Security Bulletin: Vulnerabilities in OpenSSL affect IBM Workload Deployer (CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109)

2018-06-15T07:06:03

Description

## Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Workload Deployer. IBM Workload Deployer has addressed the applicable CVEs. ## Vulnerability Details **CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) **DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. CVSS Base Score: 5.6 CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) **CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) **DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. CVSS Base Score: 5.6 CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) **CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) **DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. CVSS Base Score: 8.1 CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) **CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) **DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. CVSS Base Score: 5.3 CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) ## Affected Products and Versions IBM Workload Deployer version 3.1 and later ## Remediation/Fixes The solution is to apply the following IBM Workload Deployer fix: Upgrade the IBM Workload Deployer to the following fix level: _Product_ | _VRMF_ | _Remediation/First Fix_ ---|---|--- IBM Workload Deployer System| Release V3.1.0.7| V3.1.0.7 Interim fix12, [_http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Workload+Deployer&release=3.1.0.7&platform=All&function=fixId&fixids=3.1.0.7-ifix12-IBM_Workload_Deployer&includeSupersedes=0_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Workload+Deployer&release=3.1.0.7&platform=All&function=fixId&fixids=3.1.0.7-ifix12-IBM_Workload_Deployer&includeSupersedes=0>) ## Workarounds and Mitigations None ##

Affected Software

CPE Name	Name	Version
	ibm workload deployer	3.1.0.7

{"id": "44CD8F4D31617FEF11D1F2AAC3C002597740CB36C27E9A365971135477BE6DAD", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Workload Deployer (CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109)", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Workload Deployer. IBM Workload Deployer has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Workload Deployer version 3.1 and later\n\n## Remediation/Fixes\n\n \nThe solution is to apply the following IBM Workload Deployer fix: \n \nUpgrade the IBM Workload Deployer to the following fix level: \n \n\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|--- \nIBM Workload Deployer System| Release V3.1.0.7| V3.1.0.7 Interim fix12, \n \n[_http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Workload+Deployer&release=3.1.0.7&platform=All&function=fixId&fixids=3.1.0.7-ifix12-IBM_Workload_Deployer&includeSupersedes=0_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Workload+Deployer&release=3.1.0.7&platform=All&function=fixId&fixids=3.1.0.7-ifix12-IBM_Workload_Deployer&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2018-06-15T07:06:03", "modified": "2018-06-15T07:06:03", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/548155", "reporter": "IBM", "references": [], "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "immutableFields": [], "lastseen": "2023-02-21T05:56:33", "viewCount": 3, "enchantments": {"score": {"value": 