CVE-2008-1672 - server key exchange message omit crash (#448495)\n[0.9.8g-8]\n- super-H arch support\n- drop workaround for bug 199604 as it should be fixed in gcc-4.3\n[0.9.8g-7]\n- sparc handling\n[0.9.8g-6]\n- update to new root CA bundle from mozilla.org (r1.45)\n[0.9.8g-5]\n- Autorebuild for GCC 4.3\n[0.9.8g-4]\n- merge review fixes (#226220)\n- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846)\n[0.9.8g-3]\n- set default paths when no explicit paths are set (#418771)\n- do not add tls extensions to client hello for SSLv3 (#422081)\n[0.9.8g-2]\n- enable some new crypto algorithms and features\n- add some more important bug fixes from openssl CVS\n[0.9.8g-1]\n- update to latest upstream release, SONAME bumped to 7\n[0.9.8b-17]\n- update to new CA bundle from mozilla.org\n[0.9.8b-16]\n- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)\n- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)\n- add alpha sub-archs (#296031)\n[0.9.8b-15]\n- rebuild\n[0.9.8b-14]\n- use localhost in testsuite, hopefully fixes slow build in koji\n- CVE-2007-3108 - fix side channel attack on private keys (#250577)\n- make ssl session cache id matching strict (#233599)\n[0.9.8b-13]\n- allow building on ARM architectures (#245417)\n- use reference timestamps to prevent multilib conflicts (#218064)\n- -devel package must require pkgconfig (#241031)\n[0.9.8b-12]\n- detect duplicates in add_dir properly (#206346)\n[0.9.8b-11]\n- the previous change still didn't make X509_NAME_cmp transitive\n[0.9.8b-10]\n- make X509_NAME_cmp transitive otherwise certificate lookup\n is broken (#216050)\n[0.9.8b-9]\n- aliasing bug in engine loading, patch by IBM (#213216)\n[0.9.8b-8]\n- CVE-2006-2940 fix was incorrect (#208744)\n[0.9.8b-7]\n- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n- fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n- fix CVE-2006-4343 - sslv2 client DoS (#206940)\n[0.9.8b-6]\n- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n[0.9.8b-5]\n- set buffering to none on stdio/stdout FILE when bufsize is set (#200580)\n patch by IBM\n[0.9.8b-4.1]\n- rebuild with new binutils (#200330)\n[0.9.8b-4]\n- add a temporary workaround for sha512 test failure on s390 (#199604)\n* Thu Jul 20 2006 Tomas Mraz \n- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737)\n- add patches for BN threadsafety, AES cache collision attack hazard fix and\n pkcs7 code memleak fix from upstream CVS\n[0.9.8b-3.1]\n- rebuild\n[0.9.8b-3]\n- dropped libica and ica engine from build\n* Wed Jun 21 2006 Joe Orton \n- update to new CA bundle from mozilla.org; adds CA certificates\n from netlock.hu and startcom.org\n[0.9.8b-2]\n- fixed a few rpmlint warnings\n- better fix for #173399 from upstream\n- upstream fix for pkcs12\n[0.9.8b-1]\n- upgrade to new version, stays ABI compatible\n- there is no more linux/config.h (it was empty anyway)\n[0.9.8a-6]\n- fix stale open handles in libica (#177155)\n- fix build if 'rand' or 'passwd' in buildroot path (#178782)\n- initialize VIA Padlock engine (#186857)\n[0.9.8a-5.2]\n- bump again for double-long bug on ppc(64)\n[0.9.8a-5.1]\n- rebuilt for new gcc4.1 snapshot and glibc changes\n[0.9.8a-5]\n- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n in SSL_OP_ALL (#175779)\n* Fri Dec 09 2005 Jesse Keating \n- rebuilt\n[0.9.8a-4]\n- fix build (-lcrypto was erroneusly dropped) of the updated libica\n- updated ICA engine to 1.3.6-rc3\n[0.9.8a-3]\n- disable builtin compression methods for now until they work\n properly (#173399)\n[0.9.8a-2]\n- don't set -rpath for openssl binary\n[0.9.8a-1]\n- new upstream version\n- patches partially renumbered\n[0.9.7f-11]\n- updated IBM ICA engine library and patch to latest upstream version\n[0.9.7f-10]\n- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which\n disables the countermeasure against man in the middle attack in SSLv2\n (#169863)\n- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)\n[0.9.7f-9]\n- add *.so.soversion as symlinks in /lib (#165264)\n- remove unpackaged symlinks (#159595)\n- fixes from upstream (constant time fixes for DSA,\n bn assembler div on ppc arch, initialize memory on realloc)\n[0.9.7f-8]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7f-7]\n- fix CAN-2005-0109 - use constant time/memory access mod_exp\n so bits of private key aren't leaked by cache eviction (#157631)\n- a few more fixes from upstream 0.9.7g\n[0.9.7f-6]\n- use poll instead of select in rand (#128285)\n- fix Makefile.certificate to point to /etc/pki/tls\n- change the default string mask in ASN1 to PrintableString+UTF8String\n[0.9.7f-5]\n- update to revision 1.37 of Mozilla CA bundle\n[0.9.7f-4]\n- move certificates to _sysconfdir/pki/tls (#143392)\n- move CA directories to _sysconfdir/pki/CA\n- patch the CA script and the default config so it points to the\n CA directories\n[0.9.7f-3]\n- uninitialized variable mustn't be used as input in inline\n assembly\n- reenable the x86_64 assembly again\n[0.9.7f-2]\n- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken\n- disable broken bignum assembly on x86_64\n[0.9.7f-1]\n- reenable optimizations on ppc64 and assembly code on ia64\n- upgrade to new upstream version (no soname bump needed)\n- disable thread test - it was testing the backport of the\n RSA blinding - no longer needed\n- added support for changing serial number to\n Makefile.certificate (#151188)\n- make ca-bundle.crt a config file (#118903)\n[0.9.7e-3]\n- libcrypto shouldn't depend on libkrb5 (#135961)\n[0.9.7e-2]\n- rebuild\n[0.9.7e-1]\n- new upstream source, updated patches\n- added patch so we are hopefully ABI compatible with upcoming\n 0.9.7f\n* Thu Feb 10 2005 Tomas Mraz \n- Support UTF-8 charset in the Makefile.certificate (#134944)\n- Added cmp to BuildPrereq\n[0.9.7a-46]\n- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32)\n[0.9.7a-45]\n- Fixed and updated libica-1.3.4-urandom.patch patch (#122967)\n[0.9.7a-44]\n- rebuild\n[0.9.7a-43]\n- rebuild\n[0.9.7a-42]\n- rebuild\n[0.9.7a-41]\n- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040)\n[0.9.7a-40]\n- Include latest libica version with important bugfixes\n* Tue Jun 15 2004 Elliot Lee \n- rebuilt\n[0.9.7a-38]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7a-37]\n- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik)\n[0.9.7a-36]\n- handle %{_arch}=i486/i586/i686/athlon cases in the intermediate\n header (#124303)\n[0.9.7a-35]\n- add security fixes for CAN-2004-0079, CAN-2004-0112\n* Tue Mar 16 2004 Phil Knirsch \n- Fixed libica filespec.