[SECURITY] Fedora 29 Update: openssl-1.1.1a-1.fc29

2019-01-18T02:14:55

Description

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

Affected Package

OS	OS Version	Package Name	Package Version
Fedora	29	openssl	1.1.1a

{"id": "FEDORA:67D5B602F037", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 29 Update: openssl-1.1.1a-1.fc29", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "published": "2019-01-18T02:14:55", "modified": "2019-01-18T02:14:55", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ELPXQLW5SOMITZFCAEGFE4NSWGJS5Z44/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2018-0495", "CVE-2018-0734", "CVE-2018-0735"], "immutableFields": [], "lastseen": "2021-07-28T14:46:50", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY29.ASC"]}, {"type": "amazon", "idList": ["ALAS-2018-1102", "ALAS-2019-1153", "ALAS-2020-1355", "ALAS2-2018-1102", "ALAS2-2019-1153", "ALAS2-2019-1305", "ALAS2-2019-1362"]}, {"type": "archlinux", "idList": ["ASA-201806-10", "ASA-201812-5", "ASA-201812-6", "ASA-201812-7", "ASA-201812-8"]}, {"type": "centos", "idList": ["CESA-2018:3221", "CESA-2019:0483", "CESA-2019:2237", "CESA-2019:2304"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:894C76C0EB39D03A818F5E3BFAA0E55A", "CFOUNDRY:BDB6F8275A06CC11A9EB2C43CBB82E42", "CFOUNDRY:DCF842DDD89D1624E7B2FFAA64957639"]}, {"type": "cve", "idList": ["CVE-2018-0495", "CVE-2018-0734", "CVE-2018-0735"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1405-1:4C0C5", "DEBIAN:DLA-1405-1:D76AF", "DEBIAN:DLA-1586-1:00096", "DEBIAN:DSA-4231-1:6B2CC", "DEBIAN:DSA-4231-1:9B244", "DEBIAN:DSA-4348-1:05673", "DEBIAN:DSA-4355-1:1415E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-0495", "DEBIANCVE:CVE-2018-0734", "DEBIANCVE:CVE-2018-0735"]}, {"type": "f5", "idList": ["F5:K20001553", "F5:K43741620"]}, {"type": "fedora", "idList": ["FEDORA:08AC0606CFA2", "FEDORA:2D794604948D", "FEDORA:65B57634CA63", "FEDORA:6F712609154B", "FEDORA:80260604817C", "FEDORA:B76DE6348980", "FEDORA:C5613607A3CF"]}, {"type": "freebsd", "idList": ["238AE7DE-DBA2-11E8-B713-B499BAEBFEAF", "2A86F45A-FC3C-11E8-A414-00155D006B02", "9B5162DE-6F39-11E8-818E-E8E0B747A45A"]}, {"type": "ibm", "idList": ["1753BC62442BE4CF992F4D8242EB34368CF93CCB6BB6464B1B6744B5BFB4A859", "1EE6A9FE4BA67B644CF284DD602D2172C5B63FD07D6A0117C4A372E7C9EF1921", "1F234EFC9BCA33D00375D73A19EA38D309527628B71CCB02CAF517D9F70083C2", "1FE8CBFD143AEE75B9E3E758B04FAAEB9E0299C133474FCE02F7561E2C393562", "22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "2EE525D2EA98139EECBD98B625477DDDD5A658E5F81D79BC18E2A76F2D1FAAC6", "3D3BF59CC576F554C3F716540167D85670B56CE61C0AA690764AE05CC62E23C5", "414CD2ED8A4DB39966322AAA5EC3E25F6665F6B43B7145FD3AAB4B99AEF6A15C", "41D74490768E1FEA65BA04768E1BBABF9B0B30814EAF5BAAE6962979F0600776", "42B553A5257DBCE0553E09359217D9B58850595C4F83DD12BEB3762A7D09FF2D", "473B42A0AD3ADFD11193F1FA0491433B6C2F49AB442C2703D8ED509C2300C6D6", "5F957B5E06ACCABE54D87CD6147B8E68B673F925251FED25DCB9B0E9A50E046A", "742A5EE5095C2D25FD4C21E1BCFF447C64FB309C1797EDABFD78DFF9772CD9C4", "7B753C368ACA27C22C23CCCF0ADAC34B8D0ABE013F91E91F77FAA106033ADC8E", "7CFB9BE2DA6D94FEBCA1C4AA8CF9F47ECB13D1F735997F5255B4A85A3E13B4E7", "8A242C548ADF3E615FE6BA32C7E6F5B2DB8B1FA250ABF2329DC20A0FB32D3700", "B3446AFA47BD664B99B6DC653C6AF10D8AFCE06B43C0C23D364D628FAD4130CA", "B3E6D054507AB3B2747CD81EF1321A37C5EECBBAA25C47BEBF1156723BC9BC6F", "B645A1884F55B8D23E89889934405E297A29DD4C710A7CC08A400CAB85EC2792", "BC6791BE1BE27712E7F93A3CF6425D4DFC9F597812F25D8188ADDCC84186E81E", "D272B1ACFC08FB00F71DAECEAF120EF8F47B4AA0F575849F81F09FF6E35CBFB5", "D339AF4F92E6BDA2B14C46B53EEC584B9068C60D095CA91F8D91E775B6991D1D", "E24545639D10A648BCB6D9F4AAE7525E072A1C6A4E5448AFD0E797BA58867591", "E27CF59C9E2E6C51C822E91F4392208E7D3759A654890A485CF9095C81FD8C05", "F17C09CA9366DB4B46C2D2458B4B0B2F150A45007792754545A5B15C91CA9BBA", "FA72645AEA039BA3B00779CC846F404BEAFC0CD1CF57E01D9602CBEC8B491F79", "FEDE4F7915CF8E683DBC7AB56D68872D5740EF9C5D19FED52B140130771052A2"]}, {"type": "kaspersky", "idList": ["KLA11405"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AMAZON-LINUX-AMI-2-CVE-2018-0734/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2018-0734/", "MSF:ILITIES/REDHAT_LINUX-CVE-2018-0734/"]}, {"type": "nessus", "idList": ["700390.PRM", "700391.PRM", "700392.PRM", "700623.PRM", "700628.PRM", "700630.PRM", "700631.PRM", "AIX_OPENSSL_ADVISORY29.NASL", "AL2_ALAS-2018-1102.NASL", "AL2_ALAS-2019-1153.NASL", "AL2_ALAS-2019-1305.NASL", "AL2_ALAS-2019-1362.NASL", "ALA_ALAS-2018-1102.NASL", "ALA_ALAS-2019-1153.NASL", "ALA_ALAS-2020-1355.NASL", "CENTOS8_RHSA-2019-3700.NASL", "CENTOS_RHSA-2018-3221.NASL", "CENTOS_RHSA-2019-2237.NASL", "CENTOS_RHSA-2019-2304.NASL", "DEBIAN_DLA-1405.NASL", "DEBIAN_DLA-1586.NASL", "DEBIAN_DSA-4231.NASL", "DEBIAN_DSA-4348.NASL", "DEBIAN_DSA-4355.NASL", "EULEROS_SA-2018-1392.NASL", "EULEROS_SA-2018-1420.NASL", "EULEROS_SA-2019-1009.NASL", "EULEROS_SA-2019-1185.NASL", "EULEROS_SA-2019-1201.NASL", "EULEROS_SA-2019-1267.NASL", "EULEROS_SA-2019-1400.NASL", "EULEROS_SA-2019-1546.NASL", "EULEROS_SA-2019-1654.NASL", "EULEROS_SA-2019-1732.NASL", "EULEROS_SA-2019-1755.NASL", "EULEROS_SA-2019-1943.NASL", "EULEROS_SA-2019-1981.NASL", "EULEROS_SA-2019-2008.NASL", "EULEROS_SA-2019-2175.NASL", "EULEROS_SA-2019-2218.NASL", "EULEROS_SA-2019-2246.NASL", "EULEROS_SA-2019-2430.NASL", "EULEROS_SA-2020-1252.NASL", "EULEROS_SA-2020-1629.NASL", "EULEROS_SA-2020-1651.NASL", "EULEROS_SA-2020-1754.NASL", "FEDORA_2018-1EA5BEB4CF.NASL", "FEDORA_2018-6788454AB6.NASL", "FEDORA_2018-98AB6B4E56.NASL", "FEDORA_2018-EAA7DE17AE.NASL", "FEDORA_2019-00C25B9379.NASL", "FEDORA_2019-9A0A7C0986.NASL", "FEDORA_2019-A8FFCFF7EE.NASL", "FEDORA_2019-DB06EFDEA1.NASL", "FREEBSD_PKG_238AE7DEDBA211E8B713B499BAEBFEAF.NASL", "FREEBSD_PKG_2A86F45AFC3C11E8A41400155D006B02.NASL", "FREEBSD_PKG_9B5162DE6F3911E8818EE8E0B747A45A.NASL", "MYSQL_5_6_43.NASL", "MYSQL_5_7_25.NASL", "MYSQL_8_0_14.NASL", "NESSUS_TNS_2018_16.NASL", "NESSUS_TNS_2018_17.NASL", "NEWSTART_CGSL_NS-SA-2019-0065_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0193_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0206_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0236_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0254_OPENSSL.NASL", "NODEJS_2018_NOV.NASL", "OPENSSL_1_0_2Q.NASL", "OPENSSL_1_1_0J.NASL", "OPENSSL_1_1_1A.NASL", "OPENSUSE-2018-1464.NASL", "OPENSUSE-2018-1465.NASL", "OPENSUSE-2018-1518.NASL", "OPENSUSE-2018-1529.NASL", "OPENSUSE-2018-1618.NASL", "OPENSUSE-2018-769.NASL", "OPENSUSE-2018-795.NASL", "OPENSUSE-2019-1039.NASL", "OPENSUSE-2019-138.NASL", "OPENSUSE-2019-1547.NASL", "OPENSUSE-2019-1814.NASL", "OPENSUSE-2019-234.NASL", "OPENSUSE-2019-540.NASL", "OPENSUSE-2019-84.NASL", "OPENSUSE-2019-88.NASL", "OPENSUSE-2019-956.NASL", "OPENSUSE-2019-985.NASL", "ORACLELINUX_ELSA-2018-3221.NASL", "ORACLE_E-BUSINESS_CPU_APR_2019.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL", "ORACLE_TUXEDO_CPU_APR_2019.NASL", "PHOTONOS_PHSA-2018-1_0-0182.NASL", "PHOTONOS_PHSA-2018-1_0-0182_LIBGCRYPT.NASL", "PHOTONOS_PHSA-2018-1_0-0199_OPENSSL.NASL", "PHOTONOS_PHSA-2018-2_0-0091.NASL", "PHOTONOS_PHSA-2018-2_0-0091_LIBGCRYPT.NASL", "PHOTONOS_PHSA-2020-1_0-0298_NODEJS.NASL", "PHOTONOS_PHSA-2020-2_0-0210_NODEJS.NASL", "REDHAT-RHSA-2018-3221.NASL", "REDHAT-RHSA-2019-1297.NASL", "REDHAT-RHSA-2019-2237.NASL", "REDHAT-RHSA-2019-2304.NASL", "REDHAT-RHSA-2019-3700.NASL", "REDHAT-RHSA-2019-3932.NASL", "REDHAT-RHSA-2019-3933.NASL", "REDHAT-RHSA-2020-1267.NASL", "REDHAT-RHSA-2020-1345.NASL", "REDHAT-RHSA-2020-1461.NASL", "SLACKWARE_SSA_2018-164-01.NASL", "SLACKWARE_SSA_2018-325-01.NASL", "SL_20181030_OPENSSL_ON_SL7_X.NASL", "SL_20190806_NSS__NSS_SOFTOKN__NSS_UTIL__AND_NSPR_ON_SL7_X.NASL", "SL_20190806_OPENSSL_ON_SL7_X.NASL", "SUSE_SU-2018-1993-1.NASL", "SUSE_SU-2018-2089-1.NASL", "SUSE_SU-2018-2452-2.NASL", "SUSE_SU-2018-3863-1.NASL", "SUSE_SU-2018-3864-1.NASL", "SUSE_SU-2018-3866-1.NASL", "SUSE_SU-2018-3945-1.NASL", "SUSE_SU-2018-3989-1.NASL", "SUSE_SU-2018-4001-1.NASL", "SUSE_SU-2018-4068-1.NASL", "SUSE_SU-2018-4235-1.NASL", "SUSE_SU-2018-4236-1.NASL", "SUSE_SU-2018-4274-1.NASL", "SUSE_SU-2019-0117-1.NASL", "SUSE_SU-2019-0395-1.NASL", "SUSE_SU-2019-1553-1.NASL", "UBUNTU_USN-3689-1.NASL", "UBUNTU_USN-3692-1.NASL", "UBUNTU_USN-3840-1.NASL", "UBUNTU_USN-3850-1.NASL", "VIRTUALBOX_JAN_2019_CPU.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2018-0734", "OPENSSL:CVE-2018-0735"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107443", "OPENVAS:1361412562310107444", "OPENVAS:1361412562310112408", "OPENVAS:1361412562310112409", "OPENVAS:1361412562310112410", "OPENVAS:1361412562310112411", "OPENVAS:1361412562310112488", "OPENVAS:1361412562310112489", "OPENVAS:1361412562310704231", "OPENVAS:1361412562310704348", "OPENVAS:1361412562310704355", "OPENVAS:1361412562310814658", "OPENVAS:1361412562310814659", "OPENVAS:1361412562310814660", "OPENVAS:1361412562310843565", "OPENVAS:1361412562310843569", "OPENVAS:1361412562310843848", "OPENVAS:1361412562310851831", "OPENVAS:1361412562310851953", "OPENVAS:1361412562310852142", "OPENVAS:1361412562310852145", "OPENVAS:1361412562310852155", "OPENVAS:1361412562310852178", "OPENVAS:1361412562310852216", "OPENVAS:1361412562310852251", "OPENVAS:1361412562310852253", "OPENVAS:1361412562310852272", "OPENVAS:1361412562310852311", "OPENVAS:1361412562310852554", "OPENVAS:1361412562310852640", "OPENVAS:1361412562310874692", "OPENVAS:1361412562310874699", "OPENVAS:1361412562310874787", "OPENVAS:1361412562310874794", "OPENVAS:1361412562310876840", "OPENVAS:1361412562310876846", "OPENVAS:1361412562310877283", "OPENVAS:1361412562310891405", "OPENVAS:1361412562310891586", "OPENVAS:1361412562311220181392", "OPENVAS:1361412562311220181420", "OPENVAS:1361412562311220191009", "OPENVAS:1361412562311220191185", "OPENVAS:1361412562311220191201", "OPENVAS:1361412562311220191267", "OPENVAS:1361412562311220191400", "OPENVAS:1361412562311220191546", "OPENVAS:1361412562311220191654", "OPENVAS:1361412562311220191732", "OPENVAS:1361412562311220191755", "OPENVAS:1361412562311220191943", "OPENVAS:1361412562311220191981", "OPENVAS:1361412562311220192008", "OPENVAS:1361412562311220192175", "OPENVAS:1361412562311220192218", "OPENVAS:1361412562311220192246", "OPENVAS:1361412562311220192430", "OPENVAS:1361412562311220201252", "OPENVAS:1361412562311220201629", "OPENVAS:1361412562311220201651", "OPENVAS:1361412562311220201754"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2019", "ORACLE:CPUAPR2019-5072813", "ORACLE:CPUAPR2020", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2019-5072801", "ORACLE:CPUJAN2020", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2019-5072835"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3221", "ELSA-2018-4267", "ELSA-2019-2237", "ELSA-2019-2304", "ELSA-2019-3700", "ELSA-2019-4581", "ELSA-2019-4754", "ELSA-2021-9121"]}, {"type": "photon", "idList": ["PHSA-2018-0091", "PHSA-2018-0113", "PHSA-2018-0182", "PHSA-2018-0199", "PHSA-2018-1.0-0182", "PHSA-2018-1.0-0199", "PHSA-2018-2.0-0091", "PHSA-2019-0152", "PHSA-2019-0234", "PHSA-2019-1.0-0234", "PHSA-2020-0210", "PHSA-2020-1.0-0298", "PHSA-2020-2.0-0210"]}, {"type": "redhat", "idList": ["RHSA-2018:3221", "RHSA-2018:3505", "RHSA-2019:0483", "RHSA-2019:1296", "RHSA-2019:1297", "RHSA-2019:1543", "RHSA-2019:2237", "RHSA-2019:2304", "RHSA-2019:3700", "RHSA-2019:3932", "RHSA-2019:3933", "RHSA-2019:3935", "RHSA-2020:1267", "RHSA-2020:1345", "RHSA-2020:1461"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-0495", "RH:CVE-2018-0734", "RH:CVE-2018-12437"]}, {"type": "slackware", "idList": ["SSA-2018-164-01", "SSA-2018-325-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2122-1", "OPENSUSE-SU-2018:2178-1", "OPENSUSE-SU-2018:3890-1", "OPENSUSE-SU-2018:3903-1", "OPENSUSE-SU-2018:4050-1", "OPENSUSE-SU-2018:4104-1", "OPENSUSE-SU-2018:4283-1", "OPENSUSE-SU-2019:0084-1", "OPENSUSE-SU-2019:0088-1", "OPENSUSE-SU-2019:0138-1", "OPENSUSE-SU-2019:0234-1", "OPENSUSE-SU-2019:1547-1", "OPENSUSE-SU-2019:1814-1"]}, {"type": "symantec", "idList": ["SMNTC-105758", "SMNTC-1490"]}, {"type": "ubuntu", "idList": ["USN-3689-1", "USN-3689-2", "USN-3692-1", "USN-3692-2", "USN-3840-1", "USN-3850-1", "USN-3850-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-0495", "UB:CVE-2018-0734", "UB:CVE-2018-0735"]}]}, "score": {"value": 5.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY29.ASC"]}, {"type": "amazon", "idList": ["ALAS-2018-1102", "ALAS-2019-1153"]}, {"type": "archlinux", "idList": ["ASA-201806-10", "ASA-201812-5", "ASA-201812-6", "ASA-201812-7", "ASA-201812-8"]}, {"type": "centos", "idList": ["CESA-2018:3221", "CESA-2019:0483"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:894C76C0EB39D03A818F5E3BFAA0E55A", "CFOUNDRY:BDB6F8275A06CC11A9EB2C43CBB82E42"]}, {"type": "cve", "idList": ["CVE-2018-0495", "CVE-2018-0734", "CVE-2018-0735"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1405-1:4C0C5", "DEBIAN:DSA-4231-1:6B2CC", "DEBIAN:DSA-4348-1:05673", "DEBIAN:DSA-4355-1:1415E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-0495"]}, {"type": "f5", "idList": ["F5:K20001553", "F5:K43741620"]}, {"type": "fedora", "idList": ["FEDORA:2D794604948D", "FEDORA:65B57634CA63", "FEDORA:80260604817C", "FEDORA:B76DE6348980"]}, {"type": "freebsd", "idList": ["238AE7DE-DBA2-11E8-B713-B499BAEBFEAF", "2A86F45A-FC3C-11E8-A414-00155D006B02", "9B5162DE-6F39-11E8-818E-E8E0B747A45A"]}, {"type": "ibm", "idList": ["1F234EFC9BCA33D00375D73A19EA38D309527628B71CCB02CAF517D9F70083C2", "22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "7B753C368ACA27C22C23CCCF0ADAC34B8D0ABE013F91E91F77FAA106033ADC8E", "7CFB9BE2DA6D94FEBCA1C4AA8CF9F47ECB13D1F735997F5255B4A85A3E13B4E7", "B3446AFA47BD664B99B6DC653C6AF10D8AFCE06B43C0C23D364D628FAD4130CA", "D272B1ACFC08FB00F71DAECEAF120EF8F47B4AA0F575849F81F09FF6E35CBFB5", "D339AF4F92E6BDA2B14C46B53EEC584B9068C60D095CA91F8D91E775B6991D1D", "FEDE4F7915CF8E683DBC7AB56D68872D5740EF9C5D19FED52B140130771052A2"]}, {"type": "kaspersky", "idList": ["KLA11405"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AMAZON-LINUX-AMI-2-CVE-2018-0734/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2018-0734/", "MSF:ILITIES/REDHAT_LINUX-CVE-2018-0734/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1153.NASL", "ALA_ALAS-2018-1102.NASL", "ALA_ALAS-2020-1355.NASL", "DEBIAN_DLA-1405.NASL", "DEBIAN_DSA-4231.NASL", "DEBIAN_DSA-4348.NASL", "DEBIAN_DSA-4355.NASL", "EULEROS_SA-2018-1392.NASL", "FEDORA_2018-6788454AB6.NASL", "FEDORA_2019-A8FFCFF7EE.NASL", "FREEBSD_PKG_238AE7DEDBA211E8B713B499BAEBFEAF.NASL", "FREEBSD_PKG_2A86F45AFC3C11E8A41400155D006B02.NASL", "FREEBSD_PKG_9B5162DE6F3911E8818EE8E0B747A45A.NASL", "OPENSUSE-2018-1518.NASL", "OPENSUSE-2019-138.NASL", "OPENSUSE-2019-84.NASL", "OPENSUSE-2019-88.NASL", "PHOTONOS_PHSA-2018-1_0-0182_LIBGCRYPT.NASL", "PHOTONOS_PHSA-2018-1_0-0199_OPENSSL.NASL", "PHOTONOS_PHSA-2018-2_0-0091_LIBGCRYPT.NASL", "REDHAT-RHSA-2018-3221.NASL", "SLACKWARE_SSA_2018-164-01.NASL", "SL_20181030_OPENSSL_ON_SL7_X.NASL", "SUSE_SU-2018-3945-1.NASL", "SUSE_SU-2018-3989-1.NASL", "SUSE_SU-2018-4236-1.NASL", "SUSE_SU-2019-0117-1.NASL", "SUSE_SU-2019-0395-1.NASL", "UBUNTU_USN-3689-1.NASL", "UBUNTU_USN-3692-1.NASL", "UBUNTU_USN-3840-1.NASL", "VIRTUALBOX_JAN_2019_CPU.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2018-0734"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310112408", "OPENVAS:1361412562310112409", "OPENVAS:1361412562310112410", "OPENVAS:1361412562310112411", "OPENVAS:1361412562310112488", "OPENVAS:1361412562310112489", "OPENVAS:1361412562310704231", "OPENVAS:1361412562310704348", "OPENVAS:1361412562310704355", "OPENVAS:1361412562310814658", "OPENVAS:1361412562310814659", "OPENVAS:1361412562310814660", "OPENVAS:1361412562310843565", "OPENVAS:1361412562310843569", "OPENVAS:1361412562310843848", "OPENVAS:1361412562310851953", "OPENVAS:1361412562310852155", "OPENVAS:1361412562310852251", "OPENVAS:1361412562310852253", "OPENVAS:1361412562310852272", "OPENVAS:1361412562310852311", "OPENVAS:1361412562310874692", "OPENVAS:1361412562310874699"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2019"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3221"]}, {"type": "photon", "idList": ["PHSA-2018-1.0-0182", "PHSA-2018-1.0-0199", "PHSA-2018-2.0-0091", "PHSA-2019-1.0-0234", "PHSA-2020-1.0-0298", "PHSA-2020-2.0-0210"]}, {"type": "redhat", "idList": ["RHSA-2020:1267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-0734", "RH:CVE-2018-12437"]}, {"type": "slackware", "idList": ["SSA-2018-164-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2122-1", "OPENSUSE-SU-2018:4050-1", "OPENSUSE-SU-2019:0084-1", "OPENSUSE-SU-2019:0088-1", "OPENSUSE-SU-2019:0138-1", "OPENSUSE-SU-2019:0234-1"]}, {"type": "symantec", "idList": ["SMNTC-1490"]}, {"type": "ubuntu", "idList": ["USN-3689-1", "USN-3689-2", "USN-3692-1", "USN-3692-2", "USN-3840-1", "USN-3850-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-0495", "UB:CVE-2018-0734", "UB:CVE-2018-0735"]}]}, "exploitation": null, "vulnersScore": 5.9}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "29", "arch": "any", "packageVersion": "1.1.1a", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "openssl"}]}

{"nessus": [{"lastseen": "2022-06-16T16:12:41", "description": "Minor update to version 1.1.1a with bug fixes and low impact security fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-18T00:00:00", "type": "nessus", "title": "Fedora 29 : 1:openssl (2019-a8ffcff7ee)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-0734", "CVE-2018-0735"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:openssl", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-A8FFCFF7EE.NASL", "href": "https://www.tenable.com/plugins/nessus/121239", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-a8ffcff7ee.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121239);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-0734\", \"CVE-2018-0735\");\n script_xref(name:\"FEDORA\", value:\"2019-a8ffcff7ee\");\n\n script_name(english:\"Fedora 29 : 1:openssl (2019-a8ffcff7ee)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor update to version 1.1.1a with bug fixes and low impact security\nfixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-a8ffcff7ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"openssl-1.1.1a-1.fc29\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:14:35", "description": "According to its banner, the version of OpenSSL running on the remote host is 1.1.0 prior to 1.1.1a. It is, therefore, affected by a denial of service vulnerability, a cache timing side channel vulnerability, and a microarchitecture timing side channel attack.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-25T00:00:00", "type": "nessus", "title": "OpenSSL 1.1.1 < 1.1.1a Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2019-10-31T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_1_1A.NASL", "href": "https://www.tenable.com/plugins/nessus/121385", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121385);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n script_bugtraq_id(105750, 105758);\n\n script_name(english:\"OpenSSL 1.1.1 < 1.1.1a Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A service running on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of OpenSSL running on the remote\nhost is 1.1.0 prior to 1.1.1a. It is, therefore, affected by a denial\nof service vulnerability, a cache timing side channel vulnerability,\nand a microarchitecture timing side channel attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20181030.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20181029.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the vendor patch or upgrade to OpenSSL version 1.1.1a or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.1.1a', min:\"1.1.1\", severity:SECURITY_WARNING);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:58:28", "description": "This update for openssl-1_1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).\n\nCVE-2018-0735: Fixed timing vulnerability in ECDSA signature generation (bsc#1113651).\n\nNon-security issues fixed: Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-30T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : openssl-1_1 (SUSE-SU-2018:3945-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl1_1", "p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3945-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119299", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3945-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119299);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : openssl-1_1 (SUSE-SU-2018:3945-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for openssl-1_1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed timing vulnerability in DSA signature generation\n(bsc#1113652).\n\nCVE-2018-0735: Fixed timing vulnerability in ECDSA signature\ngeneration (bsc#1113651).\n\nNon-security issues fixed: Fixed infinite loop in DSA generation with\nincorrect parameters (bsc#1112209).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0734/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0735/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183945-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7cd6e005\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2018-2812=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-2812=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2018-2812=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-32bit-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-debuginfo-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-debuginfo-32bit-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_1-debuginfo-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_1-debugsource-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_1-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_1-debuginfo-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_1-debuginfo-32bit-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1_1-debuginfo-1.1.1-2.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1_1-debugsource-1.1.1-2.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_1\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:15:58", "description": "This update for openssl-1_1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).\n\nCVE-2018-0735: Fixed timing vulnerability in ECDSA signature generation (bsc#1113651).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2018:3863-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2020-03-16T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel", "p-cpe:/a:novell:suse_linux:libopenssl1_1", "p-cpe:/a:novell:suse_linux:libopenssl1_1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-3863-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120166", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3863-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120166);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/16\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2018:3863-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl-1_1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed timing vulnerability in DSA signature generation\n(bsc#1113652).\n\nCVE-2018-0735: Fixed timing vulnerability in ECDSA signature\ngeneration (bsc#1113651).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0734/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0735/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183863-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?22b4b45d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2018-2758=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2758=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl-1_1-devel-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_1-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_1-debuginfo-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_1-hmac-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_1-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_1-debuginfo-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_1-debugsource-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl-1_1-devel-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_1-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_1-debuginfo-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_1-hmac-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_1-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_1-debuginfo-1.1.0i-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_1-debugsource-1.1.0i-4.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_1\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:24:32", "description": "This update for openssl-1_1 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: timing vulnerability in DSA signature generation (bsc#1113652).\n\n - CVE-2018-0735: timing vulnerability in ECDSA signature generation (bsc#1113651).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl-1_1 (openSUSE-2019-956)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-1_1-devel", "p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_1", "p-cpe:/a:novell:opensuse:libopenssl1_1-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_1-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl-1_1", "p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_1-debugsource", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-956.NASL", "href": "https://www.tenable.com/plugins/nessus/123386", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-956.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123386);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n\n script_name(english:\"openSUSE Security Update : openssl-1_1 (openSUSE-2019-956)\");\n script_summary(english:\"Check for the openSUSE-2019-956 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl-1_1 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: timing vulnerability in DSA signature\n generation (bsc#1113652).\n\n - CVE-2018-0735: timing vulnerability in ECDSA signature\n generation (bsc#1113651).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl-1_1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl-1_1-devel-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-debuginfo-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-hmac-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-debuginfo-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-debugsource-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-lp150.3.15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:58:55", "description": "This update for openssl-1_1 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: timing vulnerability in DSA signature generation (bsc#1113652).\n\n - CVE-2018-0735: timing vulnerability in ECDSA signature generation (bsc#1113651).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl-1_1 (openSUSE-2018-1465)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-1_1-devel", "p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_1", "p-cpe:/a:novell:opensuse:libopenssl1_1-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_1-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl-1_1", "p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_1-debugsource", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-1465.NASL", "href": "https://www.tenable.com/plugins/nessus/119140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1465.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119140);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n\n script_name(english:\"openSUSE Security Update : openssl-1_1 (openSUSE-2018-1465)\");\n script_summary(english:\"Check for the openSUSE-2018-1465 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl-1_1 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: timing vulnerability in DSA signature\n generation (bsc#1113652).\n\n - CVE-2018-0735: timing vulnerability in ECDSA signature\n generation (bsc#1113651).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl-1_1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl-1_1-devel-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-debuginfo-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-hmac-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-debuginfo-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-debugsource-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-lp150.3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-lp150.3.15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-debuginfo / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:13:36", "description": "According to its banner, the version of OpenSSL running on the remote host is 1.1.0 prior to 1.1.0j. It is, therefore, affected by a denial of service vulnerability, a cache timing side channel vulnerability, and a microarchitecture timing side channel attack.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-25T00:00:00", "type": "nessus", "title": "OpenSSL 1.1.0 < 1.1.0j Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2019-10-31T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_1_0J.NASL", "href": "https://www.tenable.com/plugins/nessus/121384", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121384);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n script_bugtraq_id(105750, 105758);\n\n script_name(english:\"OpenSSL 1.1.0 < 1.1.0j Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A service running on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of OpenSSL running on the remote\nhost is 1.1.0 prior to 1.1.0j. It is, therefore, affected by a denial\nof service vulnerability, a cache timing side channel vulnerability,\nand a microarchitecture timing side channel attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20181030.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20181029.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the vendor patch or upgrade to OpenSSL version 1.1.0j or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.1.0j', min:\"1.1.0\", severity:SECURITY_WARNING);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:55:58", "description": "The OpenSSL project reports :\n\nTiming vulnerability in ECDSA signature generation (CVE-2018-0735):\nThe OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key (Low).\n\nTiming vulnerability in DSA signature generation (CVE-2018-0734) :\nAvoid a timing attack that leaks information via a side channel that triggers when a BN is resized. Increasing the size of the BNs prior to doing anything with them suppresses the attack (Low).", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-10-30T00:00:00", "type": "nessus", "title": "FreeBSD : OpenSSL -- Multiple vulnerabilities in 1.1 branch (238ae7de-dba2-11e8-b713-b499baebfeaf)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2022-02-02T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libressl", "p-cpe:/a:freebsd:freebsd:libressl-devel", "p-cpe:/a:freebsd:freebsd:openssl-devel", "p-cpe:/a:freebsd:freebsd:openssl111", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_238AE7DEDBA211E8B713B499BAEBFEAF.NASL", "href": "https://www.tenable.com/plugins/nessus/118496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118496);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/02\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n\n script_name(english:\"FreeBSD : OpenSSL -- Multiple vulnerabilities in 1.1 branch (238ae7de-dba2-11e8-b713-b499baebfeaf)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The OpenSSL project reports :\n\nTiming vulnerability in ECDSA signature generation (CVE-2018-0735):\nThe OpenSSL ECDSA signature algorithm has been shown to be vulnerable\nto a timing side channel attack. An attacker could use variations in\nthe signing algorithm to recover the private key (Low).