0.9, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY20.ASC"]}, {"type": "altlinux", "idList": ["6E8B796A6FEE95047EFD1F1579BB3755", "CA02D996C51FDE4696ED5DEAE9A556FD"]}, {"type": "amazon", "idList": ["ALAS-2016-695"]}, {"type": "android", "idList": ["ANDROID:CVE-2016-2108"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-07-01", "ANDROID:2017-07-01", "ANDROID:2017-11-01"]}, {"type": "apple", "idList": ["APPLE:08DDC9EE4E7DEBCD387FA33304B8E244", "APPLE:HT206903"]}, {"type": "archlinux", "idList": ["ASA-201605-3", "ASA-201605-4"]}, {"type": "centos", "idList": ["CESA-2016:0722", "CESA-2016:0996", "CESA-2016:1137"]}, {"type": "cisco", "idList": ["CISCO-SA-20160504-OPENSSL"]}, {"type": "citrix", "idList": ["CTX212736", "CTX233832"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:F006390335E44CFEC69607A8E9BE3B62"]}, {"type": "cve", "idList": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"]}, {"type": "debian", "idList": ["DEBIAN:DLA-456-1:BB65D", "DEBIAN:DSA-3566-1:D74F5"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-2105", "DEBIANCVE:CVE-2016-2106", "DEBIANCVE:CVE-2016-2108", "DEBIANCVE:CVE-2016-2109"]}, {"type": "f5", "idList": ["F5:K07538415", "F5:K23230229", "F5:K36488941", "F5:K51920288", "F5:K75152412", "SOL07538415", "SOL23230229", "SOL36488941", "SOL51920288", "SOL75152412"]}, {"type": "fedora", "idList": ["FEDORA:44719604F0C3", "FEDORA:56D376268FDB", "FEDORA:58BAF60A0C7C", "FEDORA:6DCC66067328", "FEDORA:A3C8D604C8B1"]}, {"type": "fortinet", "idList": ["FG-IR-16-026"]}, {"type": "freebsd", "idList": ["01D729CA-1143-11E6-B55E-B499BAEBFEAF", "CA5CB202-4F51-11E6-B2EC-B499BAEBFEAF"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-16:17.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201612-16"]}, {"type": "hackerone", "idList": ["H1:134880", "H1:135944", "H1:135945"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20160706-01-OPENSSL"]}, {"type": "ibm", "idList": ["0236273B86DA07DEDD01575B8D7BC09BC4245E7465F644F4852F3C74F78F2689", "0942FB184F4FAEA2A4874C81B33060A84D8FF049E6F0B9FC6D173CD5FE1FF9A9", "0A94A36BE877692B2F0AB97F5081AA5C3010CDF94C05C7E8B0C0AC4E64BEBA67", "0DBB6D5133BC7BF4D4C2244A52FAD1F4548D247E6EF04256F367102545D8324D", "1148C8DD30AC2930E528C1791D370C73ECDA7CF974AD249EBD19AD99B78AAD68", "1381DDC2EB11D20FD35FD5133E3BDD2833703D883F98CAA012F0CFBF823F4A6D", "1736B585D80ED031E004E1AC38E590615C7E0F6FE6AB8A15B1B90CB8EC998277", "206BB5A19228230232F37678032F015C18CF60C157F3C965374B3A52A7119AFF", "2830C710B20404D6B16EF9CB8161B321F59F7341D8798630B8603B369CA4ED57", "35F9A813F05B327D07BF7368CED622D5E23B4D9BCBE752850A037D89EB6C0A00", "3899BD4528C3DED11372760AAF676C3C87D98D5142D95E7CEE23A06644E3B197", "39CAE5EE9A0F3DE219E28E6A3BE90E3B8E089FF2AA4C74E8BE3A4E2714716AC5", "3D12006C995C2C683E173419369377B400C7252133E8CFEEEC83E09104078893", "4278728D85C79F2084FC36711DAAF10C86E475C8E6940F2111DD155F1C48C0FA", "462CCAEFE39DE4B8C89C00328CBC9CA234F0066E30424E0C8AE6BA1EF9AA8903", "46799FCDE18E3EFD375868A79B70BC4BEDEC133C2495D8AA8CF81D91E7DEF01A", "4904478758E68B5AAF1019EF051EFDC11A110285B2C9609A3BF862A4F48B7806", "4C38766283CEE338D5C512A76FE766520F818C766B10B8F6096918C93D2A8A67", "52A5398094130E1B0A40291225AFDAF806D3B8B80AD7F16F186739DA6E836335", "63DAB7532D89108F5D2DC3FDE381EF3F537B4BD859941C18E4BAD485F5223BE3", "68620709627EAD066E865897A856617556047C7100878749E07A6C6B5831EB59", "699A1ED7C203BD1C8BA3FC9BCD0A95A9618D0B3B3F0BC3CD80DE6C86C31C5E44", "6A2E92D36FABC1D54E354DFAE40C5959271B5DD0561E7165A41D0F6CCD6A7B7C", "72D44C997959DC41BF81F871ABB53A98AEBA00944ABE8FEF404373839D0746E6", "72ECA624F1897E880B20E3BA243FE78C6A66224FD180FE337A72D958F8C9A7F0", "784293D9E1878AA4E3BA5C5B60C041F19D16A9A8AA40529EA178B7C8D2D6E53C", "7B9AB0004B19C07C7509F6BC5712ECB9A1222E830E184DC0464DF75AF70587EF", "7E5316C696B18FF3DFF87CA859F82C9C66CB155243A7620FC742BE55816A9D9C", "802538304F01065B2827B08F583BE8B36F2EB7C11AE879DD4BF44A7339230B9E", "82D348B7AC274B1F17A78CC906F5DDC3A5C96BD23F4BB13600CC22F46FFF3EFD", "864B038FC0651FF53F9210F981E5FCF3587AFB330872619016CEF5D36569E098", "898EA6C5E20A9A6533D19F715FAA0AA31F646D5037D10EFCC09302D00AA729A8", "8EEBB0B8FAC8DFA33C0405