\n[0.9.7a-34]\n- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix\n the intermediate header\n[0.9.7a-33]\n- add an intermediate \n which points to the right\n arch-specific opensslconf.h on multilib arches\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[0.9.7a-32]\n- Updated libica to latest upstream version 1.3.5.\n[0.9.7a-31]\n- Update ICA crypto engine patch from IBM to latest version.\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[0.9.7a-29]\n- rebuilt\n[0.9.7a-28]\n- Fixed libica build.\n* Wed Feb 04 2004 Nalin Dahyabhai \n- add '-ldl' to link flags added for Linux-on-ARM (#99313)\n[0.9.7a-27]\n- updated ca-bundle.crt: removed expired GeoTrust roots, added\n freessl.com root, removed trustcenter.de Class 0 root\n[0.9.7a-26]\n- Fix link line for libssl (bug #111154).\n[0.9.7a-25]\n- add dependency on zlib-devel for the -devel package, which depends on zlib\n symbols because we enable zlib for libssl (#102962)\n[0.9.7a-24]\n- Use /dev/urandom instead of PRNG for libica.\n- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c\n- Use latest ICA engine patch from IBM.\n[0.9.7a-22.1]\n- rebuild\n[0.9.7a-22]\n- rebuild (22 wasn't actually built, fun eh?)\n[0.9.7a-23]\n- re-disable optimizations on ppc64\n* Tue Sep 30 2003 Joe Orton \n- add a_mbstr.c fix for 64-bit platforms from CVS\n[0.9.7a-22]\n- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged\n as not needing executable stacks\n[0.9.7a-21]\n- rebuild\n* Thu Sep 25 2003 Nalin Dahyabhai \n- re-enable optimizations on ppc64\n* Thu Sep 25 2003 Nalin Dahyabhai \n- remove exclusivearch\n[0.9.7a-20]\n- only parse a client cert if one was requested\n- temporarily exclusivearch for %{ix86}\n* Tue Sep 23 2003 Nalin Dahyabhai \n- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544)\n and heap corruption (CAN-2003-0545)\n- update RHNS-CA-CERT files\n- ease back on the number of threads used in the threading test\n[0.9.7a-19]\n- rebuild to fix gzipped file md5sums (#91211)\n[0.9.7a-18]\n- Updated libica to version 1.3.4.\n[0.9.7a-17]\n- rebuild\n[0.9.7a-10.9]\n- free the kssl_ctx structure when we free an SSL structure (#99066)\n[0.9.7a-16]\n- rebuild\n[0.9.7a-15]\n- lower thread test count on s390x\n[0.9.7a-14]\n- rebuild\n[0.9.7a-13]\n- disable assembly on arches where it seems to conflict with threading\n[0.9.7a-12]\n- Updated libica to latest upstream version 1.3.0\n[0.9.7a-9.9]\n- rebuild\n[0.9.7a-11]\n- rebuild\n[0.9.7a-10]\n- ubsec: don't stomp on output data which might also be input data\n[0.9.7a-9]\n- temporarily disable optimizations on ppc64\n* Mon Jun 09 2003 Nalin Dahyabhai \n- backport fix for engine-used-for-everything from 0.9.7b\n- backport fix for prng not being seeded causing problems, also from 0.9.7b\n- add a check at build-time to ensure that RSA is thread-safe\n- keep perlpath from stomping on the libica configure scripts\n* Fri Jun 06 2003 Nalin Dahyabhai \n- thread-safety fix for RSA blinding\n[0.9.7a-8]\n- rebuilt\n[0.9.7a-7]\n- Added libica-1.2 to openssl (featurerequest).\n[0.9.7a-6]\n- fix building with incorrect flags on ppc64\n[0.9.7a-5]\n- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's\n attack (CAN-2003-0131)\n[ 0.9.7a-4]\n- add patch to enable RSA blinding by default, closing a timing attack\n (CAN-2003-0147)\n[0.9.7a-3]\n- disable use of BN assembly module on x86_64, but continue to allow inline\n assembly (#83403)\n[0.9.7a-2]\n- disable EC algorithms\n[0.9.7a-1]\n- update to 0.9.7a\n[0.9.7-8]\n- add fix to guard against attempts to allocate negative amounts of memory\n- add patch for CAN-2003-0078, fixing a timing attack\n[0.9.7-7]\n- Add openssl-ppc64.patch\n[0.9.7-6]\n- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(),\n to get the right behavior when passed uninitialized context structures\n (#83766)\n- build with -mcpu=ev5 on alpha family (#83828)\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[0.9.7-4]\n- Added IBM hw crypto support patch.\n* Wed Jan 15 2003 Nalin Dahyabhai \n- add missing builddep on sed\n[0.9.7-3]\n- debloat\n- fix broken manpage symlinks\n[0.9.7-2]\n- fix double-free in 'openssl ca'\n[0.9.7-1]\n- update to 0.9.7 final\n[0.9.7-0]\n- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n* Wed Dec 11 2002 Nalin Dahyabhai \n- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n[0.9.6b-30]\n- add configuration stanza for x86_64 and use it on x86_64\n- build for linux-ppc on ppc\n- start running the self-tests again\n[0.9.6b-29hammer.3]\n- Merge fixes from previous hammer packages, including general x86-64 and\n multilib\n[0.9.6b-29]\n- rebuild\n[0.9.6b-28]\n- update asn patch to fix accidental reversal of a logic check\n[0.9.6b-27]\n- update asn patch to reduce chance that compiler optimization will remove\n one of the added tests\n[0.9.6b-26]\n- rebuild\n[0.9.6b-25]\n- add patch to fix ASN.1 vulnerabilities\n[0.9.6b-24]\n- add backport of Ben Laurie's patches for OpenSSL 0.9.6d\n[0.9.6b-23]\n- own {_datadir}/ssl/misc\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[0.9.6b-20]\n- free ride through the build system (whee!)