\n\nTiming vulnerability in DSA signature generation (CVE-2018-0734) :\nAvoid a timing attack that leaks information via a side channel that\ntriggers when a BN is resized. Increasing the size of the BNs prior to\ndoing anything with them suppresses the attack (Low).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20181029.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/openssl/openssl/commit/8abfe72e\"\n );\n # https://vuxml.freebsd.org/freebsd/238ae7de-dba2-11e8-b713-b499baebfeaf.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca1e56e7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0735\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libressl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libressl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssl111\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"openssl-devel<1.1.0i_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"openssl111<1.1.1_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libressl>=2.8.0<2.8.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libressl-devel>=2.8.0<2.8.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-25T16:34:43", "description": "Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing.\nAn attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. (CVE-2018-0734)\n\nSamuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)\n\nBilly Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading (SMT) architectures are vulnerable to side-channel leakage. This issue is known as 'PortSmash'. An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-12-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : openssl, openssl1.0 vulnerabilities (USN-3840-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "p-cpe:/a:canonical:ubuntu_linux:libssl1.1", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3840-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119497", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3840-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119497);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/09/18 12:31:49\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-5407\");\n script_xref(name:\"USN\", value:\"3840-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : openssl, openssl1.0 vulnerabilities (USN-3840-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing.\nAn attacker could possibly use this issue to perform a timing\nside-channel attack and recover private DSA keys. (CVE-2018-0734)\n\nSamuel Weiser discovered that OpenSSL incorrectly handled ECDSA\nsigning. An attacker could possibly use this issue to perform a timing\nside-channel attack and recover private ECDSA keys. This issue only\naffected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)\n\nBilly Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola\nTuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous\nMultithreading (SMT) architectures are vulnerable to side-channel\nleakage. This issue is known as 'PortSmash'. An attacker could\npossibly use this issue to perform a timing side-channel attack and\nrecover private keys. (CVE-2018-5407).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3840-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libssl1.0.0 and / or libssl1.1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1f-1ubuntu2.27\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.2g-1ubuntu4.14\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.2n-1ubuntu5.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libssl1.1\", pkgver:\"1.1.0g-2ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.2n-1ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libssl1.1\", pkgver:\"1.1.1-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl1.0.0 / libssl1.1\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-26T14:12:46", "description": "An update of the openssl package has been released.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Openssl PHSA-2018-1.0-0199", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407"], "modified": "2019-04-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:openssl", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0199_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/121899", "sourceData": "#\n# (C) Tenable Network Security, Inc.`\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0199. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121899);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/04/02 21:54:17\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-5407\");\n\n script_name(english:\"Photon OS 1.0: Openssl PHSA-2018-1.0-0199\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openssl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-199.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0735\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-debuginfo-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-debuginfo-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-debuginfo-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-devel-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-devel-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-devel-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-perl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-perl-1.0.2q-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-perl-1.0.2q-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-26T14:16:24", "description": "The version of Oracle Tuxedo installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities:\n - An information disclosure vulnerability exists in OpenSSL due to the potential for a side-channel timing attack. An unauthenticated attacker can exploit this to disclose potentially sensitive information. (CVE-2018-0734, CVE-2018-0735, CVE-2018-5407)", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-04-19T00:00:00", "type": "nessus", "title": "Oracle Tuxedo Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:tuxedo"], "id": "ORACLE_TUXEDO_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124171", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124171);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-5407\");\n script_bugtraq_id(105750, 105758, 105897);\n script_xref(name:\"IAVA\", value:\"2019-A-0128\");\n\n script_name(english:\"Oracle Tuxedo Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application server installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Tuxedo installed on the remote host is missing\na security patch. It is, therefore, affected by multiple\nvulnerabilities:\n \n - An information disclosure vulnerability exists in OpenSSL \n due to the potential for a side-channel timing attack. \n An unauthenticated attacker can exploit this to disclose \n potentially sensitive information. \n (CVE-2018-0734, CVE-2018-0735, CVE-2018-5407)\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:tuxedo\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_tuxedo_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Tuxedo\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('oracle_rdbms_cpu_func.inc');\ninclude('misc_func.inc');\ninclude('install_func.inc');\n\napp_name = 'Oracle Tuxedo';\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nrp = install['RP'];\npath = install['path'];\nrp_fix = 99;\n\nif (version !~ \"^12\\.1\\.1\\.0($|\\.|_)\") \n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version + ' RP ' + rp, path);\n\nif (rp == UNKNOWN_VER || rp < rp_fix)\n{\n items = make_array('Path', path,\n 'Version', version,\n 'RP', rp,\n 'Required RP', rp_fix\n );\n order = make_list('Path', 'Version', 'RP', 'Required RP');\n report = report_items_str(report_items:items, ordered_fields:order);\n security_report_v4(port:0, extra:report, severity:SECURITY_WARNING);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version + ' RP ' + rp, path);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T16:28:39", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities:\n\n - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i).\n Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).\n (CVE-2018-0734)\n\n - If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable non- stitched ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). (CVE-2019-1559)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0206)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2019-1559"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0206_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/129941", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0206. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129941);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2019-1559\");\n script_bugtraq_id(105758, 107174);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0206)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected\nby multiple vulnerabilities:\n\n - The OpenSSL DSA signature algorithm has been shown to be\n vulnerable to a timing side channel attack. An attacker\n could use variations in the signing algorithm to recover\n the private key. Fixed in OpenSSL 1.1.1a (Affected\n 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i).\n Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).\n (CVE-2018-0734)\n\n - If an application encounters a fatal protocol error and\n then calls SSL_shutdown() twice (once to send a\n close_notify, and once to receive one) then OpenSSL can\n respond differently to the calling application if a 0\n byte record is received with invalid padding compared to\n if a 0 byte record is received with an invalid MAC. If\n the application then behaves differently based on that\n in a way that is detectable to the remote peer, then\n this amounts to a padding oracle that could be used to\n decrypt data. In order for this to be exploitable non-\n stitched ciphersuites must be in use. Stitched\n ciphersuites are optimised implementations of certain\n commonly used ciphersuites. Also the application must\n call SSL_shutdown() twice even if a protocol error has\n occurred (applications should not do this but some do\n anyway). Fixed in OpenSSL 1.0.2r (Affected\n 1.0.2-1.0.2q). (CVE-2019-1559)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0206\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1559\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"openssl-1.0.2k-19.el7.cgslv5.0.1.g72bc563.lite\",\n \"openssl-crypto-1.0.2k-19.el7.cgslv5.0.1.g72bc563.lite\",\n \"openssl-debuginfo-1.0.2k-19.el7.cgslv5.0.1.g72bc563.lite\",\n \"openssl-devel-1.0.2k-19.el7.cgslv5.0.1.g72bc563.lite\",\n \"openssl-libs-1.0.2k-19.el7.cgslv5.0.1.g72bc563.lite\",\n \"openssl-perl-1.0.2k-19.el7.cgslv5.0.1.g72bc563.lite\",\n \"openssl-static-1.0.2k-19.el7.cgslv5.0.1.g72bc563.lite\"\n ],\n \"CGSL MAIN 5.04\": [\n \"openssl-1.0.2k-19.el7.cgslv5\",\n \"openssl-debuginfo-1.0.2k-19.el7.cgslv5\",\n \"openssl-devel-1.0.2k-19.el7.cgslv5\",\n \"openssl-libs-1.0.2k-19.el7.cgslv5\",\n \"openssl-perl-1.0.2k-19.el7.cgslv5\",\n \"openssl-static-1.0.2k-19.el7.cgslv5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T16:41:59", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has openssl packages installed that are affected by multiple vulnerabilities:\n\n - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i).\n Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).\n (CVE-2018-0734)\n\n - If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable non- stitched ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). (CVE-2019-1559)\n\n - The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1). (CVE-2018-0735)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : openssl Multiple Vulnerabilities (NS-SA-2019-0254)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2019-1559"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0254_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/132467", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0254. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132467);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2019-1559\");\n script_bugtraq_id(105750, 105758, 107174);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : openssl Multiple Vulnerabilities (NS-SA-2019-0254)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has openssl packages installed that are affected\nby multiple vulnerabilities:\n\n - The OpenSSL DSA signature algorithm has been shown to be\n vulnerable to a timing side channel attack. An attacker\n could use variations in the signing algorithm to recover\n the private key. Fixed in OpenSSL 1.1.1a (Affected\n 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i).\n Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).\n (CVE-2018-0734)\n\n - If an application encounters a fatal protocol error and\n then calls SSL_shutdown() twice (once to send a\n close_notify, and once to receive one) then OpenSSL can\n respond differently to the calling application if a 0\n byte record is received with invalid padding compared to\n if a 0 byte record is received with an invalid MAC. If\n the application then behaves differently based on that\n in a way that is detectable to the remote peer, then\n this amounts to a padding oracle that could be used to\n decrypt data. In order for this to be exploitable non-\n stitched ciphersuites must be in use. Stitched\n ciphersuites are optimised implementations of certain\n commonly used ciphersuites. Also the application must\n call SSL_shutdown() twice even if a protocol error has\n occurred (applications should not do this but some do\n anyway). Fixed in OpenSSL 1.0.2r (Affected\n 1.0.2-1.0.2q). (CVE-2019-1559)\n\n - The OpenSSL ECDSA signature algorithm has been shown to\n be vulnerable to a timing side channel attack. An\n attacker could use variations in the signing algorithm\n to recover the private key. Fixed in OpenSSL 1.1.0j\n (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a\n (Affected 1.1.1). (CVE-2018-0735)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0254\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1559\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"openssl-1.0.2k-19.el7.cgslv5_5.0.1.g1a212bb.lite\",\n \"openssl-crypto-1.0.2k-19.el7.cgslv5_5.0.1.g1a212bb.lite\",\n \"openssl-debuginfo-1.0.2k-19.el7.cgslv5_5.0.1.g1a212bb.lite\",\n \"openssl-devel-1.0.2k-19.el7.cgslv5_5.0.1.g1a212bb.lite\",\n \"openssl-libs-1.0.2k-19.el7.cgslv5_5.0.1.g1a212bb.lite\",\n \"openssl-perl-1.0.2k-19.el7.cgslv5_5.0.1.g1a212bb.lite\",\n \"openssl-static-1.0.2k-19.el7.cgslv5_5.0.1.g1a212bb.lite\"\n ],\n \"CGSL MAIN 5.05\": [\n \"openssl-1.0.2k-19.el7.cgslv5_5\",\n \"openssl-debuginfo-1.0.2k-19.el7.cgslv5_5\",\n \"openssl-devel-1.0.2k-19.el7.cgslv5_5\",\n \"openssl-libs-1.0.2k-19.el7.cgslv5_5\",\n \"openssl-perl-1.0.2k-19.el7.cgslv5_5\",\n \"openssl-static-1.0.2k-19.el7.cgslv5_5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T17:00:42", "description": "An update for openssl is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nThe following packages have been upgraded to a later upstream version:\nopenssl (1.1.1c). (BZ#1643026)\n\nSecurity Fix(es) :\n\n* openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734)\n\n* openssl: timing side channel attack in the ECDSA signature generation (CVE-2018-0735)\n\n* openssl: ChaCha20-Poly1305 with long nonces (CVE-2019-1543)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "cvss3": {"score": 7.4, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-11-06T00:00:00", "type": "nessus", "title": "RHEL 8 : openssl (RHSA-2019:3700)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2019-1543"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-debugsource", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-libs", "p-cpe:/a:redhat:enterprise_linux:openssl-libs-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-3700.NASL", "href": "https://www.tenable.com/plugins/nessus/130567", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3700. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130567);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2019-1543\");\n script_xref(name:\"RHSA\", value:\"2019:3700\");\n\n script_name(english:\"RHEL 8 : openssl (RHSA-2019:3700)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for openssl is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)\nand Transport Layer Security (TLS) protocols, as well as a\nfull-strength general-purpose cryptography library.\n\nThe following packages have been upgraded to a later upstream version:\nopenssl (1.1.1c). (BZ#1643026)\n\nSecurity Fix(es) :\n\n* openssl: timing side channel attack in the DSA signature algorithm\n(CVE-2018-0734)\n\n* openssl: timing side channel attack in the ECDSA signature\ngeneration (CVE-2018-0735)\n\n* openssl: ChaCha20-Poly1305 with long nonces (CVE-2019-1543)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.1 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?774148ae\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-0734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-0735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1543\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3700\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"openssl-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openssl-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"openssl-debuginfo-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"openssl-debuginfo-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"openssl-debugsource-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"openssl-debugsource-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openssl-debugsource-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"openssl-devel-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"openssl-devel-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openssl-devel-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"openssl-libs-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"openssl-libs-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openssl-libs-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"i686\", reference:\"openssl-libs-debuginfo-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"openssl-libs-debuginfo-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openssl-libs-debuginfo-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"openssl-perl-1.1.1c-2.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openssl-perl-1.1.1c-2.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-debugsource / openssl-devel / etc\");\n }\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-16T14:52:34", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3700 advisory.\n\n - openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734)\n\n - openssl: timing side channel attack in the ECDSA signature generation (CVE-2018-0735)\n\n - openssl: ChaCha20-Poly1305 with long nonces (CVE-2019-1543)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.4, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : openssl (CESA-2019:3700)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2019-1543"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-libs", "p-cpe:/a:centos:centos:openssl-perl"], "id": "CENTOS8_RHSA-2019-3700.NASL", "href": "https://www.tenable.com/plugins/nessus/145661", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3700. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145661);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2019-1543\");\n script_bugtraq_id(105750, 105758, 107349);\n script_xref(name:\"RHSA\", value:\"2019:3700\");\n\n script_name(english:\"CentOS 8 : openssl (CESA-2019:3700)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:3700 advisory.\n\n - openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734)\n\n - openssl: timing side channel attack in the ECDSA signature generation (CVE-2018-0735)\n\n - openssl: ChaCha20-Poly1305 with long nonces (CVE-2019-1543)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3700\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1543\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'openssl-1.1.1c-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-1.1.1c-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-devel-1.1.1c-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-devel-1.1.1c-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-libs-1.1.1c-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-libs-1.1.1c-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-perl-1.1.1c-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-perl-1.1.1c-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl / openssl-devel / openssl-libs / openssl-perl');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-25T16:34:25", "description": "Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-12-01T00:00:00", "type": "nessus", "title": "Debian DSA-4348-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-0737", "CVE-2018-5407"], "modified": "2020-06-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4348.NASL", "href": "https://www.tenable.com/plugins/nessus/119313", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4348. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119313);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/18\");\n\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_xref(name:\"DSA\", value:\"4348\");\n\n script_name(english:\"Debian DSA-4348-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4348\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 1.1.0j-1~deb9u1. Going forward, openssl security updates\nfor stretch will be based on the 1.1.0x upstream releases.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0737\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libcrypto1.1-udeb\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl-dev\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl-doc\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.1\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.1-udeb\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openssl\", reference:\"1.1.0j-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:20:06", "description": "According to the version of the openssl110h packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key.(CVE-2018-0735)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-24T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-1981)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0735"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl110h", "p-cpe:/a:huawei:euleros:openssl110h-devel", "p-cpe:/a:huawei:euleros:openssl110h-libs", "p-cpe:/a:huawei:euleros:openssl110h-static", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1981.NASL", "href": "https://www.tenable.com/plugins/nessus/129175", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129175);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0735\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-1981)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl110h packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - The OpenSSL ECDSA signature algorithm has been shown to\n be vulnerable to a timing side channel attack. An\n attacker could use variations in the signing algorithm\n to recover the private key.(CVE-2018-0735)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1981\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a4466dd9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl110h package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110h\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110h-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110h-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110h-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl110h-1.1.0h-3.h9.eulerosv2r7\",\n \"openssl110h-devel-1.1.0h-3.h9.eulerosv2r7\",\n \"openssl110h-libs-1.1.0h-3.h9.eulerosv2r7\",\n \"openssl110h-static-1.1.0h-3.h9.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl110h\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T17:01:09", "description": "According to the version of the nss-softokn packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.(CVE-2018-0495)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : nss-softokn (EulerOS-SA-2019-2175)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:nss-softokn", "p-cpe:/a:huawei:euleros:nss-softokn-devel", "p-cpe:/a:huawei:euleros:nss-softokn-freebl", "p-cpe:/a:huawei:euleros:nss-softokn-freebl-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2175.NASL", "href": "https://www.tenable.com/plugins/nessus/130637", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130637);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0495\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : nss-softokn (EulerOS-SA-2019-2175)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the nss-softokn packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a\n memory-cache side-channel attack on ECDSA signatures\n that can be mitigated through the use of blinding\n during the signing process in the _gcry_ecc_ecdsa_sign\n function in cipher/ecc-ecdsa.c, aka the Return Of the\n Hidden Number Problem or ROHNP. To discover an ECDSA\n key, the attacker needs access to either the local\n machine or a different virtual machine on the same\n physical host.(CVE-2018-0495)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2175\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f273ee3a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss-softokn package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"nss-softokn-3.36.0-5.h7.eulerosv2r7\",\n \"nss-softokn-devel-3.36.0-5.h7.eulerosv2r7\",\n \"nss-softokn-freebl-3.36.0-5.h7.eulerosv2r7\",\n \"nss-softokn-freebl-devel-3.36.0-5.h7.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss-softokn\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:23:26", "description": "New libgcrypt packages are available for Slackware 14.2 and -current to fix a security issue.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-06-14T00:00:00", "type": "nessus", "title": "Slackware 14.2 / current : libgcrypt (SSA:2018-164-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2018-09-06T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:libgcrypt", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2018-164-01.NASL", "href": "https://www.tenable.com/plugins/nessus/110528", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2018-164-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110528);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/09/06 14:40:25\");\n\n script_cve_id(\"CVE-2018-0495\");\n script_xref(name:\"SSA\", value:\"2018-164-01\");\n script_xref(name:\"IAVA\", value:\"2018-A-0203\");\n\n script_name(english:\"Slackware 14.2 / current : libgcrypt (SSA:2018-164-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New libgcrypt packages are available for Slackware 14.2 and -current\nto fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.353626\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?662c43aa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/14\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"libgcrypt\", pkgver:\"1.7.10\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.7.10\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"libgcrypt\", pkgver:\"1.8.3\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"libgcrypt\", pkgver:\"1.8.3\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:slackware_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:23:08", "description": "GnuPG reports :\n\nMitigate a local side-channel attack on ECDSA signature as described in the white paper 'Return on the Hidden Number Problem'.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-06-14T00:00:00", "type": "nessus", "title": "FreeBSD : libgcrypt -- side-channel attack vulnerability (9b5162de-6f39-11e8-818e-e8e0b747a45a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2019-10-11T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libgcrypt", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_9B5162DE6F3911E8818EE8E0B747A45A.NASL", "href": "https://www.tenable.com/plugins/nessus/110521", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110521);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/11 10:17:50\");\n\n script_cve_id(\"CVE-2018-0495\");\n\n script_name(english:\"FreeBSD : libgcrypt -- side-channel attack vulnerability (9b5162de-6f39-11e8-818e-e8e0b747a45a)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"GnuPG reports :\n\nMitigate a local side-channel attack on ECDSA signature as described\nin the white paper 'Return on the Hidden Number Problem'.\"\n );\n # https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c9caa872\"\n );\n # https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.7.4-relnotes.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e560c0be\"\n );\n # https://vuxml.freebsd.org/freebsd/9b5162de-6f39-11e8-818e-e8e0b747a45a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fae363a1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libgcrypt<1.8.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:23:45", "description": "It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-06-18T00:00:00", "type": "nessus", "title": "Debian DSA-4231-1 : libgcrypt20 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libgcrypt20", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4231.NASL", "href": "https://www.tenable.com/plugins/nessus/110572", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4231. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110572);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-0495\");\n script_xref(name:\"DSA\", value:\"4231\");\n\n script_name(english:\"Debian DSA-4231-1 : libgcrypt20 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Libgcrypt is prone to a local side-channel\nattack allowing recovery of ECDSA private keys.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/libgcrypt20\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/libgcrypt20\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4231\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libgcrypt20 packages.