E2C48BAF0FD71BF64FEE9E71DFF45B1738CA5A7E36", "926064F28B2809B4877A8EA78CF19B1BD358570ECBEF53DC9ABC59798101D756", "92D11E24F34620A6FE2D4691E3050E4E91C0E161FD1B94C9116E157ADB7BACCC", "95C2166E43A3844158C127A63BEE990F476F0FFC80988625C50E6A864E13875C", "9B62CAF06445F7A9F3CB323F735964F6F62E516F86B9B57472BC20182276D3FA", "9FED07EC55E63CD49E164B391F068DF3341A79CBA42CB2B0F7A8E9A8FF36DC1A", "A185C8C5827E7A3A98D7506B04771B204C4CEB5CCCBECFC92AF7F9B22E4BD852", "A75CF978305062012B0B6A4CC62CA7EB1F166F128DE714368CFD89193833D8DE", "AE3C0A1DA03F3F2FDD318D7CB1A19DB28B045DA520F2528F61C26EA01D2DE0AD", "B008610A37C6D22744FBFF511A07C43195D3F707766A5E89AB1E4CFCD0DE65C5", "B180B820F6F3D6EDAC7172E78991F02AFB09886A95FE4CB55E9318F8D116CF4C", "B22C029F5DE1AFDA33C7E45788FCA8B344362343E55B19D3803A4CCFD8492525", "B2A25ABFDD14D83A9C74878F4C63CE1CD6838525C412393629ECDB21E73AF9AE", "B405B568B68AFEA07B8166064FAA890F3BF9F3CC511F9A01DE32970B8A066315", "B7714F51B8CFAA4234497F491ECC215FC91BAB3D7CF96F228B974B661D0E0297", "B84251E3C31E8FAF9BA0B73449F8A92CA84F7B802070A7A5FB283B62300DC251", "B8AD051E12C47E6B184A60689F2D548C811310D4110E132AD2914799A6A0D4BC", "C0F8A4FDB16B6060757282B298924E8005EF0D1B30BB3472B793362E6109A282", "C362DA3FCC19527A119FED83D0B6DA4D945A28BE02C6CEB71702ED777D4D16EF", "C3FB79ADA39B46791DCF93E4A2B6E50FE2792D0E382EF08036106CE4972770C2", "D209AAB4C0E35A5C114E62A6D853762DB0AA9080D963F0EECA922C5D3ED15307", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D5D68C274689503F08DAB338007FECB9B03D6956ECF160CECB37263C1DB02BAC", "D82275F558C18EE0A66FA00314D493D498F1F12E5B589E97787630909B97E925", "DB8BD8B6F9DF029D39682639D78B9C6DADC00A8FA5AF3CB07A78FFE91CC29A0A", "E67441CCF9840E74E9AC61C45895075B9F65BB9C0A44EFD9BE418AA4A069F2CD", "E919E9A36C657D0228D3DA8A63FA716B3583174E73FC9F478D6A0F12BD9E2448", "EA88DB8E17F102D78A732DAA26FDE33416E9FF3CB6B71D047CC8325768802786", "F22F8C611651BB5F2E58AC10F1F1DBEBF4869D3A824C40D9FE14FEE332E57295", "F8A3D4A9CDB2E69EDABA736EFD7D24F77520D958AFA106D11E5EF76D4D31E151", "F988C4692D2E552B4E225648097C2785A4DF9A107750563427C783A0CDEE0C5B", "F9C3BC218F02B41A1EE998B0C9BACBCBA2A26044AA17D86E90806B1B4853903B", "FA37EFD6BCDF8414B1B01DD06C96E0D1E771E69F214D77948CB831C765C409D8", "FAA2B691DD1E76E786CADE53CD8A2391FDC6BE6F5B14624181F6008CE76C4E36", "FB725790185B6C1D6E94DE5593F9324A99EFC707F2DA722AC7D3588D3D90484E"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00067"]}, {"type": "kaspersky", "idList": ["KLA10847"]}, {"type": "mageia", "idList": ["MGASA-2016-0169"]}, {"type": "nessus", "idList": ["9389.PRM", "9390.PRM", "AIX_OPENSSL_ADVISORY20.NASL", "ALA_ALAS-2016-695.NASL", "ARISTA_EOS_SA0020.NASL", "BLUECOAT_PROXY_SG_6_5_9_8.NASL", "CENTOS_RHSA-2016-0722.NASL", "CENTOS_RHSA-2016-0996.NASL", "CENTOS_RHSA-2016-1137.NASL", "CISCO_TELEPRESENCE_VCS_MULTIPLE_880.NASL", "CITRIX_XENSERVER_CTX212736.NASL", "DEBIAN_DLA-456.NASL", "DEBIAN_DSA-3566.NASL", "EULEROS_SA-2019-1861.NASL", "EULEROS_SA-2019-2217.NASL", "EULEROS_SA-2019-2271.NASL", "F5_BIGIP_SOL23230229.NASL", "F5_BIGIP_SOL36488941.NASL", "F5_BIGIP_SOL51920288.NASL", "F5_BIGIP_SOL75152412.NASL", "FEDORA_2016-05C567DF1A.NASL", "FEDORA_2016-1411324654.NASL", "FEDORA_2016-1E39D934ED.NASL", "FEDORA_2016-C558E58B21.NASL", "FEDORA_2016-E1234B65A2.NASL", "FREEBSD_PKG_01D729CA114311E6B55EB499BAEBFEAF.NASL", "FREEBSD_PKG_CA5CB2024F5111E6B2ECB499BAEBFEAF.NASL", "GENTOO_GLSA-201612-16.NASL", "HPSMH_7_6.NASL", "JUNIPER_JSA10759.NASL", "LCE_4_8_1.NASL", "MACOSX_10_11_6.NASL", "MYSQL_5_6_31.NASL", "MYSQL_5_6_31_RPM.NASL", "MYSQL_5_7_13.NASL", "MYSQL_5_7_13_RPM.NASL", "OPENSSL_1_0_1O.NASL", "OPENSSL_1_0_1T.NASL", "OPENSSL_1_0_2C.NASL", "OPENSSL_1_0_2H.NASL", "OPENSUSE-2016-1283.NASL", "OPENSUSE-2016-1289.NASL", "OPENSUSE-2016-561.NASL", "OPENSUSE-2016-562.NASL", "OPENSUSE-2016-563.NASL", "OPENSUSE-2016-564.NASL", "OPENSUSE-2016-565.NASL", "OPENSUSE-2016-575.NASL", "OPENSUSE-2016-715.NASL", "OPENSUSE-2017-255.NASL", "ORACLELINUX_ELSA-2016-0722.NASL", "ORACLELINUX_ELSA-2016-0996.NASL", "ORACLELINUX_ELSA-2016-1137.NASL", "ORACLELINUX_ELSA-2016-3576.NASL", "ORACLEVM_OVMSA-2016-0049.NASL", "ORACLEVM_OVMSA-2016-0086.NASL", "ORACLEVM_OVMSA-2016-0135.NASL", "ORACLE_E-BUSINESS_CPU_OCT_2016.