\n[0.9.6b-19]\n- rebuild in new environment\n[0.9.6b-17, 0.9.6b-18]\n- merge RHL-specific bits into stronghold package, rename\n[stronghold-0.9.6c-2]\n- add support for Chrysalis Luna token\n* Tue Mar 26 2002 Gary Benson \n- disable AEP random number generation, other AEP fixes\n[0.9.6b-15]\n- only build subpackages on primary arches\n[0.9.6b-13]\n- on ia32, only disable use of assembler on i386\n- enable assembly on ia64\n[0.9.6b-11]\n- fix sparcv9 entry\n[stronghold-0.9.6c-1]\n- upgrade to 0.9.6c\n- bump BuildArch to i686 and enable assembler on all platforms\n- synchronise with shrimpy and rawhide\n- bump soversion to 3\n* Wed Oct 10 2001 Florian La Roche \n- delete BN_LLONG for s390x, patch from Oliver Paukstadt\n[0.9.6b-9]\n- update AEP driver patch\n* Mon Sep 10 2001 Nalin Dahyabhai \n- adjust RNG disabling patch to match version of patch from Broadcom\n[0.9.6b-8]\n- disable the RNG in the ubsec engine driver\n[0.9.6b-7]\n- tweaks to the ubsec engine driver\n[0.9.6b-6]\n- tweaks to the ubsec engine driver\n[0.9.6b-5]\n- update ubsec engine driver from Broadcom\n[0.9.6b-4]\n- move man pages back to %{_mandir}/man?/foo.?ssl from\n %{_mandir}/man?ssl/foo.?\n- add an [ engine ] section to the default configuration file\n* Thu Aug 09 2001 Nalin Dahyabhai \n- add a patch for selecting a default engine in SSL_library_init()\n[0.9.6b-3]\n- add patches for AEP hardware support\n- add patch to keep trying when we fail to load a cert from a file and\n there are more in the file\n- add missing prototype for ENGINE_ubsec() in engine_int.h\n[0.9.6b-2]\n- actually add hw_ubsec to the engine list\n* Tue Jul 17 2001 Nalin Dahyabhai \n- add in the hw_ubsec driver from CVS\n[0.9.6b-1]\n- update to 0.9.6b\n* Thu Jul 05 2001 Nalin Dahyabhai \n- move .so symlinks back to %{_libdir}\n* Tue Jul 03 2001 Nalin Dahyabhai \n- move shared libraries to /lib (#38410)\n* Mon Jun 25 2001 Nalin Dahyabhai \n- switch to engine code base\n* Mon Jun 18 2001 Nalin Dahyabhai \n- add a script for creating dummy certificates\n- move man pages from %{_mandir}/man?/foo.?ssl to %{_mandir}/man?ssl/foo.?\n* Thu Jun 07 2001 Florian La Roche \n- add s390x support\n* Fri Jun 01 2001 Nalin Dahyabhai \n- change two memcpy() calls to memmove()\n- don't define L_ENDIAN on alpha\n[stronghold-0.9.6a-1]\n- Add 'stronghold-' prefix to package names.\n- Obsolete standard openssl packages.\n* Wed May 16 2001 Joe Orton \n- Add BuildArch: i586 as per Nalin's advice.\n* Tue May 15 2001 Joe Orton \n- Enable assembler on ix86 (using new .tar.bz2 which does\n include the asm directories).\n* Tue May 15 2001 Nalin Dahyabhai \n- make subpackages depend on the main package\n* Tue May 01 2001 Nalin Dahyabhai \n- adjust the hobble script to not disturb symlinks in include/ (fix from\n Joe Orton)\n* Fri Apr 27 2001 Nalin Dahyabhai \n- drop the m2crypo patch we weren't using\n* Tue Apr 24 2001 Nalin Dahyabhai \n- configure using 'shared' as well\n* Sun Apr 08 2001 Nalin Dahyabhai \n- update to 0.9.6a\n- use the build-shared target to build shared libraries\n- bump the soversion to 2 because we're no longer compatible with\n our 0.9.5a packages or our 0.9.6 packages\n- drop the patch for making rsatest a no-op when rsa null support is used\n- put all man pages into \nssl instead of \n- break the m2crypto modules into a separate package\n* Tue Mar 13 2001 Nalin Dahyabhai \n- use BN_LLONG on s390\n* Mon Mar 12 2001 Nalin Dahyabhai \n- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)\n* Sat Mar 03 2001 Nalin Dahyabhai \n- move c_rehash to the perl subpackage, because it's a perl script now\n* Fri Mar 02 2001 Nalin Dahyabhai \n- update to 0.9.6\n- enable MD2\n- use the libcrypto.so and libssl.so targets to build shared libs with\n- bump the soversion to 1 because we're no longer compatible with any of\n the various 0.9.5a packages circulating around, which provide lib*.so.0\n* Wed Feb 28 2001 Florian La Roche \n- change hobble-openssl for disabling MD2 again\n* Tue Feb 27 2001 Nalin Dahyabhai \n- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152\n bytes or so, causing EVP_DigestInit() to zero out stack variables in\n apps built against a version of the library without it\n* Mon Feb 26 2001 Nalin Dahyabhai \n- disable some inline assembly, which on x86 is Pentium-specific\n- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)\n* Thu Feb 08 2001 Florian La Roche \n- fix s390 patch\n* Fri Dec 08 2000 Than Ngo \n- added support s390\n* Mon Nov 20 2000 Nalin Dahyabhai \n- remove -Wa,* and -m* compiler flags from the default Configure file (#20656)\n- add the CA.pl man page to the perl subpackage\n* Thu Nov 02 2000 Nalin Dahyabhai \n- always build with -mcpu=ev5 on alpha\n* Tue Oct 31 2000 Nalin Dahyabhai \n- add a symlink from cert.pem to ca-bundle.crt\n* Wed Oct 25 2000 Nalin Dahyabhai \n- add a ca-bundle file for packages like Samba to reference for CA certificates\n* Tue Oct 24 2000 Nalin Dahyabhai \n- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)\n* Mon Oct 02 2000 Nalin Dahyabhai \n- add unzip as a buildprereq (#17662)\n- update m2crypto to 0.05-snap4\n* Tue Sep 26 2000 Bill Nottingham \n- fix some issues in building when it's not installed\n* Wed Sep 06 2000 Nalin Dahyabhai \n- make sure the headers we include are the ones we built with (aaaaarrgh!)