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 1.7.6-2+deb9u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libgcrypt-mingw-w64-dev\", reference:\"1.7.6-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libgcrypt11-dev\", reference:\"1.7.6-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libgcrypt20\", reference:\"1.7.6-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libgcrypt20-dev\", reference:\"1.7.6-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libgcrypt20-doc\", reference:\"1.7.6-2+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libgcrypt20-udeb\", reference:\"1.7.6-2+deb9u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:23:46", "description": "Keegan Ryan discovered that Libgcrypt was susceptible to a side-channel attack. A local attacker could possibly use this attack to recover ECDSA private keys.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-06-20T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : Libgcrypt vulnerability (USN-3689-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libgcrypt11", "p-cpe:/a:canonical:ubuntu_linux:libgcrypt20", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-3689-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110623", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3689-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110623);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-0495\");\n script_xref(name:\"USN\", value:\"3689-1\");\n script_xref(name:\"IAVA\", value:\"2018-A-0203\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : Libgcrypt vulnerability (USN-3689-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Keegan Ryan discovered that Libgcrypt was susceptible to a\nside-channel attack. A local attacker could possibly use this attack\nto recover ECDSA private keys.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3689-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libgcrypt11 and / or libgcrypt20 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgcrypt11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|17\\.10|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 17.10 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libgcrypt11\", pkgver:\"1.5.3-2ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libgcrypt20\", pkgver:\"1.6.5-2ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"libgcrypt20\", pkgver:\"1.7.8-2ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libgcrypt20\", pkgver:\"1.8.1-4ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt11 / libgcrypt20\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:18:12", "description": "This update for libgcrypt fixes the following issue :\n\nThe following security issue was fixed :\n\n - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures (bsc#1097410)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libgcrypt (openSUSE-2019-540)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libgcrypt-cavs", "p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-debugsource", "p-cpe:/a:novell:opensuse:libgcrypt-devel", "p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit", "p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20", "p-cpe:/a:novell:opensuse:libgcrypt20-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-540.NASL", "href": "https://www.tenable.com/plugins/nessus/123229", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-540.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123229);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0495\");\n\n script_name(english:\"openSUSE Security Update : libgcrypt (openSUSE-2019-540)\");\n script_summary(english:\"Check for the openSUSE-2019-540 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libgcrypt fixes the following issue :\n\nThe following security issue was fixed :\n\n - CVE-2018-0495: Fixed a novel side-channel attack, by\n enabling blinding for ECDSA signatures (bsc#1097410)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097410\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-cavs-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-cavs-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-debugsource-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-devel-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-devel-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt20-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt20-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt20-hmac-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt-devel-32bit-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt-devel-32bit-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt20-hmac-32bit-1.8.2-lp150.5.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt-cavs / libgcrypt-cavs-debuginfo / libgcrypt-debugsource / etc\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:25:23", "description": "It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.6.3-2+deb8u5.\n\nWe recommend that you upgrade your libgcrypt20 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-07-02T00:00:00", "type": "nessus", "title": "Debian DLA-1405-1 : libgcrypt20 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libgcrypt11-dev", "p-cpe:/a:debian:debian_linux:libgcrypt20", "p-cpe:/a:debian:debian_linux:libgcrypt20-dbg", "p-cpe:/a:debian:debian_linux:libgcrypt20-dev", "p-cpe:/a:debian:debian_linux:libgcrypt20-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1405.NASL", "href": "https://www.tenable.com/plugins/nessus/110814", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1405-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110814);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-0495\");\n\n script_name(english:\"Debian DLA-1405-1 : libgcrypt20 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Libgcrypt is prone to a local side-channel\nattack allowing recovery of ECDSA private keys.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.6.3-2+deb8u5.\n\nWe recommend that you upgrade your libgcrypt20 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/06/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libgcrypt20\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt11-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt20-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt20-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgcrypt20-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt11-dev\", reference:\"1.6.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt20\", reference:\"1.6.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt20-dbg\", reference:\"1.6.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt20-dev\", reference:\"1.6.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgcrypt20-doc\", reference:\"1.6.3-2+deb8u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:23:05", "description": "Minor security update to version 1.8.3 from upstream.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-06-18T00:00:00", "type": "nessus", "title": "Fedora 27 : libgcrypt (2018-6788454ab6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libgcrypt", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-6788454AB6.NASL", "href": "https://www.tenable.com/plugins/nessus/110575", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-6788454ab6.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110575);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-0495\");\n script_xref(name:\"FEDORA\", value:\"2018-6788454ab6\");\n\n script_name(english:\"Fedora 27 : libgcrypt (2018-6788454ab6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor security update to version 1.8.3 from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-6788454ab6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"libgcrypt-1.8.3-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:11:01", "description": "Minor security update to version 1.8.3 from upstream.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : libgcrypt (2018-1ea5beb4cf)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libgcrypt", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-1EA5BEB4CF.NASL", "href": "https://www.tenable.com/plugins/nessus/120278", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-1ea5beb4cf.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120278);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-0495\");\n script_xref(name:\"FEDORA\", value:\"2018-1ea5beb4cf\");\n\n script_name(english:\"Fedora 28 : libgcrypt (2018-1ea5beb4cf)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor security update to version 1.8.3 from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ea5beb4cf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"libgcrypt-1.8.3-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:15:59", "description": "An update of the libgcrypt package has been released.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Libgcrypt PHSA-2018-2.0-0091", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libgcrypt", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2018-2_0-0091_LIBGCRYPT.NASL", "href": "https://www.tenable.com/plugins/nessus/121992", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-2.0-0091. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121992);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2018-0495\");\n\n script_name(english:\"Photon OS 2.0: Libgcrypt PHSA-2018-2.0-0091\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libgcrypt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-91.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0495\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libgcrypt-1.8.1-2.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libgcrypt-debuginfo-1.8.1-2.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libgcrypt-devel-1.8.1-2.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:25:24", "description": "This update for libgcrypt fixes the following issue :\n\nThe following security issue was fixed :\n\n - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures (bsc#1097410)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-07-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libgcrypt (openSUSE-2018-769)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libgcrypt-cavs", "p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-debugsource", "p-cpe:/a:novell:opensuse:libgcrypt-devel", "p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit", "p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20", "p-cpe:/a:novell:opensuse:libgcrypt20-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-769.NASL", "href": "https://www.tenable.com/plugins/nessus/111421", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-769.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111421);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0495\");\n script_xref(name:\"IAVA\", value:\"2018-A-0203\");\n\n script_name(english:\"openSUSE Security Update : libgcrypt (openSUSE-2018-769)\");\n script_summary(english:\"Check for the openSUSE-2018-769 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libgcrypt fixes the following issue :\n\nThe following security issue was fixed :\n\n - CVE-2018-0495: Fixed a novel side-channel attack, by\n enabling blinding for ECDSA signatures (bsc#1097410)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097410\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-cavs-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-cavs-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-debugsource-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-devel-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt-devel-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt20-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt20-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libgcrypt20-hmac-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt-devel-32bit-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt-devel-32bit-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-debuginfo-1.8.2-lp150.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libgcrypt20-hmac-32bit-1.8.2-lp150.5.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt-cavs / libgcrypt-cavs-debuginfo / libgcrypt-debugsource / etc\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:28:06", "description": "This update for libgcrypt fixes the following issues :\n\nThe following security vulnerability was addressed :\n\n - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures (bsc#1097410).\n\nThe following other issues were fixed :\n\n - Extended the fipsdrv dsa-sign and dsa-verify commands with the\n\n --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455).\n\n - Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-08-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libgcrypt (openSUSE-2018-795)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libgcrypt-cavs", "p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-debugsource", "p-cpe:/a:novell:opensuse:libgcrypt-devel", "p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit", "p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20", "p-cpe:/a:novell:opensuse:libgcrypt20-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo", "p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac", "p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-795.NASL", "href": "https://www.tenable.com/plugins/nessus/111545", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-795.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111545);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0495\");\n script_xref(name:\"IAVA\", value:\"2018-A-0203\");\n\n script_name(english:\"openSUSE Security Update : libgcrypt (openSUSE-2018-795)\");\n script_summary(english:\"Check for the openSUSE-2018-795 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libgcrypt fixes the following issues :\n\nThe following security vulnerability was addressed :\n\n - CVE-2018-0495: Mitigate a novel side-channel attack by\n enabling blinding for ECDSA signatures (bsc#1097410).\n\nThe following other issues were fixed :\n\n - Extended the fipsdrv dsa-sign and dsa-verify commands\n with the\n\n --algo parameter for the FIPS testing of DSA SigVer and\n SigGen (bsc#1064455).\n\n - Ensure libgcrypt20-hmac and libgcrypt20 are installed in\n the correct order. (bsc#1090766)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1064455\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1090766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097410\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libgcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libgcrypt-cavs-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libgcrypt-cavs-debuginfo-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libgcrypt-debugsource-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libgcrypt-devel-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libgcrypt-devel-debuginfo-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libgcrypt20-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libgcrypt20-debuginfo-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libgcrypt20-hmac-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libgcrypt-devel-32bit-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libgcrypt-devel-debuginfo-32bit-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libgcrypt20-hmac-32bit-1.6.1-45.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt-cavs / libgcrypt-cavs-debuginfo / libgcrypt-debugsource / etc\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:33:35", "description": "This update for libgcrypt fixes the following issues :\n\nThe following security vulnerability was addressed :\n\nCVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures (bsc#1097410).\n\nThe following other issues were fixed: Extended the fipsdrv dsa-sign and dsa-verify commands with the\n\n--algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455).\n\nEnsure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-26T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2018:2452-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-02-23T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgcrypt-debugsource", "p-cpe:/a:novell:suse_linux:libgcrypt20", "p-cpe:/a:novell:suse_linux:libgcrypt20-debuginfo", "p-cpe:/a:novell:suse_linux:libgcrypt20-hmac", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2452-2.NASL", "href": "https://www.tenable.com/plugins/nessus/119142", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2452-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119142);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/23\");\n\n script_cve_id(\"CVE-2018-0495\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2018:2452-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libgcrypt fixes the following issues :\n\nThe following security vulnerability was addressed :\n\nCVE-2018-0495: Mitigate a novel side-channel attack by enabling\nblinding for ECDSA signatures (bsc#1097410).\n\nThe following other issues were fixed: Extended the fipsdrv dsa-sign\nand dsa-verify commands with the\n\n--algo parameter for the FIPS testing of DSA SigVer and SigGen\n(bsc#1064455).\n\nEnsure libgcrypt20-hmac and libgcrypt20 are installed in the correct\norder. (bsc#1090766)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064455\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0495/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182452-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e6538cdd\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2018-1697=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-1697=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-1697=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-1697=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2018-1697=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-1697=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1697=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libgcrypt-debugsource-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libgcrypt20-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libgcrypt20-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libgcrypt20-debuginfo-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libgcrypt20-hmac-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libgcrypt20-hmac-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt-debugsource-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-debuginfo-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-hmac-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-hmac-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libgcrypt-debugsource-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libgcrypt20-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt-debugsource-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt20-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-1.6.1-16.62.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-16.62.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:12:44", "description": "This update for libgcrypt fixes the following issue: The following security issue was fixed :\n\n - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures (bsc#1097410)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : libgcrypt (SUSE-SU-2018:1993-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2020-03-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgcrypt-debugsource", "p-cpe:/a:novell:suse_linux:libgcrypt-devel", "p-cpe:/a:novell:suse_linux:libgcrypt-devel-debuginfo", "p-cpe:/a:novell:suse_linux:libgcrypt20", "p-cpe:/a:novell:suse_linux:libgcrypt20-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libgcrypt20-debuginfo", "p-cpe:/a:novell:suse_linux:libgcrypt20-hmac", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-1993-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120054", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1993-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120054);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/20\");\n\n script_cve_id(\"CVE-2018-0495\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libgcrypt (SUSE-SU-2018:1993-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libgcrypt fixes the following issue: The following\nsecurity issue was fixed :\n\n - CVE-2018-0495: Fixed a novel side-channel attack, by\n enabling blinding for ECDSA signatures (bsc#1097410)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0495/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181993-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8cd358a4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-1347=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-debuginfo-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libgcrypt20-hmac-32bit-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libgcrypt-debugsource-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libgcrypt-devel-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libgcrypt-devel-debuginfo-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libgcrypt20-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libgcrypt20-debuginfo-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libgcrypt20-hmac-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-debuginfo-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libgcrypt20-hmac-32bit-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libgcrypt-debugsource-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libgcrypt-devel-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libgcrypt-devel-debuginfo-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libgcrypt20-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libgcrypt20-debuginfo-1.8.2-6.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libgcrypt20-hmac-1.8.2-6.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:24:43", "description": "This update for libgcrypt fixes the following issues: The following security vulnerability was addressed :\n\n - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures (bsc#1097410).\n The following other issues were fixed :\n\n - Extended the fipsdrv dsa-sign and dsa-verify commands with the\n\n --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455).\n\n - Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-07-30T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2018:2089-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libgcrypt-debugsource", "p-cpe:/a:novell:suse_linux:libgcrypt20", "p-cpe:/a:novell:suse_linux:libgcrypt20-debuginfo", "p-cpe:/a:novell:suse_linux:libgcrypt20-hmac", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2089-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111439", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2089-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111439);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-0495\");\n script_xref(name:\"IAVA\", value:\"2018-A-0203\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2018:2089-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libgcrypt fixes the following issues: The following\nsecurity vulnerability was addressed :\n\n - CVE-2018-0495: Mitigate a novel side-channel attack by\n enabling blinding for ECDSA signatures (bsc#1097410).\n The following other issues were fixed :\n\n - Extended the fipsdrv dsa-sign and dsa-verify commands\n with the\n\n --algo parameter for the FIPS testing of DSA SigVer and\n SigGen (bsc#1064455).\n\n - Ensure libgcrypt20-hmac and libgcrypt20 are installed in\n the correct order. (bsc#1090766)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064455\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0495/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182089-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c299d54\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-1413=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-1413=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-1413=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1413=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libgcrypt20-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt-debugsource-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-32bit-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-debuginfo-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-hmac-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libgcrypt20-hmac-32bit-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt-debugsource-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt20-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt20-32bit-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-1.6.1-16.55.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libgcrypt20-debuginfo-32bit-1.6.1-16.55.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:15:06", "description": "An update of the libgcrypt package has been released.", "cvss3": {"score": 4.7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Libgcrypt PHSA-2018-1.0-0182", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libgcrypt", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0182_LIBGCRYPT.NASL", "href": "https://www.tenable.com/plugins/nessus/121886", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0182. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121886);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2018-0495\");\n\n script_name(english:\"Photon OS 1.0: Libgcrypt PHSA-2018-1.0-0182\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libgcrypt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-182.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0495\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libgcrypt-1.7.6-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libgcrypt-debuginfo-1.7.6-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libgcrypt-devel-1.7.6-4.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-16T15:15:36", "description": "According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).(CVE-2018-0734)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-06-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : openssl (EulerOS-SA-2019-1654)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "p-cpe:/a:huawei:euleros:openssl-perl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1654.NASL", "href": "https://www.tenable.com/plugins/nessus/126281", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126281);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0734\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : openssl (EulerOS-SA-2019-1654)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - The OpenSSL DSA signature algorithm has been shown to\n be vulnerable to a timing side channel attack. An\n attacker could use variations in the signing algorithm\n to recover the private key. Fixed in OpenSSL 1.1.1a\n (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected\n 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected\n 1.0.2-1.0.2p).(CVE-2018-0734)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1654\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b1f7f950\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1-3.h4.eulerosv2r8\",\n \"openssl-devel-1.1.1-3.h4.eulerosv2r8\",\n \"openssl-libs-1.1.1-3.h4.eulerosv2r8\",\n \"openssl-perl-1.1.1-3.h4.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-16T15:12:33", "description": "According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. (CVE-2018-0734)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-07-23T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1755)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1755.NASL", "href": "https://www.tenable.com/plugins/nessus/126931", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126931);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0734\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1755)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - The OpenSSL DSA signature algorithm has been shown to\n be vulnerable to a timing side channel attack. An\n attacker could use variations in the signing algorithm\n to recover the private key. (CVE-2018-0734)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1755\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?148be7ba\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h6.eulerosv2r7\",\n \"openssl-devel-1.0.2k-16.h6.eulerosv2r7\",\n \"openssl-libs-1.0.2k-16.h6.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:11:59", "description": "The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. (CVE-2018-0734)", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-25T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : openssl (ALAS-2019-1153)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734"], "modified": "2020-02-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-libs", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1153.NASL", "href": "https://www.tenable.com/plugins/nessus/121366", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1153.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121366);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/20\");\n\n script_cve_id(\"CVE-2018-0734\");\n script_xref(name:\"ALAS\", value:\"2019-1153\");\n\n script_name(english:\"Amazon Linux 2 : openssl (ALAS-2019-1153)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The OpenSSL DSA signature algorithm has been shown to be vulnerable to\na timing side channel attack. An attacker could use variations in the\nsigning algorithm to recover the private key. (CVE-2018-0734)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1153.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"openssl-1.0.2k-16.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-debuginfo-1.0.2k-16.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-devel-1.0.2k-16.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-libs-1.0.2k-16.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-perl-1.0.2k-16.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-static-1.0.2k-16.amzn2.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-16T13:54:53", "description": "An update of the nodejs package has been released.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-06-10T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Nodejs PHSA-2020-1.0-0298", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734"], "modified": "2020-06-11T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:nodejs", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2020-1_0-0298_NODEJS.NASL", "href": "https://www.tenable.com/plugins/nessus/137321", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-1.0-0298. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137321);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/11\");\n\n script_cve_id(\"CVE-2018-0734\");\n script_bugtraq_id(105758);\n\n script_name(english:\"Photon OS 1.0: Nodejs PHSA-2020-1.0-0298\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the nodejs package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-298.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"nodejs-8.11.4-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"nodejs-devel-8.11.4-4.