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2016_CPU.NASL", "PFSENSE_SA-16_04.NASL", "REDHAT-RHSA-2016-0722.NASL", "REDHAT-RHSA-2016-0996.NASL", "REDHAT-RHSA-2016-1137.NASL", "REDHAT-RHSA-2016-1648.NASL", "REDHAT-RHSA-2016-1649.NASL", "REDHAT-RHSA-2016-2073.NASL", "REDHAT-RHSA-2017-0193.NASL", "REDHAT-RHSA-2017-0194.NASL", "SCREENOS_JSA10759.NASL", "SLACKWARE_SSA_2016-124-01.NASL", "SL_20160509_OPENSSL_ON_SL7_X.NASL", "SL_20160510_OPENSSL_ON_SL6_X.NASL", "SL_20160531_OPENSSL_ON_SL5_X.NASL", "SUSE_SU-2016-1228-1.NASL", "SUSE_SU-2016-1233-1.NASL", "SUSE_SU-2016-1267-1.NASL", "SUSE_SU-2016-1290-1.NASL", "SUSE_SU-2016-1360-1.NASL", "SUSE_SU-2017-0461-1.NASL", "SUSE_SU-2017-0585-1.NASL", "SUSE_SU-2017-0605-1.NASL", "SUSE_SU-2018-0112-1.NASL", "UBUNTU_USN-2959-1.NASL", "VIRTUALBOX_5_0_22.NASL"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:OPENSSL-MAY-2016"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2016-2105", "OPENSSL:CVE-2016-2106", "OPENSSL:CVE-2016-2108", "OPENSSL:CVE-2016-2109"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105732", "OPENVAS:1361412562310106262", "OPENVAS:1361412562310106267", "OPENVAS:1361412562310106355", "OPENVAS:1361412562310106390", "OPENVAS:1361412562310120684", "OPENVAS:1361412562310122924", "OPENVAS:1361412562310131285", "OPENVAS:1361412562310140019", "OPENVAS:1361412562310140020", "OPENVAS:1361412562310141826", "OPENVAS:1361412562310703566", "OPENVAS:1361412562310807569", "OPENVAS:1361412562310807570", "OPENVAS:1361412562310807816", "OPENVAS:1361412562310807817", "OPENVAS:1361412562310807997", "OPENVAS:1361412562310808016", "OPENVAS:1361412562310808029", "OPENVAS:1361412562310808374", "OPENVAS:1361412562310808407", "OPENVAS:1361412562310808590", "OPENVAS:1361412562310808596", "OPENVAS:1361412562310810227", "OPENVAS:1361412562310842729", "OPENVAS:1361412562310851289", "OPENVAS:1361412562310851295", "OPENVAS:1361412562310851296", "OPENVAS:1361412562310851297", "OPENVAS:1361412562310851298", "OPENVAS:1361412562310851299", "OPENVAS:1361412562310851308", "OPENVAS:1361412562310851309", "OPENVAS:1361412562310851337", "OPENVAS:1361412562310851430", "OPENVAS:1361412562310851505", "OPENVAS:1361412562310871610", "OPENVAS:1361412562310871614", "OPENVAS:1361412562310871625", "OPENVAS:1361412562310882486", "OPENVAS:1361412562310882496", "OPENVAS:1361412562311220191861", "OPENVAS:1361412562311220192217", "OPENVAS:1361412562311220192271", "OPENVAS:703566"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2017", "ORACLE:CPUJAN2018", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2018", "ORACLE:CPUOCT2016"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-0722", "ELSA-2016-0996", "ELSA-2016-1137", "ELSA-2016-3556", "ELSA-2016-3558", "ELSA-2016-3571", "ELSA-2016-3576", "ELSA-2016-3621", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:CVE-2016-2105", "OSV:CVE-2016-2106", "OSV:CVE-2016-2109", "OSV:DLA-456-1", "OSV:DSA-3566-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:143369"]}, {"type": "paloalto", "idList": ["PAN-SA-2016-0020", "PAN-SA-2016-0023"]}, {"type": "redhat", "idList": ["RHSA-2016:0722", "RHSA-2016:0996", "RHSA-2016:1137", "RHSA-2016:1648", "RHSA-2016:1649", "RHSA-2016:2073", "RHSA-2016:2957", "RHSA-2017:0193", "RHSA-2017:0194"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