\n* Fri Sep 01 2000 Nalin Dahyabhai \n- add Richard Henderson's patch for BN on ia64\n- clean up the changelog\n* Tue Aug 29 2000 Nalin Dahyabhai \n- fix the building of python modules without openssl-devel already installed\n* Wed Aug 23 2000 Nalin Dahyabhai \n- byte-compile python extensions without the build-root\n- adjust the makefile to not remove temporary files (like .key files when\n building .csr files) by marking them as .PRECIOUS\n* Sat Aug 19 2000 Nalin Dahyabhai \n- break out python extensions into a subpackage\n* Mon Jul 17 2000 Nalin Dahyabhai \n- tweak the makefile some more\n* Tue Jul 11 2000 Nalin Dahyabhai \n- disable MD2 support\n* Thu Jul 06 2000 Nalin Dahyabhai \n- disable MDC2 support\n* Sun Jul 02 2000 Nalin Dahyabhai \n- tweak the disabling of RC5, IDEA support\n- tweak the makefile\n* Thu Jun 29 2000 Nalin Dahyabhai \n- strip binaries and libraries\n- rework certificate makefile to have the right parts for Apache\n* Wed Jun 28 2000 Nalin Dahyabhai \n- use %{_perl} instead of /usr/bin/perl\n- disable alpha until it passes its own test suite\n* Fri Jun 09 2000 Nalin Dahyabhai \n- move the passwd.1 man page out of the passwd package's way\n* Fri Jun 02 2000 Nalin Dahyabhai \n- update to 0.9.5a, modified for U.S.\n- add perl as a build-time requirement\n- move certificate makefile to another package\n- disable RC5, IDEA, RSA support\n- remove optimizations for now\n* Wed Mar 01 2000 Florian La Roche \n- Bero told me to move the Makefile into this package\n* Wed Mar 01 2000 Florian La Roche \n- add lib*.so symlinks to link dynamically against shared libs\n* Tue Feb 29 2000 Florian La Roche \n- update to 0.9.5\n- run ldconfig directly in post/postun\n- add FAQ\n* Sat Dec 18 1999 Bernhard Rosenkrdnzer \n- Fix build on non-x86 platforms\n* Fri Nov 12 1999 Bernhard Rosenkrdnzer \n- move /usr/share/ssl/* from -devel to main package\n* Tue Oct 26 1999 Bernhard Rosenkrdnzer \n- inital packaging\n- changes from base:\n - Move /usr/local/ssl to /usr/share/ssl for FHS compliance\n - handle RPM_OPT_FLAGS\nopenssl-1.0.1-beta2-rpmbuild.patch\nopenssl-0.9.8a-no-rpath.patch", "edition": 73, "modified": "2015-04-02T00:00:00", "published": "2015-04-02T00:00:00", "id": "ELSA-2015-3022", "href": "http://linux.oracle.com/errata/ELSA-2015-3022.html", "title": "openssl-fips security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:36:26", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "**Issue Overview:**\n\nIt was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. ([CVE-2013-0169 __](<https://access.redhat.com/security/cve/CVE-2013-0169>))\n\nA NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially-crafted response. ([CVE-2013-0166 __](<https://access.redhat.com/security/cve/CVE-2013-0166>))\n\nIt was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. ([CVE-2012-4929 __](<https://access.redhat.com/security/cve/CVE-2012-4929>))\n\nNote: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it.\n\n \n**Affected Packages:** \n\n\nopenssl\n\n \n**Issue Correction:** \nRun _yum update openssl_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n openssl-devel-1.0.0k-1.48.amzn1.i686 \n openssl-static-1.0.0k-1.48.amzn1.i686 \n openssl-1.0.0k-1.48.amzn1.i686 \n openssl-debuginfo-1.0.0k-1.48.amzn1.i686 \n openssl-perl-1.0.0k-1.48.amzn1.i686 \n \n src: \n openssl-1.0.0k-1.48.amzn1.src \n \n x86_64: \n openssl-debuginfo-1.0.0k-1.48.amzn1.x86_64 \n openssl-1.0.0k-1.48.amzn1.x86_64 \n openssl-devel-1.0.0k-1.48.amzn1.x86_64 \n openssl-perl-1.0.0k-1.48.amzn1.x86_64 \n openssl-static-1.0.0k-1.48.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2013-03-14T22:04:00", "published": "2013-03-14T22:04:00", "id": "ALAS-2013-171", "href": "https://alas.aws.amazon.com/ALAS-2013-171.html", "title": "Medium: openssl", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2020-10-30T13:20:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0587\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously enabled\nin OpenSSL by default. Applications using OpenSSL now need to explicitly\nenable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when used\nby a privileged (setuid or setgid) application. A local attacker could use\nthis flaw to escalate their privileges. No application shipped with Red Hat\nEnterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. For the update to take effect,\nall services linked to the OpenSSL library must be restarted, or the\nsystem rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031302.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031668.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-March/007019.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0587.html", "edition": 87, "modified": "2013-03-09T00:45:25", "published": "2013-03-04T22:46:45", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-March/007019.html", "id": "CESA-2013:0587", "title": "openssl security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2013-1619", "CVE-2013-1622", "CVE-2013-1621"], "description": "Timing attacks, DoS.", "edition": 1, "modified": "2013-03-02T00:00:00", "published": "2013-03-02T00:00:00", "id": "SECURITYVULNS:VULN:12887", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12887", "title": "OpenSSL / PolarSSL / GnuTLS security vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:49", "bulletinFamily": "software", "cvelist": ["CVE-2013-0166", "CVE-2013-1028", "CVE-2013-2266", "CVE-2012-4558", "CVE-2013-0169", "CVE-2013-1903", "CVE-2013-1643", "CVE-2013-2110", "CVE-2013-1026", "CVE-2012-2687", "CVE-2012-2686", "CVE-2012-0883", "CVE-2013-1032", "CVE-2013-1025", "CVE-2012-3817", "CVE-2013-2020", "CVE-2012-5688", "CVE-2013-1824", "CVE-2012-5166", "CVE-2013-1033", "CVE-2012-4244", "CVE-2013-1030", "CVE-2013-1901", "CVE-2013-1902", "CVE-2012-3499", "CVE-2013-1635", "CVE-2013-1029", "CVE-2013-1031", "CVE-2013-1900", "CVE-2013-2021", "CVE-2013-1899", "CVE-2013-1027"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update\r\n2013-004\r\n\r\nOS X Mountain Lion v10.8.5 and Security Update 2013-004 is now\r\navailable and addresses the following:\r\n\r\nApache\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Multiple vulnerabilities existed in Apache, the most\r\nserious of which may lead to cross-site scripting. These issues were\r\naddressed by updating Apache to version 2.2.24.