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:24:03", "description": "The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. (CVE-2018-0734)", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-03-26T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : openssl (ALAS-2019-1153)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1153.NASL", "href": "https://www.tenable.com/plugins/nessus/123081", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1153.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123081);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2018-0734\");\n script_xref(name:\"ALAS\", value:\"2019-1153\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2019-1153)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The OpenSSL DSA signature algorithm has been shown to be vulnerable to\na timing side channel attack. An attacker could use variations in the\nsigning algorithm to recover the private key. (CVE-2018-0734)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1153.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.2k-16.148.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.2k-16.148.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.2k-16.148.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.2k-16.148.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.2k-16.148.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-16T14:54:54", "description": "According to the version of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).(CVE-2018-0734)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-17T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : openssl (EulerOS-SA-2019-1943)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2019-1943.NASL", "href": "https://www.tenable.com/plugins/nessus/128946", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128946);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0734\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : openssl (EulerOS-SA-2019-1943)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerability :\n\n - The OpenSSL DSA signature algorithm has been shown to\n be vulnerable to a timing side channel attack. An\n attacker could use variations in the signing algorithm\n to recover the private key. Fixed in OpenSSL 1.1.1a\n (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected\n 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected\n 1.0.2-1.0.2p).(CVE-2018-0734)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1943\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7f73f64e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h6\",\n \"openssl-devel-1.0.2k-16.h6\",\n \"openssl-libs-1.0.2k-16.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-16T14:56:18", "description": "According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. (CVE-2018-0734)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-24T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-2008)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2008.NASL", "href": "https://www.tenable.com/plugins/nessus/129201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129201);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0734\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-2008)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - The OpenSSL DSA signature algorithm has been shown to\n be vulnerable to a timing side channel attack. An\n attacker could use variations in the signing algorithm\n to recover the private key. (CVE-2018-0734)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2008\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d6b90de\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h7\",\n \"openssl-devel-1.0.2k-16.h7\",\n \"openssl-libs-1.0.2k-16.h7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-25T16:34:07", "description": "CVE-2018-0735 Samuel Weiser reported a timing vulnerability in the OpenSSL ECDSA signature generation, which might leak information to recover the private key.\n\nCVE-2018-5407 Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and Nicola Tuveri reported a vulnerability to a timing side channel attack, which might be used to recover the private key.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.0.1t-1+deb8u10.\n\nWe recommend that you upgrade your openssl packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-23T00:00:00", "type": "nessus", "title": "Debian DLA-1586-1 : openssl security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0735", "CVE-2018-5407"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libcrypto1.0.0-udeb", "p-cpe:/a:debian:debian_linux:libssl-dev", "p-cpe:/a:debian:debian_linux:libssl-doc", "p-cpe:/a:debian:debian_linux:libssl1.0.0", "p-cpe:/a:debian:debian_linux:libssl1.0.0-dbg", "p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1586.NASL", "href": "https://www.tenable.com/plugins/nessus/119103", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1586-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119103);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-0735\", \"CVE-2018-5407\");\n\n script_name(english:\"Debian DLA-1586-1 : openssl security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2018-0735 Samuel Weiser reported a timing vulnerability in the\nOpenSSL ECDSA signature generation, which might leak information to\nrecover the private key.\n\nCVE-2018-5407 Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul\nHassan, Cesar Pereida Garcia and Nicola Tuveri reported a\nvulnerability to a timing side channel attack, which might be used to\nrecover the private key.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.0.1t-1+deb8u10.\n\nWe recommend that you upgrade your openssl packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/openssl\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrypto1.0.0-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl1.0.0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libcrypto1.0.0-udeb\", reference:\"1.0.1t-1+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl-dev\", reference:\"1.0.1t-1+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl-doc\", reference:\"1.0.1t-1+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl1.0.0\", reference:\"1.0.1t-1+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl1.0.0-dbg\", reference:\"1.0.1t-1+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openssl\", reference:\"1.0.1t-1+deb8u10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:36:34", "description": "According to the versions of the nss-softokn packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.(CVE-2018-12404)\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.(CVE-2018-0495)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-07-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : nss-softokn (EulerOS-SA-2020-1754)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:nss-softokn", "p-cpe:/a:huawei:euleros:nss-softokn-freebl", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-1754.NASL", "href": "https://www.tenable.com/plugins/nessus/137973", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137973);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0495\",\n \"CVE-2018-12404\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : nss-softokn (EulerOS-SA-2020-1754)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the nss-softokn packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A cached side channel attack during handshakes using\n RSA encryption could allow for the decryption of\n encrypted content. This is a variant of the Adaptive\n Chosen Ciphertext attack (AKA Bleichenbacher attack)\n and affects all NSS versions prior to NSS\n 3.41.(CVE-2018-12404)\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a\n memory-cache side-channel attack on ECDSA signatures\n that can be mitigated through the use of blinding\n during the signing process in the _gcry_ecc_ecdsa_sign\n function in cipher/ecc-ecdsa.c, aka the Return Of the\n Hidden Number Problem or ROHNP. To discover an ECDSA\n key, the attacker needs access to either the local\n machine or a different virtual machine on the same\n physical host.(CVE-2018-0495)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1754\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4d0884bd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss-softokn packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"nss-softokn-3.36.0-5.h8.eulerosv2r7\",\n \"nss-softokn-freebl-3.36.0-5.h8.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss-softokn\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:29:50", "description": "According to the versions of the nss-softokn packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.(CVE-2018-12404)\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.(CVE-2018-0495)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-03-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : nss-softokn (EulerOS-SA-2020-1252)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:nss-softokn", "p-cpe:/a:huawei:euleros:nss-softokn-freebl", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1252.NASL", "href": "https://www.tenable.com/plugins/nessus/134541", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134541);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0495\",\n \"CVE-2018-12404\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : nss-softokn (EulerOS-SA-2020-1252)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the nss-softokn packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - A cached side channel attack during handshakes using\n RSA encryption could allow for the decryption of\n encrypted content. This is a variant of the Adaptive\n Chosen Ciphertext attack (AKA Bleichenbacher attack)\n and affects all NSS versions prior to NSS\n 3.41.(CVE-2018-12404)\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a\n memory-cache side-channel attack on ECDSA signatures\n that can be mitigated through the use of blinding\n during the signing process in the _gcry_ecc_ecdsa_sign\n function in cipher/ecc-ecdsa.c, aka the Return Of the\n Hidden Number Problem or ROHNP. To discover an ECDSA\n key, the attacker needs access to either the local\n machine or a different virtual machine on the same\n physical host.(CVE-2018-0495)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1252\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d4596e2c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss-softokn packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"nss-softokn-3.36.0-5.h8\",\n \"nss-softokn-freebl-3.36.0-5.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss-softokn\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-04-24T16:24:07", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1267 advisory.\n\n - ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n - nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-01T00:00:00", "type": "nessus", "title": "RHEL 7 : nss-softokn (RHSA-2020:1267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2019-11745"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:rhel_eus:7.5", "p-cpe:/a:redhat:enterprise_linux:nss-softokn", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel"], "id": "REDHAT-RHSA-2020-1267.NASL", "href": "https://www.tenable.com/plugins/nessus/135092", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1267. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135092);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2019-11745\");\n script_bugtraq_id(107967);\n script_xref(name:\"RHSA\", value:\"2020:1267\");\n script_xref(name:\"IAVA\", value:\"2018-A-0203\");\n script_xref(name:\"IAVA\", value:\"2019-A-0128\");\n script_xref(name:\"IAVA\", value:\"2019-A-0438-S\");\n\n script_name(english:\"RHEL 7 : nss-softokn (RHSA-2020:1267)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1267 advisory.\n\n - ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n - nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate\n (CVE-2019-11745)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-0495\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1591163\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1774831\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11745\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.5')) audit(AUDIT_OS_NOT, 'Red Hat 7.5', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_eus_7_5_computenode': [\n 'rhel-7-hpc-node-eus-debug-rpms',\n 'rhel-7-hpc-node-eus-debug-rpms__7_DOT_5__x86_64',\n 'rhel-7-hpc-node-eus-optional-debug-rpms',\n 'rhel-7-hpc-node-eus-optional-debug-rpms__7_DOT_5__x86_64',\n 'rhel-7-hpc-node-eus-optional-rpms',\n 'rhel-7-hpc-node-eus-optional-rpms__7_DOT_5__x86_64',\n 'rhel-7-hpc-node-eus-optional-source-rpms',\n 'rhel-7-hpc-node-eus-optional-source-rpms__7_DOT_5__x86_64',\n 'rhel-7-hpc-node-eus-rpms',\n 'rhel-7-hpc-node-eus-rpms__7_DOT_5__x86_64',\n 'rhel-7-hpc-node-eus-source-rpms',\n 'rhel-7-hpc-node-eus-source-rpms__7_DOT_5__x86_64'\n ],\n 'rhel_eus_7_5_server': [\n 'rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-7-for-system-z-eus-debug-rpms__7_DOT_5__s390x',\n 'rhel-7-for-system-z-eus-optional-debug-rpms',\n 'rhel-7-for-system-z-eus-optional-debug-rpms__7_DOT_5__s390x',\n 'rhel-7-for-system-z-eus-optional-rpms',\n 'rhel-7-for-system-z-eus-optional-rpms__7_DOT_5__s390x',\n 'rhel-7-for-system-z-eus-optional-source-rpms',\n 'rhel-7-for-system-z-eus-optional-source-rpms__7_DOT_5__s390x',\n 'rhel-7-for-system-z-eus-rpms',\n 'rhel-7-for-system-z-eus-rpms__7_DOT_5__s390x',\n 'rhel-7-for-system-z-eus-source-rpms',\n 'rhel-7-for-system-z-eus-source-rpms__7_DOT_5__s390x',\n 'rhel-7-server-eus-debug-rpms',\n 'rhel-7-server-eus-debug-rpms__7_DOT_5__x86_64',\n 'rhel-7-server-eus-optional-debug-rpms',\n 'rhel-7-server-eus-optional-debug-rpms__7_DOT_5__x86_64',\n 'rhel-7-server-eus-optional-rpms',\n 'rhel-7-server-eus-optional-rpms__7_DOT_5__x86_64',\n 'rhel-7-server-eus-optional-source-rpms',\n 'rhel-7-server-eus-optional-source-rpms__7_DOT_5__x86_64',\n 'rhel-7-server-eus-rpms',\n 'rhel-7-server-eus-rpms__7_DOT_5__x86_64',\n 'rhel-7-server-eus-source-rpms',\n 'rhel-7-server-eus-source-rpms__7_DOT_5__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms__7_DOT_5__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-rpms',\n 'rhel-ha-for-rhel-7-server-eus-rpms__7_DOT_5__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms__7_DOT_5__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms__7_DOT_5__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-rpms',\n 'rhel-rs-for-rhel-7-server-eus-rpms__7_DOT_5__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms__7_DOT_5__x86_64'\n ],\n 'rhel_extras_sap_eus_7_5': [\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms__7_DOT_5__s390x',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms__7_DOT_5__s390x',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms__7_DOT_5__s390x',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms__7_DOT_5__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms__7_DOT_5__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms__7_DOT_5__x86_64'\n ],\n 'rhel_extras_sap_hana_eus_7_5': [\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms__7_DOT_5__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms__7_DOT_5__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms__7_DOT_5__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'nss-softokn-3.36.0-6.el7_5', 'sp':'5', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-3.36.0-6.el7_5', 'sp':'5', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-3.36.0-6.el7_5', 'sp':'5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-3.36.0-6.el7_5', 'sp':'5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-devel-3.36.0-6.el7_5', 'sp':'5', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-devel-3.36.0-6.el7_5', 'sp':'5', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-devel-3.36.0-6.el7_5', 'sp':'5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-devel-3.36.0-6.el7_5', 'sp':'5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-freebl-3.36.0-6.el7_5', 'sp':'5', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-freebl-3.36.0-6.el7_5', 'sp':'5', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-freebl-3.36.0-6.el7_5', 'sp':'5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-freebl-3.36.0-6.el7_5', 'sp':'5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-freebl-devel-3.36.0-6.el7_5', 'sp':'5', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-freebl-devel-3.36.0-6.el7_5', 'sp':'5', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-freebl-devel-3.36.0-6.el7_5', 'sp':'5', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']},\n {'reference':'nss-softokn-freebl-devel-3.36.0-6.el7_5', 'sp':'5', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_eus_7_5_computenode', 'rhel_eus_7_5_server', 'rhel_extras_sap_eus_7_5', 'rhel_extras_sap_hana_eus_7_5']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Extended Update Support repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nss-softokn / nss-softokn-devel / nss-softokn-freebl / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:31:02", "description": "An update of 'libsoup', 'libgcrypt' packages of Photon OS has been released.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-10T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Libgcrypt / Libsoup PHSA-2018-1.0-0182 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12910"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libgcrypt", "p-cpe:/a:vmware:photonos:libsoup", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0182.NASL", "href": "https://www.tenable.com/plugins/nessus/117396", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0182. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117396);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12910\");\n\n script_name(english:\"Photon OS 1.0: Libgcrypt / Libsoup PHSA-2018-1.0-0182 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of 'libsoup', 'libgcrypt' packages of Photon OS has been\nreleased.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-182\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12910\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"libgcrypt-1.7.6-4.ph1\",\n \"libgcrypt-debuginfo-1.7.6-4.ph1\",\n \"libgcrypt-devel-1.7.6-4.ph1\",\n \"libsoup-2.53.90-4.ph1\",\n \"libsoup-debuginfo-2.53.90-4.ph1\",\n \"libsoup-devel-2.53.90-4.ph1\",\n \"libsoup-doc-2.53.90-4.ph1\",\n \"libsoup-lang-2.53.90-4.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt / libsoup\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:03:14", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has nss packages installed that are affected by multiple vulnerabilities:\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.\n (CVE-2018-0495)\n\n - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.\n (CVE-2018-12404)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : nss Multiple Vulnerabilities (NS-SA-2019-0236)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0236_NSS.NASL", "href": "https://www.tenable.com/plugins/nessus/132493", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0236. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132493);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12404\");\n script_bugtraq_id(107260, 107967);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : nss Multiple Vulnerabilities (NS-SA-2019-0236)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has nss packages installed that are affected by\nmultiple vulnerabilities:\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a\n memory-cache side-channel attack on ECDSA signatures\n that can be mitigated through the use of blinding during\n the signing process in the _gcry_ecc_ecdsa_sign function\n in cipher/ecc-ecdsa.c, aka the Return Of the Hidden\n Number Problem or ROHNP. To discover an ECDSA key, the\n attacker needs access to either the local machine or a\n different virtual machine on the same physical host.\n (CVE-2018-0495)\n\n - A cached side channel attack during handshakes using RSA\n encryption could allow for the decryption of encrypted\n content. This is a variant of the Adaptive Chosen\n Ciphertext attack (AKA Bleichenbacher attack) and\n affects all NSS versions prior to NSS 3.41.\n (CVE-2018-12404)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0236\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL nss packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12404\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"nss-3.44.0-4.el7.cgslv5_5.0.1.g5e23389.lite\",\n \"nss-debuginfo-3.44.0-4.el7.cgslv5_5.0.1.g5e23389.lite\",\n \"nss-devel-3.44.0-4.el7.cgslv5_5.0.1.g5e23389.lite\",\n \"nss-pkcs11-devel-3.44.0-4.el7.cgslv5_5.0.1.g5e23389.lite\",\n \"nss-sysinit-3.44.0-4.el7.cgslv5_5.0.1.g5e23389.lite\",\n \"nss-tools-3.44.0-4.el7.cgslv5_5.0.1.g5e23389.lite\"\n ],\n \"CGSL MAIN 5.05\": [\n \"nss-3.44.0-4.el7.cgslv5_5\",\n \"nss-debuginfo-3.44.0-4.el7.cgslv5_5\",\n \"nss-devel-3.44.0-4.el7.cgslv5_5\",\n \"nss-pkcs11-devel-3.44.0-4.el7.cgslv5_5\",\n \"nss-sysinit-3.44.0-4.el7.cgslv5_5\",\n \"nss-tools-3.44.0-4.el7.cgslv5_5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:57:18", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has nss packages installed that are affected by multiple vulnerabilities:\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.\n (CVE-2018-0495)\n\n - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.\n (CVE-2018-12404)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : nss Multiple Vulnerabilities (NS-SA-2019-0193)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0193_NSS.NASL", "href": "https://www.tenable.com/plugins/nessus/129915", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0193. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129915);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12404\");\n script_bugtraq_id(107260);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : nss Multiple Vulnerabilities (NS-SA-2019-0193)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has nss packages installed that are affected by\nmultiple vulnerabilities:\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a\n memory-cache side-channel attack on ECDSA signatures\n that can be mitigated through the use of blinding during\n the signing process in the _gcry_ecc_ecdsa_sign function\n in cipher/ecc-ecdsa.c, aka the Return Of the Hidden\n Number Problem or ROHNP. To discover an ECDSA key, the\n attacker needs access to either the local machine or a\n different virtual machine on the same physical host.\n (CVE-2018-0495)\n\n - A cached side channel attack during handshakes using RSA\n encryption could allow for the decryption of encrypted\n content. This is a variant of the Adaptive Chosen\n Ciphertext attack (AKA Bleichenbacher attack) and\n affects all NSS versions prior to NSS 3.41.\n (CVE-2018-12404)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0193\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL nss packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12404\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"nss-3.44.0-4.el7.cgslv5.0.1.g7ce2fc0.lite\",\n \"nss-debuginfo-3.44.0-4.el7.cgslv5.0.1.g7ce2fc0.lite\",\n \"nss-devel-3.44.0-4.el7.cgslv5.0.1.g7ce2fc0.lite\",\n \"nss-pkcs11-devel-3.44.0-4.el7.cgslv5.0.1.g7ce2fc0.lite\",\n \"nss-sysinit-3.44.0-4.el7.cgslv5.0.1.g7ce2fc0.lite\",\n \"nss-tools-3.44.0-4.el7.cgslv5.0.1.g7ce2fc0.lite\"\n ],\n \"CGSL MAIN 5.04\": [\n \"nss-3.44.0-4.el7.cgslv5\",\n \"nss-debuginfo-3.44.0-4.el7.cgslv5\",\n \"nss-devel-3.44.0-4.el7.cgslv5\",\n \"nss-pkcs11-devel-3.44.0-4.el7.cgslv5\",\n \"nss-sysinit-3.44.0-4.el7.cgslv5\",\n \"nss-tools-3.44.0-4.el7.cgslv5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-04-25T15:28:02", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1345 advisory.\n\n - ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n - nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-07T00:00:00", "type": "nessus", "title": "RHEL 7 : nss-softokn (RHSA-2020:1345)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2019-11745"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.4", "cpe:/o:redhat:rhel_e4s:7.4", "cpe:/o:redhat:rhel_tus:7.4", "p-cpe:/a:redhat:enterprise_linux:nss-softokn", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel"], "id": "REDHAT-RHSA-2020-1345.NASL", "href": "https://www.tenable.com/plugins/nessus/135250", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1345. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135250);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2019-11745\");\n script_bugtraq_id(107967);\n script_xref(name:\"RHSA\", value:\"2020:1345\");\n script_xref(name:\"IAVA\", value:\"2018-A-0203\");\n script_xref(name:\"IAVA\", value:\"2019-A-0128\");\n script_xref(name:\"IAVA\", value:\"2019-A-0438-S\");\n\n script_name(english:\"RHEL 7 : nss-softokn (RHSA-2020:1345)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1345 advisory.\n\n - ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n - nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate\n (CVE-2019-11745)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-0495\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1591163\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1774831\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11745\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.4')) audit(AUDIT_OS_NOT, 'Red Hat 7.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_7_4_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_4__x86_64'\n ],\n 'rhel_e4s_7_4_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_4__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_4__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_4__x86_64'\n ],\n 'rhel_extras_sap_e4s_7_4': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_4__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_4__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_4__x86_64'\n ],\n 'rhel_extras_sap_hana_e4s_7_4': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_4__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_4__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_4__x86_64'\n ],\n 'rhel_tus_7_4_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_4__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'nss-softokn-3.28.3-9.el7_4', 'sp':'4', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'nss-softokn-3.28.3-9.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'nss-softokn-devel-3.28.3-9.el7_4', 'sp':'4', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'nss-softokn-devel-3.28.3-9.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'nss-softokn-freebl-3.28.3-9.el7_4', 'sp':'4', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'nss-softokn-freebl-3.28.3-9.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'nss-softokn-freebl-devel-3.28.3-9.el7_4', 'sp':'4', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'nss-softokn-freebl-devel-3.28.3-9.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nss-softokn / nss-softokn-devel / nss-softokn-freebl / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:50:52", "description": "An update for nss, nss-softokn, nss-util, and nspr is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nThe following packages have been upgraded to a later upstream version:\nnss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0).\n(BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274)\n\nSecurity Fix(es) :\n\n* ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n* nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "CentOS 7 : nspr / nss / nss-softokn / nss-util (CESA-2019:2237)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:nspr", "p-cpe:/a:centos:centos:nspr-devel", "p-cpe:/a:centos:centos:nss", "p-cpe:/a:centos:centos:nss-devel", "p-cpe:/a:centos:centos:nss-pkcs11-devel", "p-cpe:/a:centos:centos:nss-softokn", "p-cpe:/a:centos:centos:nss-softokn-devel", "p-cpe:/a:centos:centos:nss-softokn-freebl", "p-cpe:/a:centos:centos:nss-softokn-freebl-devel", "p-cpe:/a:centos:centos:nss-sysinit", "p-cpe:/a:centos:centos:nss-tools", "p-cpe:/a:centos:centos:nss-util", "p-cpe:/a:centos:centos:nss-util-devel", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-2237.NASL", "href": "https://www.tenable.com/plugins/nessus/128378", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2237 and \n# CentOS Errata and Security Advisory 2019:2237 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128378);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12404\");\n script_xref(name:\"RHSA\", value:\"2019:2237\");\n\n script_name(english:\"CentOS 7 : nspr / nss / nss-softokn / nss-util (CESA-2019:2237)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for nss, nss-softokn, nss-util, and nspr is now available\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities.\n\nThe following packages have been upgraded to a later upstream version:\nnss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0).\n(BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274)\n\nSecurity Fix(es) :\n\n* ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries\n(CVE-2018-0495)\n\n* nss: Cache side-channel variant of the Bleichenbacher attack\n(CVE-2018-12404)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006011.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6f744e1\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006012.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3add588\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006014.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c329b1b\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006015.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06760d91\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12404\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nspr-4.21.0-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nspr-devel-4.21.0-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-devel-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-softokn-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-softokn-devel-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-softokn-freebl-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-softokn-freebl-devel-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-tools-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-util-3.44.0-3.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-util-devel-3.44.0-3.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:57:18", "description": "A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41. (CVE-2018-12404)\n\nLibgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the\n_gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. (CVE-2018-0495)", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-10-04T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : nss (ALAS-2019-1305)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:nss", "p-cpe:/a:amazon:linux:nss-debuginfo", "p-cpe:/a:amazon:linux:nss-devel", "p-cpe:/a:amazon:linux:nss-pkcs11-devel", "p-cpe:/a:amazon:linux:nss-sysinit", "p-cpe:/a:amazon:linux:nss-tools", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1305.NASL", "href": "https://www.tenable.com/plugins/nessus/129563", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1305.