-2105", "RH:CVE-2016-2106", "RH:CVE-2016-2108"]}, {"type": "seebug", "idList": ["SSV:91447"]}, {"type": "slackware", "idList": ["SSA-2016-124-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:1237-1", "OPENSUSE-SU-2016:1238-1", "OPENSUSE-SU-2016:1239-1", "OPENSUSE-SU-2016:1240-1", "OPENSUSE-SU-2016:1241-1", "OPENSUSE-SU-2016:1242-1", "OPENSUSE-SU-2016:1243-1", "OPENSUSE-SU-2016:1273-1", "OPENSUSE-SU-2016:1566-1", "OPENSUSE-SU-2016:2769-1", "OPENSUSE-SU-2016:2788-1", "SUSE-SU-2016:1206-1", "SUSE-SU-2016:1228-1", "SUSE-SU-2016:1231-1", "SUSE-SU-2016:1233-1", "SUSE-SU-2016:1267-1", "SUSE-SU-2016:1290-1", "SUSE-SU-2016:1360-1", "SUSE-SU-2017:2699-1", "SUSE-SU-2017:2700-1", "SUSE-SU-2018:0112-1"]}, {"type": "symantec", "idList": ["SMNTC-1363"]}, {"type": "thn", "idList": ["THN:7CACCDBBDB47286572F59C67E92AF821"]}, {"type": "threatpost", "idList": ["THREATPOST:54145B143BF11C716167531924DBD4F1"]}, {"type": "ubuntu", "idList": ["USN-2959-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-2105", "UB:CVE-2016-2106", "UB:CVE-2016-2108", "UB:CVE-2016-2109"]}]}, "affected_software": {"major_version": [{"name": "ibm workload deployer", "version": 3}]}, "epss": [{"cve": "CVE-2016-2105", "epss": "0.048080000", "percentile": "0.914350000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2106", "epss": "0.075810000", "percentile": "0.930830000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2108", "epss": "0.914900000", "percentile": "0.983050000", "modified": "2023-03-20"}, {"cve": "CVE-2016-2109", "epss": "0.165770000", "percentile": "0.951460000", "modified": "2023-03-20"}], "vulnersScore": 0.9}, "_state": {"score": 1684017862, "dependencies": 1676959029, "affected_software_major_version": 1677394894, "epss": 1679361349}, "_internal": {"score_hash": "9404987e4af54c778d9b0bfb9dd30acc"}, "affectedSoftware": [{"version": "3.1.0.7", "operator": "eq", "name": "ibm workload deployer"}]}

{"suse": [{"lastseen": "2016-09-04T12:42:10", "description": "This update for compat-openssl097g fixes the following issues:\n\n Security issues fixed:\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n Bugs fixed:\n - bsc#976943: Fix buffer overrun in ASN1_parse\n\n", "cvss3": {}, "published": "2016-05-04T18:08:19", "type": "suse", "title": "Security update for compat-openssl097g (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-04T18:08:19", "id": "SUSE-SU-2016:1231-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:38:49", "description": "This update for OpenSSL fixes the following security issues:\n\n * CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n * CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n * CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n * CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n * CVE-2016-0702: Side channel attack on modular exponentiation\n "CacheBleed" (bsc#968050)\n\n Additionally, the following non-security issues have been fixed:\n\n * Fix buffer overrun in ASN1_parse. (bsc#976943)\n * Allow weak DH groups. (bsc#973223)\n\n Security Issues:\n\n * CVE-2016-2105\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105</a>>\n * CVE-2016-2106\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106</a>>\n * CVE-2016-2108\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108</a>>\n * CVE-2016-2109\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109</a>>\n * CVE-2016-0702\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702</a>>\n\n\n", "cvss3": {}, "published": "2016-05-19T19:09:52", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-19T19:09:52", "id": "SUSE-SU-2016:1360-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:05:46", "description": "This update for openssl fixes the following issues:\n\n Security