\r\nCVE-ID\r\nCVE-2012-0883\r\nCVE-2012-2687\r\nCVE-2012-3499\r\nCVE-2012-4558\r\n\r\nBind\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in BIND\r\nDescription: Multiple vulnerabilities existed in BIND, the most\r\nserious of which may lead to a denial of service. These issues were\r\naddressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not\r\naffect Mac OS X v10.7 systems.\r\nCVE-ID\r\nCVE-2012-3817\r\nCVE-2012-4244\r\nCVE-2012-5166\r\nCVE-2012-5688\r\nCVE-2013-2266\r\n\r\nCertificate Trust Policy\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Root certificates have been updated\r\nDescription: Several certificates were added to or removed from the\r\nlist of system roots. The complete list of recognized system roots\r\nmay be viewed via the Keychain Access application.\r\n\r\nClamAV\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5\r\nImpact: Multiple vulnerabilities in ClamAV\r\nDescription: Multiple vulnerabilities exist in ClamAV, the most\r\nserious of which may lead to arbitrary code execution. This update\r\naddresses the issues by updating ClamAV to version 0.97.8.\r\nCVE-ID\r\nCVE-2013-2020\r\nCVE-2013-2021\r\n\r\nCoreGraphics\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JBIG2\r\nencoded data in PDF files. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-1025 : Felix Groebert of the Google Security Team\r\n\r\nImageIO\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JPEG2000\r\nencoded data in PDF files. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-1026 : Felix Groebert of the Google Security Team\r\n\r\nInstaller\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Packages could be opened after certificate revocation\r\nDescription: When Installer encountered a revoked certificate, it\r\nwould present a dialog with an option to continue. The issue was\r\naddressed by removing the dialog and refusing any revoked package.\r\nCVE-ID\r\nCVE-2013-1027\r\n\r\nIPSec\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: An attacker may intercept data protected with IPSec Hybrid\r\nAuth\r\nDescription: The DNS name of an IPSec Hybrid Auth server was not\r\nbeing matched against the certificate, allowing an attacker with a\r\ncertificate for any server to impersonate any other. This issue was\r\naddressed by properly checking the certificate.\r\nCVE-ID\r\nCVE-2013-1028 : Alexander Traud of www.traud.de\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: A local network user may cause a denial of service\r\nDescription: An incorrect check in the IGMP packet parsing code in\r\nthe kernel allowed a user who could send IGMP packets to the system\r\nto cause a kernel panic. The issue was addressed by removing the\r\ncheck.\r\nCVE-ID\r\nCVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC.\r\n\r\nMobile Device Management\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Passwords may be disclosed to other local users\r\nDescription: A password was passed on the command-line to mdmclient,\r\nwhich made it visible to other users on the same system. The issue\r\nwas addressed by communicating the password through a pipe.\r\nCVE-ID\r\nCVE-2013-1030 : Per Olofsson at the University of Gothenburg\r\n\r\nOpenSSL\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL, the most\r\nserious of which may lead to disclosure of user data. These issues\r\nwere addressed by updating OpenSSL to version 0.9.8y.\r\nCVE-ID\r\nCVE-2012-2686\r\nCVE-2013-0166\r\nCVE-2013-0169\r\n\r\nPHP\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: Multiple vulnerabilities existed in PHP, the most\r\nserious of which may lead to arbitrary code execution. These issues\r\nwere addressed by updating PHP to version 5.3.26.\r\nCVE-ID\r\nCVE-2013-1635\r\nCVE-2013-1643\r\nCVE-2013-1824\r\nCVE-2013-2110\r\n\r\nPostgreSQL\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in PostgreSQL\r\nDescription: Multiple vulnerabilities exist in PostgreSQL, the most\r\nserious of which may lead to data corruption or privilege escalation.\r\nThis update addresses the issues by updating PostgreSQL to version\r\n9.0.13.\r\nCVE-ID\r\nCVE-2013-1899\r\nCVE-2013-1900\r\nCVE-2013-1901\r\nCVE-2013-1902\r\nCVE-2013-1903\r\n\r\nPower Management\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: The screen saver may not start after the specified time\r\nperiod\r\nDescription: A power assertion lock issue existed. This issue was\r\naddressed through improved lock handling.\r\nCVE-ID\r\nCVE-2013-1031\r\n\r\nQuickTime\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\n'idsc' atoms in QuickTime movie files. This issue was addressed\r\nthrough additional bounds checking.\r\nCVE-ID\r\nCVE-2013-1032 : Jason Kratzer working with iDefense VCP\r\n\r\nScreen Lock\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: A user with screen sharing access may be able to bypass the\r\nscreen lock when another user is logged in\r\nDescription: A session management issue existed in the screen lock's\r\nhandling of screen sharing sessions. This issue was addressed through\r\nimproved session tracking.