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129563);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12404\");\n script_xref(name:\"ALAS\", value:\"2019-1305\");\n\n script_name(english:\"Amazon Linux 2 : nss (ALAS-2019-1305)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A cached side channel attack during handshakes using RSA encryption\ncould allow for the decryption of encrypted content. This is a variant\nof the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack)\nand affects all NSS versions prior to NSS 3.41. (CVE-2018-12404)\n\nLibgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache\nside-channel attack on ECDSA signatures that can be mitigated through\nthe use of blinding during the signing process in the\n_gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of\nthe Hidden Number Problem or ROHNP. To discover an ECDSA key, the\nattacker needs access to either the local machine or a different\nvirtual machine on the same physical host. (CVE-2018-0495)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1305.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update nss' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"nss-3.44.0-4.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"nss-debuginfo-3.44.0-4.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"nss-devel-3.44.0-4.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"nss-pkcs11-devel-3.44.0-4.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"nss-sysinit-3.44.0-4.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"nss-tools-3.44.0-4.amzn2.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-debuginfo / nss-devel / nss-pkcs11-devel / nss-sysinit / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:37:15", "description": "According to the versions of the nss-softokn packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.(CVE-2018-0495)\n\n - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.(CVE-2018-12404)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : nss-softokn (EulerOS-SA-2020-1651)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:nss-softokn", "p-cpe:/a:huawei:euleros:nss-softokn-devel", "p-cpe:/a:huawei:euleros:nss-softokn-freebl", "p-cpe:/a:huawei:euleros:nss-softokn-freebl-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1651.NASL", "href": "https://www.tenable.com/plugins/nessus/137493", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137493);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0495\",\n \"CVE-2018-12404\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : nss-softokn (EulerOS-SA-2020-1651)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the nss-softokn packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a\n memory-cache side-channel attack on ECDSA signatures\n that can be mitigated through the use of blinding\n during the signing process in the _gcry_ecc_ecdsa_sign\n function in cipher/ecc-ecdsa.c, aka the Return Of the\n Hidden Number Problem or ROHNP. To discover an ECDSA\n key, the attacker needs access to either the local\n machine or a different virtual machine on the same\n physical host.(CVE-2018-0495)\n\n - A cached side channel attack during handshakes using\n RSA encryption could allow for the decryption of\n encrypted content. This is a variant of the Adaptive\n Chosen Ciphertext attack (AKA Bleichenbacher attack)\n and affects all NSS versions prior to NSS\n 3.41.(CVE-2018-12404)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1651\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b3fbfdb9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss-softokn packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"nss-softokn-3.36.0-5.h3\",\n \"nss-softokn-devel-3.36.0-5.h3\",\n \"nss-softokn-freebl-3.36.0-5.h3\",\n \"nss-softokn-freebl-devel-3.36.0-5.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss-softokn\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:59:50", "description": "According to the versions of the nss-softokn packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.(CVE-2018-0495)\n\n - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.(CVE-2018-12404)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : nss-softokn (EulerOS-SA-2019-2246)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:nss-softokn", "p-cpe:/a:huawei:euleros:nss-softokn-devel", "p-cpe:/a:huawei:euleros:nss-softokn-freebl", "p-cpe:/a:huawei:euleros:nss-softokn-freebl-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2246.NASL", "href": "https://www.tenable.com/plugins/nessus/130708", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130708);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-0495\",\n \"CVE-2018-12404\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : nss-softokn (EulerOS-SA-2019-2246)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the nss-softokn packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a\n memory-cache side-channel attack on ECDSA signatures\n that can be mitigated through the use of blinding\n during the signing process in the _gcry_ecc_ecdsa_sign\n function in cipher/ecc-ecdsa.c, aka the Return Of the\n Hidden Number Problem or ROHNP. To discover an ECDSA\n key, the attacker needs access to either the local\n machine or a different virtual machine on the same\n physical host.(CVE-2018-0495)\n\n - A cached side channel attack during handshakes using\n RSA encryption could allow for the decryption of\n encrypted content. This is a variant of the Adaptive\n Chosen Ciphertext attack (AKA Bleichenbacher attack)\n and affects all NSS versions prior to NSS\n 3.41.(CVE-2018-12404)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2246\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d98e5eb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss-softokn packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"nss-softokn-3.36.0-5.h3\",\n \"nss-softokn-devel-3.36.0-5.h3\",\n \"nss-softokn-freebl-3.36.0-5.h3\",\n \"nss-softokn-freebl-devel-3.36.0-5.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss-softokn\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:24:43", "description": "Update Botan2 to 2.7.0.\n\nFocus of this release is on performance and side channel hardening.\n\n - Address side channels in RSA key generation and ECDSA signing\n\n - Side channel hardening in many core algorithms (modular exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett reduction, etc) to reduce the risk of future exploitable side channels.\n\n - Many optimizations for ECC operations, RSA (including key gen), DSA, DH, and XMSS. Typical speedups vs 2.6.0 is 10 to 40% depending on operation and key size.\n\n - Add Scrypt password hashing. Also supported is using Scrypt to derive keys for private key encryption (format compatible with upcoming OpenSSL 1.1.1)\n\n - Add base32 encoding/decoding\n\n - Plus many bug fixes and smaller enhancements documented in the [release notes](https://botan.randombit.net/news.html#version-2-7\n -0-2018-07-02)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-07-12T00:00:00", "type": "nessus", "title": "Fedora 27 : botan2 (2018-98ab6b4e56)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12435"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:botan2", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-98AB6B4E56.NASL", "href": "https://www.tenable.com/plugins/nessus/111016", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-98ab6b4e56.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111016);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12435\");\n script_xref(name:\"FEDORA\", value:\"2018-98ab6b4e56\");\n\n script_name(english:\"Fedora 27 : botan2 (2018-98ab6b4e56)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update Botan2 to 2.7.0.\n\nFocus of this release is on performance and side channel hardening.\n\n - Address side channels in RSA key generation and ECDSA\n signing\n\n - Side channel hardening in many core algorithms (modular\n exponentiation, ECC scalar multiply, Karatsuba\n multiplication, Barrett reduction, etc) to reduce the\n risk of future exploitable side channels.\n\n - Many optimizations for ECC operations, RSA (including\n key gen), DSA, DH, and XMSS. Typical speedups vs 2.6.0\n is 10 to 40% depending on operation and key size.\n\n - Add Scrypt password hashing. Also supported is using\n Scrypt to derive keys for private key encryption (format\n compatible with upcoming OpenSSL 1.1.1)\n\n - Add base32 encoding/decoding\n\n - Plus many bug fixes and smaller enhancements documented\n in the [release\n notes](https://botan.randombit.net/news.html#version-2-7\n -0-2018-07-02)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-98ab6b4e56\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://botan.randombit.net/news.html#version-2-7-0-2018-07-02\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected botan2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:botan2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"botan2-2.7.0-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"botan2\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:53:37", "description": "Netscape Portable Runtime (NSPR) provides platform independence for non- GUI operating system facilities.\n\nThe following packages have been upgraded to a later upstream version:\nnss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0).\n\nSecurity Fix(es) :\n\n - ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n - nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404)", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : nss, nss-softokn, nss-util, and nspr on SL7.x x86_64 (20190806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:nspr", "p-cpe:/a:fermilab:scientific_linux:nspr-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nspr-devel", "p-cpe:/a:fermilab:scientific_linux:nss", "p-cpe:/a:fermilab:scientific_linux:nss-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-devel", "p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel", "p-cpe:/a:fermilab:scientific_linux:nss-softokn", "p-cpe:/a:fermilab:scientific_linux:nss-softokn-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-softokn-devel", "p-cpe:/a:fermilab:scientific_linux:nss-softokn-freebl", "p-cpe:/a:fermilab:scientific_linux:nss-softokn-freebl-devel", "p-cpe:/a:fermilab:scientific_linux:nss-sysinit", "p-cpe:/a:fermilab:scientific_linux:nss-tools", "p-cpe:/a:fermilab:scientific_linux:nss-util", "p-cpe:/a:fermilab:scientific_linux:nss-util-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-util-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190806_NSS__NSS_SOFTOKN__NSS_UTIL__AND_NSPR_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/128243", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128243);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12404\");\n\n script_name(english:\"Scientific Linux Security Update : nss, nss-softokn, nss-util, and nspr on SL7.x x86_64 (20190806)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Netscape Portable Runtime (NSPR) provides platform independence for\nnon- GUI operating system facilities.\n\nThe following packages have been upgraded to a later upstream version:\nnss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0).\n\nSecurity Fix(es) :\n\n - ROHNP: Key Extraction Side Channel in Multiple Crypto\n Libraries (CVE-2018-0495)\n\n - nss: Cache side-channel variant of the Bleichenbacher\n attack (CVE-2018-12404)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1908&L=SCIENTIFIC-LINUX-ERRATA&P=19480\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ed012e59\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-softokn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nspr-4.21.0-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nspr-debuginfo-4.21.0-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nspr-devel-4.21.0-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-debuginfo-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-devel-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-softokn-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-softokn-debuginfo-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-softokn-devel-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-softokn-freebl-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-softokn-freebl-devel-3.44.0-5.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-tools-3.44.0-4.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-util-3.44.0-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-util-debuginfo-3.44.0-3.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"nss-util-devel-3.44.0-3.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:51:39", "description": "An update for nss, nss-softokn, nss-util, and nspr is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.\n\nThe following packages have been upgraded to a later upstream version:\nnss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0).\n(BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274)\n\nSecurity Fix(es) :\n\n* ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n* nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 7 : nss, nss-softokn, nss-util, and nspr (RHSA-2019:2237)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-softokn", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel", "p-cpe:/a:redhat:enterprise_linux:nss-sysinit", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "p-cpe:/a:redhat:enterprise_linux:nss-util", "p-cpe:/a:redhat:enterprise_linux:nss-util-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-util-devel", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2237.NASL", "href": "https://www.tenable.com/plugins/nessus/127699", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2237. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127699);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12404\");\n script_xref(name:\"RHSA\", value:\"2019:2237\");\n\n script_name(english:\"RHEL 7 : nss, nss-softokn, nss-util, and nspr (RHSA-2019:2237)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for nss, nss-softokn, nss-util, and nspr is now available\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities.\n\nThe following packages have been upgraded to a later upstream version:\nnss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0).\n(BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274)\n\nSecurity Fix(es) :\n\n* ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries\n(CVE-2018-0495)\n\n* nss: Cache side-channel variant of the Bleichenbacher attack\n(CVE-2018-12404)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-0495\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-12404\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2237\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"nspr-4.21.0-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nspr-debuginfo-4.21.0-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nspr-devel-4.21.0-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-3.44.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-debuginfo-3.44.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-devel-3.44.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-pkcs11-devel-3.44.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-softokn-3.44.0-5.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-softokn-debuginfo-3.44.0-5.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-softokn-devel-3.44.0-5.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-softokn-freebl-3.44.0-5.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-softokn-freebl-devel-3.44.0-5.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"nss-sysinit-3.44.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.44.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"nss-tools-3.44.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"nss-tools-3.44.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-util-3.44.0-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-util-debuginfo-3.44.0-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-util-devel-3.44.0-3.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-04-25T15:30:11", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1461 advisory.\n\n - ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n - nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-14T00:00:00", "type": "nessus", "title": "RHEL 7 : nss-softokn (RHSA-2020:1461)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2019-11745"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_eus:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:nss-softokn", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl", "p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel"], "id": "REDHAT-RHSA-2020-1461.NASL", "href": "https://www.tenable.com/plugins/nessus/135460", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1461. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135460);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2019-11745\");\n script_bugtraq_id(107967);\n script_xref(name:\"RHSA\", value:\"2020:1461\");\n script_xref(name:\"IAVA\", value:\"2018-A-0203\");\n script_xref(name:\"IAVA\", value:\"2019-A-0128\");\n script_xref(name:\"IAVA\", value:\"2019-A-0438-S\");\n\n script_name(english:\"RHEL 7 : nss-softokn (RHSA-2020:1461)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1461 advisory.\n\n - ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\n - nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate\n (CVE-2019-11745)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-0495\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1591163\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1774831\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11745\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_e4s_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_eus_7_6_computenode': [\n 'rhel-7-hpc-node-eus-debug-rpms',\n 'rhel-7-hpc-node-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-debug-rpms',\n 'rhel-7-hpc-node-eus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-rpms',\n 'rhel-7-hpc-node-eus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-source-rpms',\n 'rhel-7-hpc-node-eus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-rpms',\n 'rhel-7-hpc-node-eus-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-source-rpms',\n 'rhel-7-hpc-node-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_eus_7_6_server': [\n 'rhel-7-for-system-z-a-debug-rpms',\n 'rhel-7-for-system-z-a-optional-debug-rpms',\n 'rhel-7-for-system-z-a-optional-rpms',\n 'rhel-7-for-system-z-a-optional-source-rpms',\n 'rhel-7-for-system-z-a-rpms',\n 'rhel-7-for-system-z-a-source-rpms',\n 'rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-7-for-system-z-eus-debug-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-optional-debug-rpms',\n 'rhel-7-for-system-z-eus-optional-debug-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-optional-rpms',\n 'rhel-7-for-system-z-eus-optional-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-optional-source-rpms',\n 'rhel-7-for-system-z-eus-optional-source-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-rpms',\n 'rhel-7-for-system-z-eus-rpms__7_DOT_6__s390x',\n 'rhel-7-for-system-z-eus-source-rpms',\n 'rhel-7-for-system-z-eus-source-rpms__7_DOT_6__s390x',\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-eus-debug-rpms',\n 'rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-debug-rpms',\n 'rhel-7-server-eus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-rpms',\n 'rhel-7-server-eus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-source-rpms',\n 'rhel-7-server-eus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-rpms',\n 'rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-source-rpms',\n 'rhel-7-server-eus-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-rpms',\n 'rhel-ha-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-rpms',\n 'rhel-rs-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_e4s_7_6': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_eus_7_6': [\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-debug-rpms__7_DOT_6__s390x',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-rpms__7_DOT_6__s390x',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms',\n 'rhel-sap-for-rhel-7-for-system-z-eus-source-rpms__7_DOT_6__s390x',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_hana_e4s_7_6': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_hana_eus_7_6': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_tus_7_6_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms__7_DOT_6__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'nss-softokn-3.36.0-6.el7_6', 'sp':'6', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-3.36.0-6.el7_6', 'sp':'6', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-3.36.0-6.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-3.36.0-6.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-devel-3.36.0-6.el7_6', 'sp':'6', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-devel-3.36.0-6.el7_6', 'sp':'6', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-devel-3.36.0-6.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-devel-3.36.0-6.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-freebl-3.36.0-6.el7_6', 'sp':'6', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-freebl-3.36.0-6.el7_6', 'sp':'6', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-freebl-3.36.0-6.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-freebl-3.36.0-6.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-freebl-devel-3.36.0-6.el7_6', 'sp':'6', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-freebl-devel-3.36.0-6.el7_6', 'sp':'6', 'cpu':'s390', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-freebl-devel-3.36.0-6.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'nss-softokn-freebl-devel-3.36.0-6.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nss-softokn / nss-softokn-devel / nss-softokn-freebl / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-17T15:29:14", "description": "Update Botan2 to 2.7.0.\n\nFocus of this release is on performance and side channel hardening.\n\n - Address side channels in RSA key generation and ECDSA signing\n\n - Side channel hardening in many core algorithms (modular exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett reduction, etc) to reduce the risk of future exploitable side channels.\n\n - Many optimizations for ECC operations, RSA (including key gen), DSA, DH, and XMSS. Typical speedups vs 2.6.0 is 10 to 40% depending on operation and key size.\n\n - Add Scrypt password hashing. Also supported is using Scrypt to derive keys for private key encryption (format compatible with upcoming OpenSSL 1.1.1)\n\n - Add base32 encoding/decoding\n\n - Plus many bug fixes and smaller enhancements documented in the [release notes](https://botan.randombit.net/news.html#version-2-7\n -0-2018-07-02)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : botan2 (2018-eaa7de17ae)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12435"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:botan2", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-EAA7DE17AE.NASL", "href": "https://www.tenable.com/plugins/nessus/120879", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-eaa7de17ae.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120879);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12435\");\n script_xref(name:\"FEDORA\", value:\"2018-eaa7de17ae\");\n\n script_name(english:\"Fedora 28 : botan2 (2018-eaa7de17ae)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update Botan2 to 2.7.0.\n\nFocus of this release is on performance and side channel hardening.\n\n - Address side channels in RSA key generation and ECDSA\n signing\n\n - Side channel hardening in many core algorithms (modular\n exponentiation, ECC scalar multiply, Karatsuba\n multiplication, Barrett reduction, etc) to reduce the\n risk of future exploitable side channels.\n\n - Many optimizations for ECC operations, RSA (including\n key gen), DSA, DH, and XMSS. Typical speedups vs 2.6.0\n is 10 to 40% depending on operation and key size.\n\n - Add Scrypt password hashing. Also supported is using\n Scrypt to derive keys for private key encryption (format\n compatible with upcoming OpenSSL 1.1.1)\n\n - Add base32 encoding/decoding\n\n - Plus many bug fixes and smaller enhancements documented\n in the [release\n notes](https://botan.randombit.net/news.html#version-2-7\n -0-2018-07-02)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-eaa7de17ae\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://botan.randombit.net/news.html#version-2-7-0-2018-07-02\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected botan2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:botan2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"botan2-2.7.0-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"botan2\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:31:02", "description": "An update of 'libgcrypt', 'libsoup' packages of Photon OS has been released.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-10T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Libgcrypt / Libsoup PHSA-2018-2.0-0091 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0495", "CVE-2018-12910"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libgcrypt", "p-cpe:/a:vmware:photonos:libsoup", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2018-2_0-0091.NASL", "href": "https://www.tenable.com/plugins/nessus/117397", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-2.0-0091. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117397);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:51\");\n\n script_cve_id(\"CVE-2018-0495\", \"CVE-2018-12910\");\n\n script_name(english:\"Photon OS 2.0: Libgcrypt / Libsoup PHSA-2018-2.0-0091 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of 'libgcrypt', 'libsoup' packages of Photon OS has been\nreleased.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-91\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12910\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libgcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"libgcrypt-1.8.1-2.ph2\",\n \"libgcrypt-debuginfo-1.8.1-2.ph2\",\n \"libgcrypt-devel-1.8.1-2.ph2\",\n \"libsoup-2.57.1-4.ph2\",\n \"libsoup-debuginfo-2.57.1-4.ph2\",\n \"libsoup-devel-2.57.1-4.ph2\",\n \"libsoup-doc-2.57.1-4.ph2\",\n \"libsoup-lang-2.57.1-4.ph2\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgcrypt / libsoup\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:29:42", "description": "Node.js reports :\n\nUpdates are now available for all active Node.js release lines. These include fixes for the vulnerabilities identified in the initial announcement. They also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j.\n\nWe recommend that all Node.js users upgrade to a version listed below as soon as possible. Debugger port 5858 listens on any interface by default (CVE-2018-12120) All versions of Node.js 6 are vulnerable and the severity is HIGH. When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default.\nThis may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost.\nIt has always been possible to start the debugger on a specific interface, such as node --debug=localhost. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable. Denial of Service with large HTTP headers (CVE-2018-12121) All versions of 6 and later are vulnerable and the severity is HIGH. By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n\nThe total size of HTTP headers received by Node.js now must not exceed 8192 bytes. 'Slowloris' HTTP Denial of Service (CVE-2018-12122) All versions of Node.js 6 and later are vulnerable and the severity is LOW. An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Attack potential is mitigated by the use of a load balancer or other proxy layer.\n\nA timeout of 40 seconds now applies to servers receiving HTTP headers.\nThis value can be adjusted with server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. Hostname spoofing in URL parser for JavaScript protocol (CVE-2018-12123) All versions of Node.js 6 and later are vulnerable and the severity is LOW. If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case 'javascript:' (e.g. 'javAscript:') protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect. HTTP request splitting (CVE-2018-12116) Node.js 6 and 8 are vulnerable and the severity is MEDIUM. If Node.js can be convinced to use unsanitized user-provided Unicode data for the path option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. OpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735) The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key. OpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734) The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key. OpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407) OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown to be vulnerable to a microarchitecture timing side-channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-10T00:00:00", "type": "nessus", "title": "FreeBSD : node.js -- multiple vulnerabilities (2a86f45a-fc3c-11e8-a414-00155d006b02)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-07-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:node", "p-cpe:/a:freebsd:freebsd:node10", "p-cpe:/a:freebsd:freebsd:node6", "p-cpe:/a:freebsd:freebsd:node8", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_2A86F45AFC3C11E8A41400155D006B02.NASL", "href": "https://www.tenable.com/plugins/nessus/119511", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119511);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/07/10 16:04:13\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-12116\", \"CVE-2018-12120\", \"CVE-2018-12121\", \"CVE-2018-12122\", \"CVE-2018-12123\", \"CVE-2018-5407\");\n\n script_name(english:\"FreeBSD : node.js -- multiple vulnerabilities (2a86f45a-fc3c-11e8-a414-00155d006b02)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Node.js reports :\n\nUpdates are now available for all active Node.js release lines. These\ninclude fixes for the vulnerabilities identified in the initial\nannouncement. They also include upgrades of Node.js 6 and 8 to OpenSSL\n1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j.\n\nWe recommend that all Node.js users upgrade to a version listed below\nas soon as possible. Debugger port 5858 listens on any interface by\ndefault (CVE-2018-12120) All versions of Node.js 6 are vulnerable and\nthe severity is HIGH. When the debugger is enabled with node --debug\nor node debug, it listens to port 5858 on all interfaces by default.\nThis may allow remote computers to attach to the debug port and\nevaluate arbitrary JavaScript. The default interface is now localhost.