issues fixed:\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - CVE-2016-0702: Side channel attack on modular exponentiation\n "CacheBleed" (bsc#968050)\n\n Bugs fixed:\n - fate#320304: build 32bit devel package\n - bsc#976943: Fix buffer overrun in ASN1_parse\n - bsc#973223: allow weak DH groups, vulnerable to the logjam attack, when\n environment variable OPENSSL_ALLOW_LOGJAM_ATTACK is set\n - bsc#889013: Rename README.SuSE to the new spelling\n\n", "cvss3": {}, "published": "2016-05-12T20:08:02", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-12T20:08:02", "id": "SUSE-SU-2016:1290-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:45:08", "description": "This update for openssl fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - bsc#976943: Buffer overrun in ASN1_parse\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode\n (bsc#958501)\n\n", "cvss3": {}, "published": "2016-05-04T18:09:44", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-04T18:09:44", "id": "SUSE-SU-2016:1233-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:45:45", "description": "This update for openssl fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (boo#977617)\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (boo#977616)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (boo#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (boo#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (boo#976942)\n - boo#976943: Buffer overrun in ASN1_parse\n - boo#977621: Preserve digests for SNI\n - boo#958501: Fix openssl enc -non-fips-allow option in FIPS mode\n\n", "cvss3": {}, "published": "2016-05-05T13:08:31", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-05T13:08:31", "id": "OPENSUSE-SU-2016:1238-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:42:33", "description": "This update for compat-openssl098 fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - CVE-2016-0702: Side channel attack on modular exponentiation\n "CacheBleed" (bsc#968050)\n - bsc#976943: Buffer overrun in ASN1_parse\n\n The following non-security bugs were fixed:\n\n - bsc#889013: Rename README.SuSE to the new spelling (bsc#889013)\n\n", "cvss3": {}, "published": "2016-05-09T12:08:04", "type": "suse", "title": "Security update for compat-openssl098 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-09T12:08:04", "id": "SUSE-SU-2016:1267-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:42:03", "description": "This update for openssl fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - bsc#976943: Buffer overrun in ASN1_parse\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode\n (bsc#958501)\n\n", "cvss3": {}, "published": "2016-05-04T16:14:12", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-04T16:14:12", "id": "SUSE-SU-2016:1228-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:19:41", "description": "This update for openssl1 fixes the following issues:\n\n Security issues fixed:\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n Bugs fixed:\n - bsc#971354: libopenssl1_0_0 now Recommends: openssl1 to get correct SSL\n Root Certificate hashes\n - bsc#889013: Rename README.SuSE to the new spelling README.SUSE\n - bsc#976943: Fixed a buffer overrun in ASN1_parse.