\r\nCVE-ID\r\nCVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq\r\n\r\nNote: OS X Mountain Lion v10.8.5 also addresses an issue where\r\ncertain Unicode strings could cause applications to unexpectedly\r\nterminate.\r\n\r\n\r\nOS X Mountain Lion v10.8.5 and Security Update 2013-004 may be\r\nobtained from the Software Update pane in System Preferences,\r\nor Apple's Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nOS X Mountain Lion v10.8.5, or Security Update\r\n2013-004.\r\n\r\nFor OS X Mountain Lion v10.8.4\r\nThe download file is named: OSXUpd10.8.5.dmg\r\nIts SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11\r\n\r\nFor OS X Mountain Lion v10.8 and v10.8.3\r\nThe download file is named: OSXUpdCombo10.8.5.dmg\r\nIts SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2\r\n\r\nFor OS X Lion v10.7.5\r\nThe download file is named: SecUpd2013-004.dmg\r\nIts SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0\r\n\r\nFor OS X Lion Server v10.7.5\r\nThe download file is named: SecUpdSrvr2013-004.dmg\r\nIts SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2013-004.dmg\r\nIts SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2013-004.dmg\r\nIts SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4\r\nQxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc\r\n+WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ\r\nbZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN\r\n1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3\r\nH9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ\r\nhDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ\r\n8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa\r\nV2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl\r\nytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I\r\nyoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn\r\nvBrJ5gm+nnyRe2TUMAwz\r\n=h9hc\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2013-10-03T00:00:00", "published": "2013-10-03T00:00:00", "id": "SECURITYVULNS:DOC:29893", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29893", "title": "APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "vmware": [{"lastseen": "2019-11-06T16:05:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0871", "CVE-2013-0268", "CVE-2013-0169", "CVE-2013-0338", "CVE-2013-2116"], "description": "a. vCenter Server and ESX userworld update for OpenSSL library \n\n\nThe userworld OpenSSL library is updated to version openssl-0.9.8y to resolve multiple security issues. \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0169 and CVE-2013-0166 to these issues. \n \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.\n", "edition": 4, "modified": "2014-01-16T00:00:00", "published": "2013-07-31T00:00:00", "id": "VMSA-2013-0009", "href": "https://www.vmware.com/security/advisories/VMSA-2013-0009.html", "title": "VMware vSphere, ESX and ESXi updates to third party libraries", "type": "vmware", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:04", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2012-2333", "CVE-2006-7250", "CVE-2013-0169", "CVE-2012-1165", "CVE-2012-2686", "CVE-2012-2110", "CVE-2012-0884", "CVE-2011-1945"], "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. \n\n### Description\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nRemote attackers can determine private keys, decrypt data, cause a Denial of Service or possibly have other unspecified impact. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll OpenSSL 1.0.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-1.0.0j\"\n \n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-0.9.8y\"", "edition": 1, "modified": "2015-06-06T00:00:00", "published": "2013-12-03T00:00:00", "id": "GLSA-201312-03", "href": "https://security.gentoo.org/glsa/201312-03", "type": "gentoo", "title": "OpenSSL: Multiple Vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2020-09-18T20:41:52", "bulletinFamily": "info", "cvelist": ["CVE-2010-3864", "CVE-2010-4180", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0884", "CVE-2012-2333", "CVE-2013-0166", "CVE-2013-0169"], "description": "### Overview \n\nFiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL (0.9.8o).\n\n### Description \n\nFiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier uses OpenSSL for SSL/TLS encryption. The version of OpenSSL that comes with the Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier is 0.9.8o that is out of date and known to be vulnerable. \n \n--- \n \n### Impact \n\nA remote attacker may be able to cause a denial of service or possibly run arbitrary code. \n \n--- \n \n### Solution \n\n**Apply an Update**\n\nApply patch 1-1IJ6ZK. The patch will upgrade OpenSSL to version 0.9.8x. Patch 1-1IJ6ZK can be obtained from [Xerox tech support](<http://www.support.xerox.com/support/docucolor-242-252-260/downloads/enus.html?associatedProduct=fiery-exp260&operatingSystem=win7x64>). \n \n--- \n \n**Restrict access** \n \nAs a general good security practice, only allow connections from trusted hosts and networks. \n \n--- \n \n### Vendor Information\n\n737740\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### EFI Affected\n\nNotified: December 18, 2012 Updated: March 18, 2013 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 6.9 | AV:A/AC:M/Au:N/C:P/I:P/A:C \nTemporal | 5.1 | E:U/RL:OF/RC:C \nEnvironmental | 1 | CDP:L/TD:L/CR:L/IR:L/AR:L \n \n \n\n\n### References \n\n * [http://www.support.xerox.com/support/docucolor-242-252-260/downloads/enus.html?associatedProduct=fiery-exp260&operatingSystem=win7x64](<http://www.support.xerox.com/support/docucolor-242-252-260/downloads/enus.html?associatedProduct=fiery-exp260&operatingSystem=win7x64>)\n * <https://www.openssl.org/news/vulnerabilities.html>\n * <http://w3.efi.com/Fiery>\n\n### Acknowledgements\n\nThanks to Curtis Rhodes for reporting this vulnerability.