\nIt has always been possible to start the debugger on a specific\ninterface, such as node --debug=localhost. The debugger was removed in\nNode.js 8 and replaced with the inspector, so no versions from 8 and\nlater are vulnerable. Denial of Service with large HTTP headers\n(CVE-2018-12121) All versions of 6 and later are vulnerable and the\nseverity is HIGH. By using a combination of many requests with maximum\nsized headers (almost 80 KB per connection), and carefully timed\ncompletion of the headers, it is possible to cause the HTTP server to\nabort from heap allocation failure. Attack potential is mitigated by\nthe use of a load balancer or other proxy layer.\n\nThe total size of HTTP headers received by Node.js now must not exceed\n8192 bytes. 'Slowloris' HTTP Denial of Service (CVE-2018-12122) All\nversions of Node.js 6 and later are vulnerable and the severity is\nLOW. An attacker can cause a Denial of Service (DoS) by sending\nheaders very slowly keeping HTTP or HTTPS connections and associated\nresources alive for a long period of time. Attack potential is\nmitigated by the use of a load balancer or other proxy layer.\n\nA timeout of 40 seconds now applies to servers receiving HTTP headers.\nThis value can be adjusted with server.headersTimeout. Where headers\nare not completely received within this period, the socket is\ndestroyed on the next received chunk. In conjunction with\nserver.setTimeout(), this aids in protecting against excessive\nresource retention and possible Denial of Service. Hostname spoofing\nin URL parser for JavaScript protocol (CVE-2018-12123) All versions of\nNode.js 6 and later are vulnerable and the severity is LOW. If a\nNode.js application is using url.parse() to determine the URL\nhostname, that hostname can be spoofed by using a mixed case\n'javascript:' (e.g. 'javAscript:') protocol (other protocols are not\naffected). If security decisions are made about the URL based on the\nhostname, they may be incorrect. HTTP request splitting\n(CVE-2018-12116) Node.js 6 and 8 are vulnerable and the severity is\nMEDIUM. If Node.js can be convinced to use unsanitized user-provided\nUnicode data for the path option of an HTTP request, then data can be\nprovided which will trigger a second, unexpected, and user-defined\nHTTP request to made to the same server. OpenSSL Timing vulnerability\nin ECDSA signature generation (CVE-2018-0735) The OpenSSL ECDSA\nsignature algorithm has been shown to be vulnerable to a timing\nside-channel attack. An attacker could use variations in the signing\nalgorithm to recover the private key. OpenSSL Timing vulnerability in\nDSA signature generation (CVE-2018-0734) The OpenSSL DSA signature\nalgorithm has been shown to be vulnerable to a timing side-channel\nattack. An attacker could use variations in the signing algorithm to\nrecover the private key. OpenSSL Microarchitecture timing\nvulnerability in ECC scalar multiplication (CVE-2018-5407) OpenSSL ECC\nscalar multiplication, used in e.g. ECDSA and ECDH, has been shown to\nbe vulnerable to a microarchitecture timing side-channel attack. An\nattacker with sufficient access to mount local timing attacks during\nECDSA signature generation could recover the private key.\"\n );\n # https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fdc3667d\"\n );\n # https://vuxml.freebsd.org/freebsd/2a86f45a-fc3c-11e8-a414-00155d006b02.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?721f1cad\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"node6<6.15.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node8<8.14.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node10<10.14.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node<11.3.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:29:46", "description": "The version of Node.js installed on the remote host is 6.x prior to 6.15.0, 8.x prior to 8.14.0 or 10.x prior to 10.14.0 or 11.x prior to 11.3.0. It is, therefore, affected by multiple vulnerabilities.\n\n - OpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734).\n\n - OpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735).\n\n - OpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407).\n\n - Debugger port 5858 listens on any interface by default CVE-2018-12120).\n\n - Denial of Service with large HTTP headers (CVE-2018-12121).\n\n - Slowloris HTTP Denial of Service (CVE-2018-12122).\n\n - Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123).\n\n - HTTP request splitting (CVE-2018-12116).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-28T00:00:00", "type": "nessus", "title": "Node.js Multiple Vulnerabilities (November 2018 Security Releases)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123"], "modified": "2020-12-04T00:00:00", "cpe": ["cpe:/a:nodejs:node.js"], "id": "NODEJS_2018_NOV.NASL", "href": "https://www.tenable.com/plugins/nessus/119938", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119938);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/04\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-5407\",\n \"CVE-2018-12116\",\n \"CVE-2018-12120\",\n \"CVE-2018-12121\",\n \"CVE-2018-12122\",\n \"CVE-2018-12123\"\n );\n script_bugtraq_id(\n 105750,\n 105758,\n 105897,\n 106040,\n 106043\n );\n\n script_name(english:\"Node.js Multiple Vulnerabilities (November 2018 Security Releases)\");\n script_summary(english:\"Checks the Node.js version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Node.js - JavaScript run-time environment is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Node.js installed on the remote host is 6.x prior to 6.15.0, 8.x prior to 8.14.0 or 10.x prior to\n10.14.0 or 11.x prior to 11.3.0. It is, therefore, affected by multiple vulnerabilities.\n\n - OpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734).\n\n - OpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735).\n\n - OpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407).\n\n - Debugger port 5858 listens on any interface by default CVE-2018-12120).\n\n - Denial of Service with large HTTP headers (CVE-2018-12121).\n\n - Slowloris HTTP Denial of Service (CVE-2018-12122).\n\n - Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123).\n\n - HTTP request splitting (CVE-2018-12116).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fdc3667d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade Node.js to 6.15 / 8.14.0 / 10.14.0 / 11.3.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12120\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:nodejs:node.js\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nodejs_win_installed.nbin\", \"macosx_nodejs_installed.nbin\");\n script_require_keys(\"installed_sw/Node.js\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nwin_local = FALSE;\nif (get_kb_item('SMB/Registry/Enumerated')) win_local = TRUE;\n\napp_info = vcf::get_app_info(app:'Node.js', win_local:win_local);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'min_version' : '6.0.0', 'fixed_version' : '6.15.0' },\n { 'min_version' : '8.0.0', 'fixed_version' : '8.14.0' },\n { 'min_version' : '10.0.0', 'fixed_version' : '10.14.0' },\n { 'min_version' : '11.0.0', 'fixed_version' : '11.3.0' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T16:35:37", "description": "If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable 'non-stitched' ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway).\nFixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). (CVE-2019-1559)\n\nThe OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i).\nFixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). (CVE-2018-0734)", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-11-15T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : openssl (ALAS-2019-1362)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2019-1559"], "modified": "2019-12-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-libs", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1362.NASL", "href": "https://www.tenable.com/plugins/nessus/131030", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1362.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131030);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/12\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2019-1559\");\n script_xref(name:\"ALAS\", value:\"2019-1362\");\n\n script_name(english:\"Amazon Linux 2 : openssl (ALAS-2019-1362)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"If an application encounters a fatal protocol error and then calls\nSSL_shutdown() twice (once to send a close_notify, and once to receive\none) then OpenSSL can respond differently to the calling application\nif a 0 byte record is received with invalid padding compared to if a 0\nbyte record is received with an invalid MAC. If the application then\nbehaves differently based on that in a way that is detectable to the\nremote peer, then this amounts to a padding oracle that could be used\nto decrypt data. In order for this to be exploitable 'non-stitched'\nciphersuites must be in use. Stitched ciphersuites are optimised\nimplementations of certain commonly used ciphersuites. Also the\napplication must call SSL_shutdown() twice even if a protocol error\nhas occurred (applications should not do this but some do anyway).\nFixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). (CVE-2019-1559)\n\nThe OpenSSL DSA signature algorithm has been shown to be vulnerable to\na timing side channel attack. An attacker could use variations in the\nsigning algorithm to recover the private key. Fixed in OpenSSL 1.1.1a\n(Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i).\nFixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). (CVE-2018-0734)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1362.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"openssl-1.0.2k-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-debuginfo-1.0.2k-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-devel-1.0.2k-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-libs-1.0.2k-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-perl-1.0.2k-19.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-static-1.0.2k-19.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T16:20:59", "description": "Security Fix(es) :\n\n - openssl: 0-byte record padding oracle (CVE-2019-1559)\n\n - openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734)", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL7.x x86_64 (20190806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2019-1559"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-libs", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "p-cpe:/a:fermilab:scientific_linux:openssl-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190806_OPENSSL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/128247", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128247);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2019-1559\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL7.x x86_64 (20190806)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - openssl: 0-byte record padding oracle (CVE-2019-1559)\n\n - openssl: timing side channel attack in the DSA signature\n algorithm (CVE-2018-0734)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1908&L=SCIENTIFIC-LINUX-ERRATA&P=28154\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e198486\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.2k-19.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T16:19:47", "description": "An update for openssl is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es) :\n\n* openssl: 0-byte record padding oracle (CVE-2019-1559)\n\n* openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "CentOS 7 : openssl (CESA-2019:2304)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2019-1559"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-libs", "p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-static", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-2304.NASL", "href": "https://www.tenable.com/plugins/nessus/128388", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2304 and \n# CentOS Errata and Security Advisory 2019:2304 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128388);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2019-1559\");\n script_xref(name:\"RHSA\", value:\"2019:2304\");\n\n script_name(english:\"CentOS 7 : openssl (CESA-2019:2304)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for openssl is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)\nand Transport Layer Security (TLS) protocols, as well as a\nfull-strength general-purpose cryptography library.\n\nSecurity Fix(es) :\n\n* openssl: 0-byte record padding oracle (CVE-2019-1559)\n\n* openssl: timing side channel attack in the DSA signature algorithm\n(CVE-2018-0734)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006031.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a71b7010\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0734\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.2k-19.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.2k-19.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-libs / openssl-perl / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-19T15:10:11", "description": "An update of the nodejs package has been released.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-02-26T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Nodejs PHSA-2020-2.0-0210", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-12123"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:nodejs", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2020-2_0-0210_NODEJS.NASL", "href": "https://www.tenable.com/plugins/nessus/134085", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-2.0-0210. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134085);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-12123\");\n script_bugtraq_id(105758, 107512);\n\n script_name(english:\"Photon OS 2.0: Nodejs PHSA-2020-2.0-0210\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the nodejs package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-210.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-12123\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-0734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"nodejs-8.17.0-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"nodejs-debuginfo-8.17.0-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"nodejs-devel-8.17.0-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-25T16:33:14", "description": "This update for openssl fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).\n\n - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).\n\n - Add missing timing side channel patch for DSA signature generation (bsc#1113742).\n\nNon-security issues fixed :\n\n - Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update project.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl (openSUSE-2018-1464)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-cavs", "p-cpe:/a:novell:opensuse:openssl-cavs-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debugsource", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-1464.NASL", "href": "https://www.tenable.com/plugins/nessus/119139", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1464.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119139);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-5407\");\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-2018-1464)\");\n script_summary(english:\"Check for the openSUSE-2018-1464 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-0734: Fixed timing vulnerability in DSA\n signature generation (bsc#1113652).\n\n - CVE-2018-5407: Fixed elliptic curve scalar\n multiplication timing attack defenses (bsc#1113534).\n\n - Add missing timing side channel patch for DSA signature\n generation (bsc#1113742).\n\nNon-security issues fixed :\n\n - Fixed infinite loop in DSA generation with incorrect\n parameters (bsc#1112209).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113742\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libopenssl-devel-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libopenssl1_0_0-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libopenssl1_0_0-debuginfo-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libopenssl1_0_0-hmac-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"openssl-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"openssl-cavs-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"openssl-cavs-debuginfo-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"openssl-debuginfo-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"openssl-debugsource-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2j-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2j-32.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl-devel-32bit / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-25T16:34:10", "description": "New openssl packages are available for Slackware 14.2 and -current to fix security issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-23T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : openssl (SSA:2018-325-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2019-04-05T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2018-325-01.NASL", "href": "https://www.tenable.com/plugins/nessus/119113", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2018-325-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119113);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/04/05 23:25:07\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-5407\");\n script_xref(name:\"SSA\", value:\"2018-325-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : openssl (SSA:2018-325-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New openssl packages are available for Slackware 14.2 and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.576913\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?11f85267\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"openssl\", pkgver:\"1.0.1u\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1u\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1u\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1u\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"openssl\", pkgver:\"1.0.1u\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1u\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1u\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1u\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"openssl\", pkgver:\"1.0.2q\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"openssl-solibs\", pkgver:\"1.0.2q\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.2q\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.2q\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"1.1.1a\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"1.1.1a\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.1.1a\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.1.1a\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-25T16:33:31", "description": "This update for openssl fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).\n\nCVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).\n\nAdd missing timing side channel patch for DSA signature generation (bsc#1113742).\n\nNon-security issues fixed: Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-23T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2018:3866-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-devel", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3866-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119117", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3866-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119117);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-5407\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2018:3866-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for openssl fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed timing vulnerability in DSA signature generation\n(bsc#1113652).\n\nCVE-2018-5407: Fixed elliptic curve scalar multiplication timing\nattack defenses (bsc#1113534).\n\nAdd missing timing side channel patch for DSA signature generation\n(bsc#1113742).\n\nNon-security issues fixed: Fixed infinite loop in DSA generation with\nincorrect parameters (bsc#1112209).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113742\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0734/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5407/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183866-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?272b53d7\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-2760=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2760=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-2760=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2760=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-2760=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2018-2760=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2760=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2018-2760=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2760=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl-devel-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-32bit-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-debuginfo-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-hmac-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"openssl-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"openssl-debuginfo-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"openssl-debugsource-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl-devel-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-32bit-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-debuginfo-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-hmac-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"openssl-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"openssl-debuginfo-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"openssl-debugsource-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl-devel-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"openssl-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.2j-60.46.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"openssl-debugsource-1.0.2j-60.46.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-25T16:35:16", "description": "This update for openssl-1_0_0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).\n\nCVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).\n\nAdd missing timing side channel patch for DSA signature generation (bsc#1113742).\n\nNon-security issues fixed: Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209).\n\nSet TLS version to 0 in msg_callback for record messages to avoid confusing applications (bsc#1100078).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-12-06T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2018:3989-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-1_0_0-devel", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_0_0-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3989-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119457", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3989-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119457);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-5407\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2018:3989-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for openssl-1_0_0 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-0734: Fixed timing vulnerability in DSA signature generation\n(bsc#1113652).\n\nCVE-2018-5407: Fixed elliptic curve scalar multiplication timing\nattack defenses (bsc#1113534).\n\nAdd missing timing side channel patch for DSA signature generation\n(bsc#1113742).\n\nNon-security issues fixed: Fixed infinite loop in DSA generation with\nincorrect parameters (bsc#1112209).\n\nSet TLS version to 0 in msg_callback for record messages to avoid\nconfusing applications (bsc#1100078).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1100078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113742\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-0734/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5407/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183989-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce575874\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2018-2846=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-2846=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2018-2846=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_0_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_0_0-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl-1_0_0-devel-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-32bit-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-debuginfo-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-hmac-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_0_0-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_0_0-debugsource-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl-1_0_0-devel-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1_0_0-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1_0_0-debugsource-1.0.2p-3.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_0_0\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "archlinux": [{"lastseen": "2021-07-28T14:34:02", "description": "Arch Linux Security Advisory ASA-201812-6\n=========================================\n\nSeverity: Low\nDate : 2018-12-08\nCVE-ID : CVE-2018-0734 CVE-2018-0735\nPackage : lib32-openssl\nType : private key recovery\nRemote : Yes\nLink : https://security.archlinux.org/AVG-793\n\nSummary\n=======\n\nThe package lib32-openssl before version 1:1.1.1.a-1 is vulnerable to\nprivate key recovery.\n\nResolution\n==========\n\nUpgrade to 1:1.1.1.a-1.\n\n# pacman -Syu \"lib32-openssl>=1:1.1.1.a-1\"\n\nThe problems have been fixed upstream in version 1.1.1.a.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-0734 (private key recovery)\n\nA timing vulnerability has been found in DSA signature generation in\nopenssl versions up to and including 1.1.1, where information is leaked\nvia a side channel when a BN is resized and could lead to private key\nrecovery.\n\n- CVE-2018-0735 (private key recovery)\n\nThe OpenSSL ECDSA signature algorithm has been shown to be vulnerable\nto a timing side channel attack in openssl versions prior to 1.1.1a. An\nattacker could use variations in the signing algorithm to recover the\nprivate key.\n\nImpact\n======\n\nA remote attacker might be able to recover a private ECDSA or DSA key\nvia a timing attack.\n\nReferences\n==========\n\nhttps://www.openssl.org/news/secadv/20181029.txt\nhttps://www.openssl.org/news/secadv/20181030.txt\nhttps://github.com/openssl/openssl/commit/8abfe72e8c1de1b95f50aa0d9134803b4d00070f\nhttps://github.com/openssl/openssl/pull/7486\nhttps://github.com/openssl/openssl/commit/b1d6d55ece1c26fa2829e2b819b038d7b6d692b4\nhttps://security.archlinux.org/CVE-2018-0734\nhttps://security.archlinux.org/CVE-2018-0735", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-08T00:00:00", "type": "archlinux", "title": "[ASA-201812-6] lib32-openssl: private key recovery", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2018-12-08T00:00:00", "id": "ASA-201812-6", "href": "https://security.archlinux.org/ASA-201812-6", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:34:02", "description": "Arch Linux Security Advisory ASA-201812-5\n=========================================\n\nSeverity: Low\nDate : 2018-12-08\nCVE-ID : CVE-2018-0734 CVE-2018-0735\nPackage : openssl\nType : private key recovery\nRemote : Yes\nLink : https://security.archlinux.org/AVG-792\n\nSummary\n=======\n\nThe package openssl before version 1.1.1.a-1 is vulnerable to private\nkey recovery.\n\nResolution\n==========\n\nUpgrade to 1.1.1.a-1.\n\n# pacman -Syu \"openssl>=1.1.1.a-1\"\n\nThe problems have been fixed upstream in version 1.1.1.a.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-0734 (private key recovery)\n\nA timing vulnerability has been found in DSA signature generation in\nopenssl versions up to and including 1.1.1, where information is leaked\nvia a side channel when a BN is resized and could lead to private key\nrecovery.\n\n- CVE-2018-0735 (private key recovery)\n\nThe OpenSSL ECDSA signature algorithm has been shown to be vulnerable\nto a timing side channel attack in openssl versions prior to 1.1.1a. An\nattacker could use variations in the signing algorithm to recover the\nprivate key.\n\nImpact\n======\n\nA remote attacker might be able to recover a private ECDSA or DSA key\nvia a timing attack.\n\nReferences\n==========\n\nhttps://www.openssl.org/news/secadv/20181029.txt\nhttps://www.openssl.org/news/secadv/20181030.txt\nhttps://github.com/openssl/openssl/commit/8abfe72e8c1de1b95f50aa0d9134803b4d00070f\nhttps://github.com/openssl/openssl/pull/7486\nhttps://github.com/openssl/openssl/commit/b1d6d55ece1c26fa2829e2b819b038d7b6d692b4\nhttps://security.archlinux.org/CVE-2018-0734\nhttps://security.archlinux.org/CVE-2018-0735", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-08T00:00:00", "type": "archlinux", "title": "[ASA-201812-5] openssl: private key recovery", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2018-12-08T00:00:00", "id": "ASA-201812-5", "href": "https://security.archlinux.org/ASA-201812-5", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:34:03", "description": "Arch Linux Security Advisory ASA-201806-10\n==========================================\n\nSeverity: High\nDate : 2018-06-16\nCVE-ID : CVE-2018-0495\nPackage : libgcrypt\nType : private key recovery\nRemote : No\nLink : https://security.archlinux.org/AVG-719\n\nSummary\n=======\n\nThe package libgcrypt before version 1.8.3-1 is vulnerable to private\nkey recovery.\n\nResolution\n==========\n\nUpgrade to 1.8.3-1.\n\n# pacman -Syu \"libgcrypt>=1.8.3-1\"\n\nThe problem has been fixed upstream in version 1.8.3.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nAn implementation flaw has been discovered in multiple cryptographic\nlibraries that allows a side-channel based attacker to recover ECDSA or\nDSA private keys. When these cryptographic libraries use the private\nkey to create a signature, such as for a TLS or SSH connection, they\ninadvertently leak information through memory caches. An unprivileged\nattacker running on the same machine can collect the information from a\nfew thousand signatures and recover the value of the private key.\n\nImpact\n======\n\nAn unprivileged user might be able to retrieve private keys on the\naffected host.