\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n\n", "cvss3": {}, "published": "2016-05-03T22:08:22", "type": "suse", "title": "Security update for openssl1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-03T22:08:22", "id": "SUSE-SU-2016:1206-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:19:39", "description": "This update for compat-openssl098 fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - CVE-2016-0702: Side channel attack on modular exponentiation\n "CacheBleed" (bsc#968050)\n - bsc#976943: Buffer overrun in ASN1_parse\n\n The following non-security bugs were fixed:\n\n - bsc#889013: Rename README.SuSE to the new spelling (bsc#889013)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "cvss3": {}, "published": "2016-05-11T00:07:42", "type": "suse", "title": "Security update for compat-openssl098 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-11T00:07:42", "id": "OPENSUSE-SU-2016:1273-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:08:02", "description": "This update for openssl fixes the following issues:\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - bsc#976943: Buffer overrun in ASN1_parse\n\n", "cvss3": {}, "published": "2016-05-05T13:07:36", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-05T13:07:36", "id": "OPENSUSE-SU-2016:1237-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:32:45", "description": "This update for libopenssl0_9_8 fixes the following issues:\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - CVE-2016-0702: Side channel attack on modular exponentiation\n "CacheBleed" (bsc#968050)\n - bsc#976943: Buffer overrun in ASN1_parse\n\n", "cvss3": {}, "published": "2016-05-05T18:07:52", "type": "suse", "title": "Security update for libopenssl0_9_8 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-05T18:07:52", "id": "OPENSUSE-SU-2016:1242-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:41:56", "description": "This update for openssl fixes the following issues:\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - bsc#976943: Buffer overrun in ASN1_parse\n\n", "cvss3": {}, "published": "2016-05-05T13:11:19", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-05T13:11:19", "id": "OPENSUSE-SU-2016:1240-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:27:16", "description": "This update for openssl fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - bsc#976943: Buffer overrun in ASN1_parse\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode\n (bsc#958501)\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "cvss3": {}, "published": "2016-05-05T18:08:51", "type": "suse", "title": "Security update for openssl (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2016-05-05T18:08:51", "id": "OPENSUSE-SU-2016:1243-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:36:41", "description": "This update for libopenssl0_9_8 fixes the following issues:\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - CVE-2016-0702: Side channel attack on modular exponentiation\n "CacheBleed" (bsc#968050)\n - bsc#976943: Buffer overrun in ASN1_parse\n\n and updates the package to version 0.9.8zh which collects many other\n fixes, including security ones.\n\n", "cvss3": {}, "published": "2016-05-05T13:12:11", "type": "suse", "title": "Security update for libopenssl0_9_8 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-3197", "CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-0797", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-0800", "CVE-2016-2106"], "modified": "2016-05-05T13:12:11", "id": "OPENSUSE-SU-2016:1241-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:15:22", "description": "This update for libopenssl0_9_8 fixes the following issues:\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n - CVE-2016-0702: Side channel attack on modular exponentiation\n "CacheBleed" (bsc#968050)\n - bsc#976943: Buffer overrun in ASN1_parse\n\n and updates the package to version 0.9.8zh which collects many other\n fixes, including security ones.