\n\nThis document was written by Jared Allar.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2013-0169](<http://web.nvd.nist.gov/vuln/detail/CVE-2013-0169>), [CVE-2013-0166](<http://web.nvd.nist.gov/vuln/detail/CVE-2013-0166>), [CVE-2012-2333](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-2333>), [CVE-2012-0884](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-0884>), [CVE-2011-4619](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-4619>), [CVE-2011-4577](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-4577>), [CVE-2011-4576](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-4576>), [CVE-2011-4109](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-4109>), [CVE-2011-4108](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-4108>), [CVE-2010-4180](<http://web.nvd.nist.gov/vuln/detail/CVE-2010-4180>), [CVE-2010-3864](<http://web.nvd.nist.gov/vuln/detail/CVE-2010-3864>) \n---|--- \n**Date Public:** | 2013-03-18 \n**Date First Published:** | 2013-03-18 \n**Date Last Updated: ** | 2013-05-02 17:40 UTC \n**Document Revision: ** | 30 \n", "modified": "2013-05-02T17:40:00", "published": "2013-03-18T00:00:00", "id": "VU:737740", "href": "https://www.kb.cert.org/vuls/id/737740", "type": "cert", "title": "Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:23:40", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2014-3508", "CVE-2014-3566", "CVE-2014-3572", "CVE-2013-0169", "CVE-2015-0286", "CVE-2015-0288", "CVE-2014-0224", "CVE-2014-8275", "CVE-2014-3570", "CVE-2014-3470", "CVE-2015-0293", "CVE-2015-0204", "CVE-2015-0287", "CVE-2015-0289", "CVE-2014-3568", "CVE-2015-0292", "CVE-2015-0205"], "description": "OpenSSL has been updated to fix various security issues:\n\n *\n\n CVE-2014-3568: The build option no-ssl3 was incomplete.\n\n *\n\n CVE-2014-3566: Support for TLS_FALLBACK_SCSV was added.\n\n *\n\n CVE-2014-3508: An information leak in pretty printing functions was\n fixed.\n\n *\n\n CVE-2013-0166: A OCSP bad key DoS attack was fixed.\n\n *\n\n CVE-2013-0169: An SSL/TLS CBC plaintext recovery attack was fixed.\n\n *\n\n CVE-2014-3470: Anonymous ECDH denial of service was fixed.\n\n *\n\n CVE-2014-0224: A SSL/TLS MITM vulnerability was fixed.\n\n *\n\n CVE-2014-3570: Bignum squaring (BN_sqr) may have produced incorrect\n results on some platforms, including x86_64.\n\n *\n\n CVE-2014-3572: Don't accept a handshake using an ephemeral ECDH\n ciphersuites with the server key exchange message omitted.\n\n *\n\n CVE-2014-8275: Fixed various certificate fingerprint issues.\n\n *\n\n CVE-2015-0204: Only allow ephemeral RSA keys in export ciphersuites\n\n *\n\n CVE-2015-0205: A fix was added to prevent use of DH client\n certificates without sending certificate verify message.\n\n *\n\n CVE-2015-0286: A segmentation fault in ASN1_TYPE_cmp was fixed that\n could be exploited by attackers when e.g. client authentication is used.\n This could be exploited over SSL connections.\n\n *\n\n CVE-2015-0287: A ASN.1 structure reuse memory corruption was fixed.\n This problem can not be exploited over regular SSL connections, only if\n specific client programs use specific ASN.1 routines.\n\n *\n\n CVE-2015-0288: A X509_to_X509_REQ NULL pointer dereference was\n fixed, which could lead to crashes. This function is not commonly used,\n and not reachable over SSL methods.\n\n *\n\n CVE-2015-0289: Several PKCS7 NULL pointer dereferences were fixed,\n which could lead to crashes of programs using the PKCS7 APIs. The SSL apis\n do not use those by default.\n\n *\n\n CVE-2015-0292: Various issues in base64 decoding were fixed, which\n could lead to crashes with memory corruption, for instance by using\n attacker supplied PEM data.\n\n *\n\n CVE-2015-0293: Denial of service via reachable assert in SSLv2\n servers, could be used by remote attackers to terminate the server\n process. Note that this requires SSLv2 being allowed, which is not the\n default.\n\n", "edition": 1, "modified": "2015-03-24T00:05:09", "published": "2015-03-24T00:05:09", "id": "SUSE-SU-2015:0578-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "type": "suse", "title": "Security update for compat-openssl097g (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:32:46", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2014-3505", "CVE-2014-3508", "CVE-2015-1792", "CVE-2014-3566", "CVE-2015-3197", "CVE-2014-3572", "CVE-2015-1789", "CVE-2013-0169", "CVE-2015-0286", "CVE-2014-3507", "CVE-2015-3195", "CVE-2014-3571", "CVE-2014-0076", "CVE-2016-0799", "CVE-2015-0288", "CVE-2014-0224", "CVE-2014-8275", "CVE-2016-0797", "CVE-2014-3570", "CVE-2014-3470", "CVE-2014-3506", "CVE-2015-0293", "CVE-2015-1788", "CVE-2014-0195", "CVE-2015-0209", "CVE-2014-3567", "CVE-2015-0204", "CVE-2016-0800", "CVE-2015-1790", "CVE-2014-3510", "CVE-2015-0287", "CVE-2015-0289", "CVE-2014-3568", "CVE-2014-3569", "CVE-2015-1791", "CVE-2014-0221"], "description": "This update for libopenssl0_9_8 fixes the following issues:\n\n - CVE-2016-0800 aka the "DROWN" attack (bsc#968046): OpenSSL was\n vulnerable to a cross-protocol attack that could lead to decryption of\n TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites\n as a Bleichenbacher RSA padding oracle.\n\n This update changes the openssl library to:\n\n * Disable SSLv2 protocol support by default.\n\n This can be overridden by setting the environment variable\n "OPENSSL_ALLOW_SSL2" or by using SSL_CTX_clear_options using the\n SSL_OP_NO_SSLv2 flag.