\n\nReferences\n==========\n\nhttps://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=9010d1576e278a4274ad3f4aa15776c28f6ba965;hp=7b6c2afd699e889f5f054cc3d202a61bd0ee1dcf\nhttps://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html\nhttps://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/\nhttps://security.archlinux.org/CVE-2018-0495", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.7, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-06-16T00:00:00", "type": "archlinux", "title": "[ASA-201806-10] libgcrypt: private key recovery", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0495"], "modified": "2018-06-16T00:00:00", "id": "ASA-201806-10", "href": "https://security.archlinux.org/ASA-201806-10", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:34:02", "description": "Arch Linux Security Advisory ASA-201812-8\n=========================================\n\nSeverity: Low\nDate : 2018-12-08\nCVE-ID : CVE-2018-0734 CVE-2018-5407\nPackage : openssl-1.0\nType : private key recovery\nRemote : Yes\nLink : https://security.archlinux.org/AVG-807\n\nSummary\n=======\n\nThe package openssl-1.0 before version 1.0.2.q-1 is vulnerable to\nprivate key recovery.\n\nResolution\n==========\n\nUpgrade to 1.0.2.q-1.\n\n# pacman -Syu \"openssl-1.0>=1.0.2.q-1\"\n\nThe problems have been fixed upstream in version 1.0.2.q.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-0734 (private key recovery)\n\nA timing vulnerability has been found in DSA signature generation in\nopenssl versions up to and including 1.1.1, where information is leaked\nvia a side channel when a BN is resized and could lead to private key\nrecovery.\n\n- CVE-2018-5407 (private key recovery)\n\nA vulnerability has been found in the ECC scalar multiplication\nimplementation of OpenSSL < 1.1.0i and <= 1.0.2p. The implementation,\nused in e.g. ECDSA and ECDH, has been shown\nto be vulnerable to a microarchitecture timing side channel attack. An\nattacker with sufficient access to mount local timing attacks during\nECDSA signature generation could recover the private key.\n\nImpact\n======\n\nA remote attacker might be able to recover a private DSA key via a\ntiming attack. In addition, a local attacker might be able to recover a\nprivate ECC key via a timing attack.\n\nReferences\n==========\n\nhttps://www.openssl.org/news/secadv/20181030.txt\nhttps://github.com/openssl/openssl/commit/8abfe72e8c1de1b95f50aa0d9134803b4d00070f\nhttps://github.com/openssl/openssl/pull/7486\nhttps://www.openssl.org/news/secadv/20181112.txt\nhttps://github.com/openssl/openssl/commit/b18162a7c9bbfb57112459a4d6631fa258fd8c0c\nhttps://security.archlinux.org/CVE-2018-0734\nhttps://security.archlinux.org/CVE-2018-5407", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-08T00:00:00", "type": "archlinux", "title": "[ASA-201812-8] openssl-1.0: private key recovery", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2018-12-08T00:00:00", "id": "ASA-201812-8", "href": "https://security.archlinux.org/ASA-201812-8", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:34:02", "description": "Arch Linux Security Advisory ASA-201812-7\n=========================================\n\nSeverity: Low\nDate : 2018-12-08\nCVE-ID : CVE-2018-0734 CVE-2018-5407\nPackage : lib32-openssl-1.0\nType : private key recovery\nRemote : Yes\nLink : https://security.archlinux.org/AVG-806\n\nSummary\n=======\n\nThe package lib32-openssl-1.0 before version 1.0.2.q-1 is vulnerable to\nprivate key recovery.\n\nResolution\n==========\n\nUpgrade to 1.0.2.q-1.\n\n# pacman -Syu \"lib32-openssl-1.0>=1.0.2.q-1\"\n\nThe problems have been fixed upstream in version 1.0.2.q.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2018-0734 (private key recovery)\n\nA timing vulnerability has been found in DSA signature generation in\nopenssl versions up to and including 1.1.1, where information is leaked\nvia a side channel when a BN is resized and could lead to private key\nrecovery.\n\n- CVE-2018-5407 (private key recovery)\n\nA vulnerability has been found in the ECC scalar multiplication\nimplementation of OpenSSL < 1.1.0i and <= 1.0.2p. The implementation,\nused in e.g. ECDSA and ECDH, has been shown\nto be vulnerable to a microarchitecture timing side channel attack. An\nattacker with sufficient access to mount local timing attacks during\nECDSA signature generation could recover the private key.\n\nImpact\n======\n\nA remote attacker might be able to recover a private DSA key via a\ntiming attack. In addition, a local attacker might be able to recover a\nprivate ECC key via a timing attack.\n\nReferences\n==========\n\nhttps://www.openssl.org/news/secadv/20181030.txt\nhttps://github.com/openssl/openssl/commit/8abfe72e8c1de1b95f50aa0d9134803b4d00070f\nhttps://github.com/openssl/openssl/pull/7486\nhttps://www.openssl.org/news/secadv/20181112.txt\nhttps://github.com/openssl/openssl/commit/b18162a7c9bbfb57112459a4d6631fa258fd8c0c\nhttps://security.archlinux.org/CVE-2018-0734\nhttps://security.archlinux.org/CVE-2018-5407", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-08T00:00:00", "type": "archlinux", "title": "[ASA-201812-7] lib32-openssl-1.0: private key recovery", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2018-12-08T00:00:00", "id": "ASA-201812-7", "href": "https://security.archlinux.org/ASA-201812-7", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "f5": [{"lastseen": "2020-04-06T22:39:46", "description": "\nF5 Product Development has assigned CPF-25030 (Traffix) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 14.x2 | None | Not applicable | Not vulnerable | None | None \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | 5.0.0 - 5.1.0 | None | Medium | [5.1](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N>) | OpenSSL \n4.x | 4.4.0 | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n2 BIG-IP 14.1.0 contains the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker would need to be logged in to the affected system with a local administrator account to exploit it.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-15T03:22:00", "type": "f5", "title": "OpenSSL vulnerabilities CVE-2018-0734 and CVE-2018-0735", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2018-12-15T03:22:00", "id": "F5:K43741620", "href": "https://support.f5.com/csp/article/K43741620", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-04-06T22:40:49", "description": "\nF5 Product Development has assigned CPF-24963 and CPF-24964 (Traffix) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 14.x | None | Not applicable | Not vulnerable | None | None \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \n4.x | None | Not applicable \nBIG-IQ Cloud and Orchestration | 1.x | None | Not applicable | Not vulnerable | None | None \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | 5.0.0 - 5.1.0 | None | Medium | [5.1](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N>) | libgcrypt \n4.x | 4.4.0 | None \n \n1 The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.7, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-09-28T03:59:00", "type": "f5", "title": "Libgcrypt vulnerability CVE-2018-0495", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0495"], "modified": "2018-09-28T03:59:00", "id": "F5:K20001553", "href": "https://support.f5.com/csp/article/K20001553", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}], "ibm": [{"lastseen": "2022-06-28T22:06:29", "description": "## Summary\n\nIBM Security Guardium is aware of the following vulnerabilities\n\n## Vulnerability Details\n\n \nCVE-ID: CVE-2018-0734 \nDescription: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-0735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152086> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected IBM Security Guardium **\n\n| \n\n**Affected Versions** \n \n---|--- \nIBM Security Guardium | 10.1.4 - 10.6 \n \n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium | 10.1.4-10.6 | https://www-945.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=Guardium_10.6.1.12_FAMforNAS_Windows_v10.6.1.12&continue=1 \n \nOr \n \nhttps://www-945.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=Guardium_10.6.1.12_FAMforSP_Windows_v10.6.1.12&continue=1 \n \n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nMay 3, 2019: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\n125463; 125227\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"10.1.4 - 10.6\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-03T18:55:02", "type": "ibm", "title": "Security Bulletin: Guardium StealthBits Integration is affected by an OpenSSL vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2019-05-03T18:55:02", "id": "1753BC62442BE4CF992F4D8242EB34368CF93CCB6BB6464B1B6744B5BFB4A859", "href": "https://www.ibm.com/support/pages/node/883488", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:08:34", "description": "## Summary\n\nMultiple vulnerabilities in OpenSSL was addressed by IBM InfoSphere Information Server.\n\n## Vulnerability Details\n\n**CVEID**: [CVE-2018-0732](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732>) \n**DESCRIPTION**: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS handshake. By spending an unreasonably long period of time generating a key for this prime, a remote attacker could exploit this vulnerability to cause the client to hang. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144658> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\nCVE-ID: [CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \nDescription: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2018-0735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152086> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2018-5407](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n\n\n## Affected Products and Versions\n\nThe following products, running on all supported platforms, are affected: \nIBM InfoSphere Information Server: versions 9.1, 11.3, 11.5, and 11.7 \nIBM InfoSphere Information Server on Cloud: versions 11.5, and 11.7 \n\n\n## Remediation/Fixes\n\nFor InfoSphere Information Server installed in a containerized environment, upgrade to _[Information Server 11.7.1.0](<Https://????>)_.\n\n_Product_ | _VRMF_ | _APAR_ | _Remediation/First Fix_ \n---|---|---|--- \nInfoSphere Information Server | 11.7 | [_JR60805_](<http://www.ibm.com/support/docview.wss?uid=swg1JR60805>) | \\--Upgrade to [_DataDirect ODBC drivers version 7.1.6_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&release=11.7&function=fixId&fixids=is_ddodbc_7.1.6_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21980217>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server, Information Server on Cloud | 11.5 | [_JR60805_](<http://www.ibm.com/support/docview.wss?uid=swg1JR60805>) | \\--Upgrade to [_DataDirect ODBC drivers version 7.1.6_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&release=11.5&function=fixId&fixids=is_ddodbc_7.1.6_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21980217>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server | 11.3 | [_JR60805_](<http://www.ibm.com/support/docview.wss?uid=swg1JR60805>) | \\--Upgrade to [_DataDirect ODBC drivers version 7.1.6_](<http://www.ibm.com/support/fixcentral/swg/quickorder?&product=ibm/Information+Management/IBM+InfoSphere+Information+Server&release=11.3.1&function=fixId&fixids=is_ddodbc_7.1.6_server*>) \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21980217>) to choose which OpenSSL version the drivers will use \n\\--Use [_TechNote_](<http://www-01.ibm.com/support/docview.wss?uid=swg21679867>) to follow additional post installation configuration steps \nInfoSphere Information Server | 9.1 | [_JR60805_](<http://www.ibm.com/support/docview.wss?uid=swg1JR60805>) | \\--Upgrade to a new release \n \n \n \nFor IBM InfoSphere Information Server version 9.1, IBM recommends upgrading to a fixed, supported version/release/platform of the product.\n\n**Contact Technical Support:** \nIn the United States and Canada dial **1-800-IBM-SERV** \nView the support [contacts for other countries](<http://www.ibm.com/planetwide/>) outside of the United States. \nElectronically [open a Service Request](<http://www.ibm.com/software/support/probsub.html>) with Information Server Technical Support. \n\n\n## Workarounds and Mitigations\n\nDisable the use of Diffie-Hellman, DSA, ECDSA, and ECDH ciphers.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n24 October 2018: Original version published \n05 December 2018: Updated with CVE-2018-0734 and CVE-2018-0735 \n08 May 2019: Published fix for prior CVEs and CVE-2018-5407\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\nPSIRT 116715 125049 125285 125727\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSZJPZ\",\"label\":\"IBM InfoSphere Information Server\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"9.1;11.3;11.5;11.7\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-08T16:40:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM InfoSphere Information Server", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407"], "modified": "2019-05-08T16:40:01", "id": "41D74490768E1FEA65BA04768E1BBABF9B0B30814EAF5BAAE6962979F0600776", "href": "https://www.ibm.com/support/pages/node/737297", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:14:59", "description": "## Summary\n\nPublic disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-0735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735>) \n** DESCRIPTION: **The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1). \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/152086](<https://exchange.xforce.ibmcloud.com/vulnerabilities/152086>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nFOS| 8.0 \nFOS| 8.1 \nFOS| 8.2 \n \n\n\n## Remediation/Fixes\n\nProduct| VRMF| Fix \n---|---|--- \nFOS 8.0| | upgrade to FOS 8.1.2h or FOS 8.2.1c \nFOS 8.1| 8.1.2h| <https://www-01.ibm.com/support/docview.wss?uid=ssg1S1009577> \nFOS 8.2| 8.2.1c| <https://www-01.ibm.com/support/docview.wss?uid=ssg1S1009577> \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n08 Jan 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU050\",\"label\":\"BU NOT IDENTIFIED\"},\"Product\":{\"code\":\"HW550\",\"label\":\"Network Switches\"},\"Component\":\"FOS Firmware\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"IBM b-type switches and directors\",\"Edition\":\"All\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-08T18:39:04", "type": "ibm", "title": "Security Bulletin: Vulnerability in the Fabric OS used by IBM b-type SAN directors and switches.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0735"], "modified": "2020-01-08T18:39:04", "id": "E24545639D10A648BCB6D9F4AAE7525E072A1C6A4E5448AFD0E797BA58867591", "href": "https://www.ibm.com/support/pages/node/1169932", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:05:38", "description": "## Summary\n\nRedhat provided OpenSSL package is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-0735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/152086](<https://exchange.xforce.ibmcloud.com/vulnerabilities/152086>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Integrated Analytics System| 1.0.0-1.0.23.0 \n \n\n\n## Remediation/Fixes\n\nUpdate to the following IBM Integrated Analytics System release : \n\nProduct| VRMF| Remediation / First Fix \n---|---|--- \nIBM Integrated Analytics System | 1.0.24.0| [Link to Fix Central](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7EInformation%20Management&product=ibm/Information+Management/IBM+Integrated+Analytics+System&release=All&platform=All&function=fixId&fixids=1.0.24.0-IM-IIAS-fp67&includeRequisites=1&includeSupersedes=0&downloadMethod=mget&login=true> \"Link to Fix Central\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n30 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSHRBY\",\"label\":\"IBM Integrated Analytics System\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-04T06:41:40", "type": "ibm", "title": "Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0735"], "modified": "2021-01-04T06:41:40", "id": "B645A1884F55B8D23E89889934405E297A29DD4C710A7CC08A400CAB85EC2792", "href": "https://www.ibm.com/support/pages/node/6395474", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:14:35", "description": "## Summary\n\nIBM RackSwitch firmware products listed below have addressed the following vulnerability in OpenSSL. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\n**Product **\n\n| \n\n**Affected Version ** \n \n---|--- \n \nIBM RackSwitch G8000 \n\n| \n\n7.1 \n \nIBM RackSwitch G8052 \n\n| \n\n7.9 \n \nIBM RackSwitch G8052\n\n| \n\n7.11 \n \nIBM RackSwitch G8124/G8124E\n\n| \n\n7.11 \n \nIBM RackSwitch G8264\n\n| \n\n7.11 \n \nIBM RackSwitch G8264CS\n\n| \n\n7.8 \n \nIBM RackSwitch G8264T\n\n| \n\n7.9 \n \nIBM RackSwitch G8316\n\n| \n\n7.9 \n \nIBM RackSwitch G8332\n\n| \n\n7.7 \n \nG8264CS_SI_Fabric_Image \n\n\n| 7.8 \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: [http://www.ibm.com/support/fixcentral/](<http://www.ibm.com/support/fixcentral/>)\n\n**Product **\n\n| \n\n**Fix Version ** \n \n---|--- \n \nIBM RackSwitch G8052 \n(G8052_Image_7.11.15.0)\n\n| \n\n7.11.15.0 \n \nIBM RackSwitch G8124/G8124E \n(G8124_G8124E_Image_7.11.15.0)\n\n| \n\n7.11.15.0 \n \nIBM RackSwitch G8264 \n(G8264_Image_7.11.15.0)\n\n| \n\n7.11.15.0 \n \nIBM RackSwitch G8264CS \n(G8264CS_Image_7.8.22.0)\n\n| \n\n7.8.22.0 \n \nIBM RackSwitch G8264T \n(G8264T_Image_7.9.25.0)\n\n| \n\n7.9.25.0 \n \nIBM RackSwitch G8316 \n(G8316_Image_7.9.25.0)\n\n| \n\n7.9.25.0 \n \nIBM RackSwitch G8332 \n(G8332_Image_7.7.31.0)\n\n| \n\n7.7.31.0 \n \nG8264CS_SI_Fabric_Image - Bundle \n(G8264CS_SI_Fabric_Image_7.8.23.0) | 7.8.23.0 \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n[Lenovo Product Security Advisories](<https://support.lenovo.com/us/en/product_security/home>)\n\n## Change History\n\n16 July 2019: Initial version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Business Unit\":{\"code\":\"BU016\",\"label\":\"Multiple Vendor Support\"},\"Product\":{\"code\":\"HW19X\",\"label\":\"System x->Microsoft Datacenter\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-16T22:15:01", "type": "ibm", "title": "Security Bulletin: IBM RackSwitch firmware products are affected by vulnerability in OpenSSL (CVE-2018-0734)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734"], "modified": "2019-07-16T22:15:01", "id": "BC6791BE1BE27712E7F93A3CF6425D4DFC9F597812F25D8188ADDCC84186E81E", "href": "https://www.ibm.com/support/pages/node/959339", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:14:55", "description": "## Summary\n\nPublic disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n** DESCRIPTION: **The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/152085](<https://exchange.xforce.ibmcloud.com/vulnerabilities/152085>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nFOS| 8.0 \nFOS| 8.1 \nFOS| 8.2 \n \n\n\n## Remediation/Fixes\n\nProduct| VRMF| Fix \n---|---|--- \nFOS 8.0| | upgrade to FOS 8.1.2h or FOS 8.2.1c \nFOS 8.1| 8.1.2h| <https://www-01.ibm.com/support/docview.wss?uid=ssg1S1009577> \nFOS 8.2| 8.2.1c| <https://www-01.ibm.com/support/docview.wss?uid=ssg1S1009577> \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n08 Jan 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU050\",\"label\":\"BU NOT IDENTIFIED\"},\"Product\":{\"code\":\"HW550\",\"label\":\"Network Switches\"},\"Component\":\"FOS Firmware\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"IBM b-type switches and directors\",\"Edition\":\"All\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-01-08T18:50:09", "type": "ibm", "title": "Security Bulletin: Vulnerability in Fabric OS used by IBM b-type SAN directors and switches.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734"], "modified": "2020-01-08T18:50:09", "id": "B3E6D054507AB3B2747CD81EF1321A37C5EECBBAA25C47BEBF1156723BC9BC6F", "href": "https://www.ibm.com/support/pages/node/1169938", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:15:20", "description": "## Summary\n\nA security vulnerability has been identified in OpenSSL that is used by IBM Cloud Manager with OpenStack. IBM Cloud Manager with OpenStack has addressed this vulnerability. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product Name** | **Affected Versions** \n---|--- \nIBM Cloud Manager with OpenStack | 4.3 \n \n## Remediation/Fixes\n\n**Product** | **VRMF** | **Remediation / First Fix** \n---|---|--- \nIBM Cloud Manager with OpenStack | 4.3 | \n\nUpgrade to 4.3 FP 13:\n\nhttps://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FOther%20software&product=ibm/Other+software/Cloud+Manager+with+Openstack&release=All&platform=All&function=fixId&fixids=4.3.0.13-IBM-CMWO-FP13&includeSupersedes=0 \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SST55W\",\"label\":\"IBM Cloud Manager with OpenStack\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"4.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-26T10:55:02", "type": "ibm", "title": "Security Bulletin: IBM Cloud Manager with OpenStack is affected by a OpenSSL vulnerabilities (CVE-2018-0734)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734"], "modified": "2019-04-26T10:55:02", "id": "742A5EE5095C2D25FD4C21E1BCFF447C64FB309C1797EDABFD78DFF9772CD9C4", "href": "https://www.ibm.com/support/pages/node/882676", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:05:55", "description": "## Summary\n\nRedHat provided OpenSSL package is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/152085](<https://exchange.xforce.ibmcloud.com/vulnerabilities/152085>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Integrated Analytics System (Sailfish)| IBM Integrated Analytics System 1.0.0-1.0.23.0 \n \n## Remediation/Fixes\n\nUpdate to the following IBM Integrated Analytics System release :\n\nProduct| VRMF| Remediation / First Fix \n---|---|--- \nIBM Integrated Analytics System | 1.0.24.0| [Link to Fix Central](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7EInformation%20Management&product=ibm/Information+Management/IBM+Integrated+Analytics+System&release=All&platform=All&function=fixId&fixids=1.0.24.0-IM-IIAS-fp67&includeRequisites=1&includeSupersedes=0&downloadMethod=mget&login=true> \"Link to Fix Central\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n06 Nov 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSHRBY\",\"label\":\"IBM Integrated Analytics System\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All the Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-11-10T10:24:49", "type": "ibm", "title": "Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734"], "modified": "2020-11-10T10:24:49", "id": "5F957B5E06ACCABE54D87CD6147B8E68B673F925251FED25DCB9B0E9A50E046A", "href": "https://www.ibm.com/support/pages/node/6361633", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T21:57:06", "description": "## Summary\n\nIBM MessageSight has addressed the following vulnerability. OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key.\n\n## Vulnerability Details\n\n**CVEID: ** [CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n**DESCRIPTION: ** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [ https://exchange.xforce.ibmcloud.com/vulnerabilities/152085](< https://exchange.xforce.ibmcloud.com/vulnerabilities/152085>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected IBM MessageSight | Affected Versions \n---|--- \nIBM MessageSight | 2.0.0.0 - 2.0.0.2 \n \n## Remediation/Fixes\n\nPricipal Product/Version | Affected Supporting Product/Versions | Affected Supporting Product Security Bulletin \n---|---|--- \nMessageSight 2.0.0.0 - 2.0.0.2 | \n\nOpenSSL 1.1.1 (fixed in 1.1.1a)\n\nOpenSSL 1.1.0-1.1.0i (fixed in 1.1.0j)\n\nOpenSSL 1.0.2-1.0.2p fixed in 1.0.2q\n\n| [\n\nOpenSSL Security Advisory\n\n](<https://www.openssl.org/news/secadv/20181030.txt>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\nOff \n\n**Change History** 18 January 2019 | Original version published \n---|--- \n \n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSCGGQ\",\"label\":\"IBM MessageSight\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-21T15:55:02", "type": "ibm", "title": "Security Bulletin: OpenSSL vunerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734"], "modified": "2019-01-21T15:55:02", "id": "7B753C368ACA27C22C23CCCF0ADAC34B8D0ABE013F91E91F77FAA106033ADC8E", "href": "https://www.ibm.com/support/pages/node/796086", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:10:25", "description": "## Summary\n\nIBM Security Proventia Network Active Bypass has addressed the following vulnerabilities. (CVE-2018-0734)\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n**DESCRIPTION: ** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Security 1G Network Active Bypass firmware version 1.x through 3.x firmware levels 1.0.849 through 3.30.11 \nIBM Security 10G Network Active Bypass firmware versions 1.x through 3.x firmware levels 1.0.1876 through 3.30.11\n\n## Remediation/Fixes\n\n_Product_ | _VRMF_ | _Remediation/First Fix_ \n---|---|--- \n**IBM Security Proventia Network Active Bypass** | 3.X | [Proventia 1G NAB Update 26 (fw 3.30.13)](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Security+Network+Active+Bypass&fixids=20190324_Proventia_1G_Network_Active_Bypass_update-26_fw3.30.13&source=SAR>) \n**IBM Security Proventia Network Active Bypass** | 3.X | \n\n[Proventia 10G NAB Update 23 (fw 3.30.13)](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Security+Network+Active+Bypass&fixids=20190324_Proventia_10G_Network_Active_Bypass_update-23_fw3.30.13&source=SAR >) \n \nFor IBM Security Proventia Network Active Bypass products at the following firmware versions:\n\n * IBM Security 1G Network Active Bypass firmware version 1.X firmware levels 1.0.849 through 3.30.4-12, 3.30.5-21, 3.30.7-23, 3.30.9-27, 3.30.10-37, 3.30.11\n * IBM Security 10G Network Active Bypass firmware versions 1.X firmware levels 1.0.1876 through 3.30.5-21, 3.30.7-23, 3.30.9-27, 3.30.10-37, 3.30.11\n\n \nIBM recommends upgrading to 3.30.13, the supported firmware release of the product.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nMarch 25, 2019: Original Version Published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\nPR125342\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSB2MD\",\"label\":\"IBM Security Network Active Bypass\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"3.X\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-03-27T06:25:01", "type": "ibm", "title": "Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2018-0734)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734"], "modified": "2019-03-27T06:25:01", "id": "FA72645AEA039BA3B00779CC846F404BEAFC0CD1CF57E01D9602CBEC8B491F79", "href": "https://www.ibm.com/support/pages/node/878607", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:07:07", "description": "## Summary\n\nIBM DataPower Gateway is potentially vulnerable to two side-channel attacks (CVE-2018-0495, CVE-2018-12404)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-0495](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495>) \n** DESCRIPTION: **Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. \nCVSS Base score: 5.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144828](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144828>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n \n** CVEID: **[CVE-2018-12404](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12404>) \n** DESCRIPTION: **A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41. \nCVSS Base score: 5.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155087](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155087>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM DataPower Gateway| 2018.4.1.0-2018.4.1.8 \nIBM DataPower Gateway| 7.6.0.0-7.6.0.17 \n \n\n\n## Remediation/Fixes\n\nAffected Product(s)| Fix Version| APAR \n---|---|--- \nIBM DataPower Gateway| 2018.4.1.9| [IT30949](<https://www-01.ibm.com/support/docview.wss?uid=swg1IT30949>) \nIBM DataPower Gateway| 7.6.0.18| [IT30949](<https://www-01.ibm.com/support/docview.wss?uid=swg1IT30949> \"IT30949\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n17 Dec 2019: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS9H2Y\",\"label\":\"IBM DataPower Gateway\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"All Versions\",\"Edition\":\"All\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-08T21:52:38", "type": "ibm", "title": "Security Bulletin: Potential side-channel cryptographic vulnerabilities in IBM DataPower Gateway", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0495", "CVE-2018-12404"], "modified": "2021-06-08T21:52:38", "id": "D339AF4F92E6BDA2B14C46B53EEC584B9068C60D095CA91F8D91E775B6991D1D", "href": "https://www.ibm.com/support/pages/node/1167190", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-10T00:00:00", "description": "## Summary\n\nMultiple Node.js vulnerabilities were disclosed by the Node.js project. Node.js is used by the Cordova tools in IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2018-0734_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>)\n\n**Description: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_ https://exchange.xforce.ibmcloud.com/vulnerabilities/152085_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133729>) for more information.\n\nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n \n**CVEID:** [_CVE-2018-0735_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735>)\n\n**DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key.\n\nCVSS Base Score: 3.7\n\nCVSS Temporal Score: See [_ https://exchange.xforce.ibmcloud.com/vulnerabilities/133784_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133784>) for more information.\n\nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVE-ID: ** [CVE-2018-5407](<cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407>) \n**Description: **Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectur\u2019s parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVE-ID: ** [CVE-2018-12116](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12116>) \n**Description: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153452> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVE-ID: ** [CVE-2018-12123](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12123>) \n**Description: **Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153457> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVE-ID: ** [CVE-2018-12120](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12120>) \n**Description: **Node.js could allow a remote attacker to execute arbitrary JavaScript on the system, caused by a flaw when debugger mode is enabled with `node --debug` or `node debug`. By sending specially-crafted request to port 5858, an attacker could exploit this vulnerability to execute arbitrary JavaScript on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153454> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVE-ID: ** [CVE-2018-12121](<cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12121>) \n**Description: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153455> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVE-ID: ** [CVE-2018-12122](<cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12122>) \n**Description: **Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153456> for more information. \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nRational Application Developer 9.1\n\nRational Application Developer 9.5\n\nRational Application Developer 9.6\n\nRational Application Developer 9.7\n\n## Remediation/Fixes\n\nUpdate the IBM Rational Application Developer to address this vulnerability: \n\n**Product**\n\n| **VRMF** | **APAR** | **Remediation/First Fix** \n---|---|---|--- \nRational Application Developer | \n\n9.1\n\n9.5\n\n9.6\n\n9.7\n\n| \n\nPH07024\n\n| \n\n * For all versions, \n[install iFix](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/IBM+Rational+Application+Developer+for+WebSphere+Software&release=All&platform=All&function=fixId&fixids=Rational-RAD-Cordova-ifix-zip&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNo known workarounds.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n18 January 2019: Original document published \n29 January 2019: updated interim fix link\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSRTLW\",\"label\":\"Rational Application Developer for WebSphere Software\"},\"Component\":\"General Information\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF022\",\"label\":\"OS X\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"9.1;9.1.0.1;9.1.1;9.1.1.1;9.1.1.2;9.1.1.3;9.1.1.4;9.5;9.5.0.1;9.5.0.2;9.5.0.3;9.5.0.4;9.6;9.6.1;9.6.1.1;9.6.1.2;9.7\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-29T21:10:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2019-01-29T21:10:01", "id": "1EE6A9FE4BA67B644CF284DD602D2172C5B63FD07D6A0117C4A372E7C9EF1921", "href": "https://www.ibm.com/support/pages/node/794537", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-30T21:54:06", "description": "## Summary\n\nSecurity vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator\n\n## Vulnerability Details\n\nCVE-ID: [CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \nDescription: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-5407](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Sterling B2B Integrator 5.2.0.1 - 6.0.0.0\n\n## Remediation/Fixes\n\n**PRODUCT & Version **\n\n| \n\n**Remediation/Fix** \n \n---|--- \n \nIBM Sterling B2B Integrator 5.2.0.1 - 6.0.0.0\n\n| \n\nSWIFTNet Customers must upgrade their B2B Integrator at least to 5020603_2, 5020602_4 , 5020601_7 or 6.0.0.0 available on _[Fix Centra](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>)l_ and current version of OpenSSL to version 1.0.2q \n \n## Workarounds and Mitigations\n\nNo\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n28 February 2019: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## Internal Use Only\n\nPSIRT product records 125752 and 125311\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS3JSW\",\"label\":\"IBM Sterling B2B Integrator\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"5.2.0.0 - 6.0.0.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-02-05T00:53:36", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities in OpenSSL Affect IBM Sterling B2B Integrator (CVE-2018-0734, CVE-2018-5407)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2020-02-05T00:53:36", "id": "2EE525D2EA98139EECBD98B625477DDDD5A658E5F81D79BC18E2A76F2D1FAAC6", "href": "https://www.ibm.com/support/pages/node/874244", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:11:14", "description": "## Summary\n\nOpen Source OpenSSL is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2019-1559](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Netezza Analytics 3.2.2-3.3.4\n\n## Remediation/Fixes\n\nProduct | VRMF | Remediation / First Fix \n---|---|--- \nIBM Netezza Analytics | 3.3.5 | [_Link to Fix Central_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FNetezza+Applications&release=ANALYTICS_3.3&platform=All&function=fixId&fixids=3.3.5.0-IM-Netezza-ANALYTICS-fp122941>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n06 May 2019: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSULQD\",\"label\":\"IBM PureData System\"},\"Component\":\"IBM Netezza Analytics\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-10-18T03:36:34", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in GNU OpenSSL (1.0.2 series) affect IBM Netezza Analytics", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2019-1559"], "modified": "2019-10-18T03:36:34", "id": "473B42A0AD3ADFD11193F1FA0491433B6C2F49AB442C2703D8ED509C2300C6D6", "href": "https://www.ibm.com/support/pages/node/878845", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:12:43", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on 30 October 2018 and later by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVE-ID:** CVE-2018-0734 \nDescription: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\nCVE-ID: CVE-2019-1559 \nDescription: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. An attacker could exploit this vulnerability using a 0-byte record padding-oracle attack to decrypt traffic. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/157514> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM MobileFirst Platform Foundation 8.0.0.0 \nIBM MobileFirst Platform Foundation 7.1.0.0 \nIBM MobileFirst Platform Foundation 6.3.0.0 \nIBM Worklight Enterprise Edition 6.2.0.1\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF** | **APAR** | **Remediation/First Fix** \n---|---|---|--- \nIBM MobileFirst Platform Foundation | 8.0.0.0 | PH09324 | Download the latest iFix for [IBM MobileFirst Platform Foundation on FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+MobileFirst+Platform+Foundation&fixids=8.0.0.0-MFPF-IF201810040631&source=SAR>) \nIBM MobileFirst Platform Foundation | 7.1.0.0 | Download the latest iFix for [IBM MobileFirst Platform Foundation on FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+MobileFirst+Platform+Foundation&fixids=7.1.0.0-MFPF-IF201810081403&source=SAR>) \nIBM MobileFirst Platform Foundation | 6.3.0.0 | Download the latest iFix for [IBM MobileFirst Platform Foundation on FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+MobileFirst+Platform+Foundation&fixids=6.3.0.0-MFPF-IF201809241113&source=SAR>) \nIBM Worklight Enterprise Edition | 6.2.0.1 | Download the latest iFix for [IBM MobileFirst Platform Foundation on FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+Worklight+Enterprise+Edition&fixids=6.2.0.1-WEE-IF201904021054&source=SAR>) \n| | \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n04/05/2019 - Draft\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSVNUQ\",\"label\":\"IBM MobileFirst Platform Foundation\"},\"Component\":\"Security\",\"Platform\":[{\"code\":\"PF003\",\"label\":\"Android\"},{\"code\":\"PF014\",\"label\":\"iOS\"}],\"Version\":\"6.2;6.3;7.1;8.0\",\"Edition\":\"Enterprise\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-05T11:50:01", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2019-1559"], "modified": "2019-04-05T11:50:01", "id": "F17C09CA9366DB4B46C2D2458B4B0B2F150A45007792754545A5B15C91CA9BBA", "href": "https://www.ibm.com/support/pages/node/880043", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T21:59:56", "description": "## Summary\n\nIBM DataPower Gateway has addressed two CVEs relating to SSL: CVE-2019-1559 & CVE-2018-0734\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-1559](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559>) \n** DESCRIPTION: **If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable \"non-stitched\" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). \nCVSS Base score: 5.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n \n** CVEID: **[CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n** DESCRIPTION: **The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/152085](<https://exchange.xforce.ibmcloud.com/vulnerabilities/152085>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM DataPower Gateway| 2018.4.1.-2018.4.1.8 \nIBM DataPower Gateway| 7.6.0.0-7.6.0.17 \n \n\n\n## Remediation/Fixes\n\nAffected Product| Fixed in version| APAR \n---|---|--- \nIBM DataPower Gateway| 7.6.0.18| [IT30948](<https://www-01.ibm.com/support/docview.wss?uid=swg1IT30948> \"IT30948\" ) \nIBM DataPower Gateway| 2018.4.1.9| IT30948 \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Jan 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS9H2Y\",\"label\":\"IBM DataPower Gateway\"},\"Component\":\"N\\/A\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"All Versions\",\"Edition\":\"All\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-08T21:52:38", "type": "ibm", "title": "Security Bulletin: Vulnerabities in SSL in IBM DataPower Gateway", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2019-1559"], "modified": "2021-06-08T21:52:38", "id": "1F234EFC9BCA33D00375D73A19EA38D309527628B71CCB02CAF517D9F70083C2", "href": "https://www.ibm.com/support/pages/node/1167202", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:01:49", "description": "## Summary\n\nIBM DataPower Gateway has addressed the following vulnerabilities: \nCVE-2018-0734 \nCVE-2018-5407\n\n## Vulnerability Details\n\n**CVEID: ** [CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n**DESCRIPTION: ** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID: ** [CVE-2018-5407](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407>) \n**DESCRIPTION: ** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Products | Affected Versions \n---|--- \nIBM DataPower Gateway | 7.5.0.0 - 7.5.0.19 \nIBM DataPower Gateway | 7.5.1.0 - 7.5.1.18 \nIBM DataPower Gateway | 7.5.2.0 - 7.5.2.18 \nIBM DataPower Gateway | 7.6.0.0 - 7.6.0.11 \nIBM DataPower Gateway | 7.7.0.0 - 2018.4.1.1 \n \n## Remediation/Fixes\n\nProduct | VRMF | APAR | Remediation / First Fix \n---|---|---|--- \nIBM DataPower Gateway | 7.5.0.20 | [IT27142](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT27142>) | Install the fix pack \nIBM DataPower Gateway | 7.5.1.19 | [IT27142](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT27142>) | Install the fix pack \nIBM DataPower Gateway | 7.5.2.19 | [IT27142](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT27142>) | Install the fix pack \nIBM DataPower Gateway | 7.6.0.12 | [IT27142](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT27142>) | Install the fix pack \nIBM DataPower Gateway | 2018.4.1.2 | [IT27142](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT27142>) | Install the fix pack \n \n## Workarounds and Mitigations\n\nNone\n\n## Monitor IBM Cloud Status for Future Security Bulletins\n\nMonitor the [security notifications](<https://cloud.ibm.com/status?selected=security>) on the IBM Cloud Status page to be advised of future security bulletins.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n12 January 2019: Initial version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS9H2Y\",\"label\":\"IBM DataPower Gateway\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF009\",\"label\":\"Firmware\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-08T21:47:38", "type": "ibm", "title": "Security Bulletin: IBM DataPower Gateway is affected by vulnerabilities in OpenSSL", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2021-06-08T21:47:38", "id": "B3446AFA47BD664B99B6DC653C6AF10D8AFCE06B43C0C23D364D628FAD4130CA", "href": "https://www.ibm.com/support/pages/node/794661", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-28T22:06:37", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Manager. IBM Workload Manager has addressed the applicable CVEs\n\n## Vulnerability Details\n\nCVE-ID: CVE-2018-0732 \nDescription: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS handshake. By spending an unreasonably long period of time generating a key for this prime, a remote attacker could exploit this vulnerability to cause the client to hang. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/144658> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\nCVE-ID: CVE-2018-0734 \nDescription: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Workload Scheduler uses OpenSSL only for secure communication between internal processes. \nFor IBM Workload Scheduler Distributed, Workload Scheduler nodes are impacted by OpenSSL security exposures only if the IWS workstation has been defined with \u201csecuritylevel\u201d set to on or enabled or force. \nThese security exposures do not apply to WebSphere Application Server but only to programs installed under <TWS home>/bin. \nTivoli Workload Scheduler Distributed 9.1.0 FP02 and earlier \nTivoli Workload Scheduler Distributed 9.2.0 FP03 and earlier \nIBM Workload Scheduler Distributed 9.3.0 FP03 and earlier \nIBM Workload Scheduler Distributed 9.4.0 FP04 and earlier\n\n## Remediation/Fixes\n\nAPAR IJ11456 has been opened to address the openssl vulnerabilities for IBM Workload Scheduler. \nThe following limited availability fixes for IJ11456 are available for download on FixCentral \n9.1.0-TIV-TWS-FP0002-IJ11456 \nto be applied on top of Tivoli Workload Scheduler Distributed 9.1.0 FP02 \n9.2.0-TIV-TWS-FP0003-IJ11456 \nto be applied on top of Tivoli Workload Scheduler Distributed 9.2.0 FP03 \n9.3.0-TIV-TWS-FP0003-IJ11456 \nto be applied on top of Tivoli Workload Scheduler Distributed 9.3.0 FP03 \n \nAPAR IJ07385 has been included in 9.4.0-TIV-TWS-FP0005. \nFor these affected releases IJ07385, supersedes IJ00716, IV91052, IV85683, IV82641, IV71646, IV70763, IV66395, IV66398, IV62010, IV61392, IV75062, IJ07385. \nFor Unsupported releases IBM recommends upgrading to a fixed, supported release of the product.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\nDecembre 21th 2018: Original Version Published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8GJD\",\"label\":\"IBM Workload Automation\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"9.1.0.0;9.2.0.0;9.3.0.0;9.4.0.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}] \n\n## Historical Number\n\nTWS OpenSSL CVE-2018-0734 CVE-2018-0732", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-19T15:00:50", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734"], "modified": "2020-06-19T15:00:50", "id": "B9E9CED15D52245923C5C522920522901C04440B4FB14B24474C1033AA731D66", "href": "https://www.ibm.com/support/pages/node/792469", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-10T00:00:00", "description": "## Summary\n\nThere are vulnerabilities in OpenSSL used by AIX.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152085> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-5407](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407>) \n**DESCRIPTION:** Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU's internal processes. Note: This vulnerability is known as PortSmash. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152484> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAIX 5.3, 6.1, 7.1, 7.2 \nVIOS 2.2.x\n\nThe following fileset levels are vulnerable: \n \nkey_fileset = osrcaix\n\nFileset Lower Level Upper Level KEY \n\\------------------------------------------------------ \nopenssl.base 1.0.2.500 1.0.2.1600 key_w_fs \nopenssl.base 20.13.102.1000 20.16.102.1600 key_w_fs\n\nNote: \nA. 0.9.8, 1.0.1 OpenSSL versions are out-of-support. Customers are advised to upgrade to currently supported OpenSSL 1.0.2 version.\n\nB. Latest level of OpenSSL fileset is available from the web download site: \nhttps://www-01.ibm.com/marketing/iwm/iwm/web/pickUrxNew.do?source=aixbp&S_PKG=openssl \n \nTo find out whether the affected filesets are installed on your systems, refer to the lslpp command found in the AIX user's guide.\n\nExample: lslpp -L | grep -i openssl.base\n\n## Remediation/Fixes\n\nA. FIXES\n\nThe fixes can be downloaded via ftp or http from:\n\nftp://aix.software.ibm.com/aix/efixes/security/openssl_fix29.tar \nhttp://aix.software.ibm.com/aix/efixes/security/openssl_fix29.tar \nhttps://aix.software.ibm.com/aix/efixes/security/openssl_fix29.tar\n\nThe links above are to a tar file containing this signed advisory, fix packages, and OpenSSL signatures for each package. The fixes below include prerequisite checking. This will enforce the correct mapping between the fixes and AIX Technology Levels. \n \nNote that the tar file contains Interim fixes that are based on OpenSSL version, and AIX OpenSSL fixes are cumulative.\n\nYou must be on the 'prereq for installation' level before applying the interim fix. This may require installing a new level(prereq version) first.\n\n \nAIX Level Interim Fix (*.Z) Fileset Name(prereq for installation) KEY \n\\-------------------------------------------------------------------------------------------- \n5.3, 6.1, 7.1, 7.2 102p_fix.181127.epkg.Z openssl.base(1.0.2.1600) key_w_fix \n5.3, 6.1, 7.1, 7.2 fips_102p.181127.epkg.Z openssl.base(20.16.102.1600) key_w_fix\n\nVIOS Level Interim Fix (*.Z) Fileset Name(prereq for installation) KEY \n\\-------------------------------------------------------------------------------------------- \n2.2.x 102p_fix.181127.epkg.Z openssl.base(1.0.2.1600) key_w_fix \n2.2.x fips_102p.181127.epkg.Z openssl.base(20.16.102.1600) key_w_fix\n\n \nTo extract the fixes from the tar file:\n\ntar xvf openssl_fix29.tar \ncd openssl_fix29\n\nVerify you have retrieved the fixes intact:\n\nThe checksums below were generated using the \"openssl dgst -sha256 file\" command as the followng:\n\nopenssl dgst -sha256 filename KEY \n\\----------------------------------------------------------------------------------------------------- \n4f68017e5ff53cb74e0f6e30fc0410193dd1641e7997a5a9e4bc630d47666eaf 102p_fix.181127.epkg.Z key_w_csum \n42714d3f644d4b3250314721ae2e32f0680fea264f9b358a50f7fe9c07713b38 fips_102p.181127.epkg.Z key_w_csum\n\nThese sums should match exactly. The OpenSSL signatures in the tar file and on this advisory can also be used to verify the integrity of the fixes. If the sums or signatures cannot be confirmed, contact IBM AIX Support at https://ibm.com/support/ and describe the discrepancy. \n \nopenssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\nopenssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\nPublished advisory OpenSSL signature file location:\n\nhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory29.asc.sig \nhttps://aix.software.ibm.com/aix/efixes/security/openssl_advisory29.asc.sig \nftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory29.asc.sig\n\nB. FIX AND INTERIM FIX INSTALLATION\n\nInterim fixes have had limited functional and regression testing but not the full regression testing that takes place for Service Packs; however, IBM does fully support them.\n\nInterim fix management documentation can be found at:\n\nhttp://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\nTo preview an interim fix installation:\n\nemgr -e ipkg_name -p # where ipkg_name is the name of the \n# interim fix package being previewed.\n\nTo install an interim fix package:\n\nemgr -e ipkg_name -X # where ipkg_name is the name of the \n# interim fix package being installed.\n\n## Workarounds and Mitigations\n\nNone.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n[AIX Security Bulletin (ASCII format)](<http://aix.software.ibm.com/aix/efixes/security/openssl_advisory29.asc>)\n\n## Acknowledgement\n\nNone.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Product\":{\"code\":\"SWG10\",\"label\":\"AIX\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"}],\"Version\":\"5.3;6.1;7.1;7.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-11T15:45:02", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect AIX (CVE-2018-0734, CVE-2018-5407)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2018-12-11T15:45:02", "id": "1FE8CBFD143AEE75B9E3E758B04FAAEB9E0299C133474FCE02F7561E2C393562", "href": "https://www.ibm.com/support/pages/node/742759", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "suse": [{"lastseen": "2018-11-24T21:04:34", "description": "This update for openssl-1_1 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: timing vulnerability in DSA signature generation\n (bsc#1113652).\n - CVE-2018-0735: timing vulnerability in ECDSA signature generation\n (bsc#1113651).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-11-24T18:11:36", "type": "suse", "title": "Security update for openssl-1_1 (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2018-11-24T18:11:36", "id": "OPENSUSE-SU-2018:3890-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-11/msg00043.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-03T23:54:00", "description": "This update for libgcrypt fixes the following issues:\n\n The following security vulnerability was addressed:\n\n - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding\n for ECDSA signatures (bsc#1097410).\n\n The following other issues were fixed:\n\n - Extended the fipsdrv dsa-sign and dsa-verify commands with the\n --algo parameter for the FIPS testing of DSA SigVer and SigGen\n (bsc#1064455).\n - Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct\n order. (bsc#1090766)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "cvss3": {}, "published": "2018-08-03T21:07:44", "type": "suse", "title": "Security update for libgcrypt (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2018-08-03T21:07:44", "id": "OPENSUSE-SU-2018:2178-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-08/msg00002.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-07-30T13:53:38", "description": "This update for libgcrypt fixes the following issue:\n\n The following security issue was fixed:\n\n - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding\n for ECDSA signatures (bsc#1097410)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-07-28T16:00:35", "type": "suse", "title": "Security update for libgcrypt (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-0495"], "modified": "2018-07-28T16:00:35", "id": "OPENSUSE-SU-2018:2122-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00039.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-12-08T17:30:05", "description": "This update for openssl-1_0_0 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation\n (bsc#1113652).\n - CVE-2018-5407: Added elliptic curve scalar multiplication timing attack\n defenses that fixes "PortSmash" (bsc#1113534).\n\n Non-security issues fixed:\n\n - Added missing timing side channel patch for DSA signature generation\n (bsc#1113742).\n - Set TLS version to 0 in msg_callback for record messages to avoid\n confusing applications (bsc#1100078).\n - Fixed infinite loop in DSA generation with incorrect parameters\n (bsc#1112209)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-12-08T15:08:25", "type": "suse", "title": "Security update for openssl-1_0_0 (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2018-12-08T15:08:25", "id": "OPENSUSE-SU-2018:4050-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00018.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-11-24T21:04:34", "description": "This update for openssl fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation\n (bsc#1113652).\n - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack\n defenses (bsc#1113534).\n - Add missing timing side channel patch for DSA signature generation\n (bsc#1113742).\n\n Non-security issues fixed:\n\n - Fixed infinite loop in DSA generation with incorrect parameters\n (bsc#1112209).\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n", "cvss3": {}, "published": "2018-11-24T18:18:01", "type": "suse", "title": "Security update for openssl (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407"], "modified": "2018-11-24T18:18:01", "id": "OPENSUSE-SU-2018:3903-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-11/msg00046.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nThe OpenSSL project reports:\n\nTiming vulnerability in ECDSA signature generation\n\t (CVE-2018-0735): The OpenSSL ECDSA signature algorithm has been\n\t shown to be vulnerable to a timing side channel attack. An\n\t attacker could use variations in the signing algorithm to\n\t recover the private key (Low).\nTiming vulnerability in DSA signature generation (CVE-2018-0734):\n\t Avoid a timing attack that leaks information via a side channel\n\t that triggers when a BN is resized. Increasing the size of the\n\t BNs prior to doing anything with them suppresses the attack (Low).\n\t \n\n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-29T00:00:00", "type": "freebsd", "title": "OpenSSL -- Multiple vulnerabilities in 1.1 branch", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2018-11-10T00:00:00", "id": "238AE7DE-DBA2-11E8-B713-B499BAEBFEAF", "href": "https://vuxml.freebsd.org/freebsd/238ae7de-dba2-11e8-b713-b499baebfeaf.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-19T15:51:31", "description": "\n\nGnuPG reports:\n\nMitigate a local side-channel attack on ECDSA signature as described in the white paper \"Return on the Hidden Number Problem\".\n\n\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.7, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-06-13T00:00:00", "type": "freebsd", "title": "libgcrypt -- side-channel attack vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0495"], "modified": "2018-06-14T00:00:00", "id": "9B5162DE-6F39-11E8-818E-E8E0B747A45A", "href": "https://vuxml.freebsd.org/freebsd/9b5162de-6f39-11e8-818e-e8e0b747a45a.html", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-19T15:51:31", "description": "\n\nNode.js reports:\n\nUpdates are now available for all active Node.js release lines. These include fixes for the vulnerabilities identified in the initial announcement. They also include upgrades of Node.js 6 and 8 to OpenSSL 1.0.2q, and upgrades of Node.js 10 and 11 to OpenSSL 1.1.0j.\nWe recommend that all Node.js users upgrade to a version listed below as soon as possible.\nDebugger port 5858 listens on any interface by default (CVE-2018-12120)\nAll versions of Node.js 6 are vulnerable and the severity is HIGH. When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as node --debug=localhost. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable.\nDenial of Service with large HTTP headers (CVE-2018-12121)\nAll versions of 6 and later are vulnerable and the severity is HIGH. By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.\nThe total size of HTTP headers received by Node.js now must not exceed 8192 bytes.\n\"Slowloris\" HTTP Denial of Service (CVE-2018-12122)\nAll versions of Node.js 6 and later are vulnerable and the severity is LOW. An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Attack potential is mitigated by the use of a load balancer or other proxy layer.\nA timeout of 40 seconds now applies to servers receiving HTTP headers. This value can be adjusted with server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service.\nHostname spoofing in URL parser for javascript protocol (CVE-2018-12123)\nAll versions of Node.js 6 and later are vulnerable and the severity is LOW. If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case \"javascript:\" (e.g. \"javAscript:\") protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.\nHTTP request splitting (CVE-2018-12116)\nNode.js 6 and 8 are vulnerable and the severity is MEDIUM. If Node.js can be convinced to use unsanitized user-provided Unicode data for the path option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.\nOpenSSL Timing vulnerability in ECDSA signature generation (CVE-2018-0735)\nThe OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key.\nOpenSSL Timing vulnerability in DSA signature generation (CVE-2018-0734)\nThe OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side-channel attack. An attacker could use variations in the signing algorithm to recover the private key.\nOpenSSL Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407)\nOpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown to be vulnerable to a microarchitecture timing side-channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key.\n\n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-11-27T00:00:00", "type": "freebsd", "title": "node.js -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-12116", "CVE-2018-12120", "CVE-2018-12121", "CVE-2018-12122", "CVE-2018-12123", "CVE-2018-5407"], "modified": "2018-11-27T00:00:00", "id": "2A86F45A-FC3C-11E8-A414-00155D006B02", "href": "https://vuxml.freebsd.org/freebsd/2a86f45a-fc3c-11e8-a414-00155d006b02.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-31T17:37:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-11-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2018:3890-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852145", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852145", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852145\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-0735\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-11-26 15:08:57 +0100 (Mon, 26 Nov 2018)\");\n script_name(\"openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2018:3890-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3890-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00043.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl-1_1'\n package(s) announced via the openSUSE-SU-2018:3890-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl-1_1 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-0734: timing vulnerability in DSA signature generation\n (bsc#1113652).\n\n - CVE-2018-0735: timing vulnerability in ECDSA signature generation\n (bsc#1113651).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1465=1\");\n\n script_tag(name:\"affected\", value:\"openssl-1_1 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_1-devel\", rpm:\"libopenssl-1_1-devel~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1\", rpm:\"libopenssl1_1~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-debuginfo\", rpm:\"libopenssl1_1-debuginfo~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-hmac\", rpm:\"libopenssl1_1-hmac~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1\", rpm:\"openssl-1_1~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-debuginfo\", rpm:\"openssl-1_1-debuginfo~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-debugsource\", rpm:\"openssl-1_1-debugsource~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-doc\", rpm:\"openssl-1_1-doc~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_1-devel-32bit\", rpm:\"libopenssl-1_1-devel-32bit~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-32bit\", rpm:\"libopenssl1_1-32bit~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-32bit-debuginfo\", rpm:\"libopenssl1_1-32bit-debuginfo~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-hmac-32bit\", rpm:\"libopenssl1_1-hmac-32bit~1.1.0i~lp150.3.15.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-3840-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0735"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843848", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843848", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3840_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for openssl USN-3840-1\n#\n# Authors:\n# System Generated