\n\n Note that various services and clients had already disabled SSL\n protocol 2 by default previously.\n\n * Disable all weak EXPORT ciphers by default. These can be reenabled if\n required by old legacy software using the environment variable\n "OPENSSL_ALLOW_EXPORT".\n\n - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and BN_dec2bn() functions\n had a bug that could result in an attempt to de-reference a NULL pointer\n leading to crashes. This could have security consequences if these\n functions were ever called by user applications with large untrusted\n hex/decimal data. Also, internal usage of these functions in OpenSSL\n uses data from config files or application command line arguments. If\n user developed applications generated config file data based on\n untrusted data, then this could have had security consequences as well.\n\n - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the internal fmtstr()\n and doapr_outch() functions could miscalculate the length of a string\n and attempt to access out-of-bounds memory locations. These problems\n could have enabled attacks where large amounts of untrusted data is\n passed to the BIO_*printf functions. If applications use these functions\n in this way then they could have been vulnerable. OpenSSL itself uses\n these functions when printing out human-readable dumps of ASN.1 data.\n Therefore applications that print this data could have been vulnerable\n if the data is from untrusted sources. OpenSSL command line applications\n could also have been vulnerable when they print out ASN.1 data, or if\n untrusted data is passed as command line arguments. Libssl is not\n considered directly vulnerable.\n\n\n - The package was updated to 0.9.8zh:\n * fixes many security vulnerabilities (not seperately listed):\n CVE-2015-3195, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790,\n CVE-2015-1792, CVE-2015-1791, CVE-2015-0286, CVE-2015-0287,\n CVE-2015-0289, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288,\n CVE-2014-3571, CVE-2014-3569, CVE-2014-3572, CVE-2015-0204,\n CVE-2014-8275, CVE-2014-3570, CVE-2014-3567, CVE-2014-3568,\n CVE-2014-3566, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506,\n CVE-2014-3505, CVE-2014-3508, CVE-2014-0224, CVE-2014-0221,\n CVE-2014-0195, CVE-2014-3470, CVE-2014-0076, CVE-2013-0169,\n CVE-2013-0166\n\n - avoid running OPENSSL_config twice. This avoids breaking engine loading.\n (boo#952871, boo#967787)\n\n - fix CVE-2015-3197 (boo#963415)\n * SSLv2 doesn't block disabled ciphers\n\n", "edition": 1, "modified": "2016-03-03T14:11:44", "published": "2016-03-03T14:11:44", "id": "OPENSUSE-SU-2016:0640-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "type": "suse", "title": "Security update for libopenssl0_9_8 (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "lenovo": [{"lastseen": "2020-07-15T07:26:12", "bulletinFamily": "info", "cvelist": ["CVE-2011-3210", "CVE-2013-0166", "CVE-2014-3505", "CVE-2012-2333", "CVE-2014-3508", "CVE-2014-3566", "CVE-2009-1386", "CVE-2007-4995", "CVE-2011-4108", "CVE-2018-12177", "CVE-2009-1377", "CVE-2009-0789", "CVE-2006-7250", "CVE-2017-3735", "CVE-2007-3108", "CVE-2014-3507", "CVE-2011-4576", "CVE-2014-0076", "CVE-2009-4355", "CVE-2012-1165", "CVE-2011-4577", "CVE-2014-0224", "CVE-2010-4180", "CVE-2010-0742", "CVE-2009-2409", "CVE-2009-1387", "CVE-2009-3245", "CVE-2011-4619", "CVE-2008-5077", "CVE-2007-5135", "CVE-2012-0027", "CVE-2009-1378", "CVE-2014-3470", "CVE-2014-3506", "CVE-2009-0590", "CVE-2010-5298", "CVE-2008-7270", "CVE-2014-0195", "CVE-2012-2110", "CVE-2012-0884", "CVE-2014-3510", "CVE-2010-0433", "CVE-2010-4252", "CVE-2011-4109", "CVE-2011-1945", "CVE-2014-0221"], "description": "**Lenovo Security Advisory:** LEN-24443\n\n**Potential Impact:** Elevation of Privilege, Denial of Service, Information Disclosure\n\n**Severity:** High\n\n**Scope of Impact:** Systems with specific versions of Intel\u00ae PROSet/Wireless WiFi Software\n\n**CVE Identifier:** CVE-2006-7250, CVE-2007-3108, CVE-2007-4995, CVE-2007-5135, CVE-2008-5077, CVE-2008-7270, CVE-2009-0590, CVE-2009-0789, CVE-2009-1377, CVE-2009-1378, CVE-2009-1386, CVE-2009-1387, CVE-2009-2409, CVE-2009-3245, CVE-2009-4355, CVE-2010-0433, CVE-2010-0742, CVE-2010-4180, CVE-2010-4252, CVE-2010-5298, CVE-2011-1945, CVE-2011-3210, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0027, CVE-2012-0884, CVE-2012-1165, CVE-2012-2110, CVE-2012-2333, CVE-2013-0166, CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510, CVE-2014-3566, CVE-2017-3735, CVE-2018-12177\n\n**Summary Description: **\n\nDue to vulnerabilities in OpenSSL version 0.9.8e compiled into the Cisco Compatible eXtensions (CCX) component, which is part of the Intel\u00ae PROSet/Wireless WiFi Software, Intel is announcing End-of-Life (EOL) support for CCX. The CCX component has been removed from the Intel\u00ae PROSet/Wireless WiFi Software v20.90.0.7 for Microsoft Windows 7, 8.1, and 10.\n\nUpdated 2019-02-28:\n\nA potential security vulnerability in Intel\u00ae PROSet/Wireless WiFi Software may allow escalation of privilege (CVE-2018-12177).\n\n**Mitigation Strategy for Customers (what you should do to protect yourself): **\n\nIntel recommends updating to the Intel\u00ae PROSet/Wireless WiFi Software version indicated for your model in the Product Impact section below.\n\n**Product Impact:**\n", "edition": 922, "modified": "2019-08-21T18:25:17", "published": "2018-11-13T17:10:51", "id": "LENOVO:PS500190-NOSID", "href": "https://support.lenovo.com/us/en/solutions/len-24443/", "title": "Intel\u00ae PROSet/Wireless WiFi Software Vulnerabilities - US", "type": "lenovo", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}