\n\n", "cvss3": {}, "published": "2016-05-05T13:09:43", "type": "suse", "title": "Security update for libopenssl0_9_8 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-3197", "CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-0797", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-0800", "CVE-2016-2106"], "modified": "2016-05-05T13:09:43", "id": "OPENSUSE-SU-2016:1239-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ibm": [{"lastseen": "2023-02-21T01:54:03", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Image Construction and Composition Tool. IBM Image Construction and Composition Tool has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Image Construction and Composition Tool v2.3.2.0 \nIBM Image Construction and Composition Tool v2.3.1.0 \n\n## Remediation/Fixes\n\n \nThe solution is to apply the following IBM Image Construction and Composition Tool version fixes. \n \n \n\u00b7 For IBM Image Construction and Composition Tool v2.3.2.0 \nIBM Image Construction and Composition Tool v2.3.2.0 Build 28 \n[ ](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.2.0-28&includeRequisites=1&includeSupersedes=0>) \n[](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.2.0-28&includeRequisites=1&includeSupersedes=0>) \n[_http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.2.0-28&includeRequisites=1&includeSupersedes=0_](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.2.0-28&includeRequisites=1&includeSupersedes=0>) \n \n[ _http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_IM_Repository_2.3.2.0-28&includeRequisites=1&includeSupersedes=0_](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_IM_Repository_2.3.2.0-28&includeRequisites=1&includeSupersedes=0>) \n \n \n \n\u00b7 For IBM Image Construction and Composition Tool v2.3.1.0 \nIBM Image Construction and Composition Tool v2.3.1.0 Build 50 \n[ ](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.1.0-50&includeRequisites=1&includeSupersedes=0>) \n[](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.1.0-50&includeRequisites=1&includeSupersedes=0>) \n[_http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.1.0-50&includeRequisites=1&includeSupersedes=0_](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.1.0-50&includeRequisites=1&includeSupersedes=0>) \n \n[_http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_IM_Repository_2.3.1.0-50&includeRequisites=1&includeSupersedes=0_](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=ICCT_IM_Repository_2.3.1.0-50&includeRequisites=1&includeSupersedes=0>) \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:05:55", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Image Construction and Composition Tool (CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2018-06-15T07:05:55", "id": "206BB5A19228230232F37678032F015C18CF60C157F3C965374B3A52A7119AFF", "href": "https://www.ibm.com/support/pages/node/283291", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T21:44:10", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM MQ Appliance. IBM MQ Appliance has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM MQ Appliance M2000 \n\nIBM MQ Appliance M2001\n\n## Remediation/Fixes\n\nApply the fix for [APAR IT16192](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+MQ+Appliance+M2000&release=All&platform=All&function=aparId&apars=IT16192>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-13T19:31:11", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM MQ Appliance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2019-08-13T19:31:11", "id": "7923A025A42A3181B25C4E17D1720C6EC0A32E05B6C7523890E596B2A6F11E31", "href": "https://www.ibm.com/support/pages/node/714709", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:42:03", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM MessageSight. IBM MessageSight has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM MessageSight V1.1 and V1.2.\n\n## Remediation/Fixes\n\n_Product_\n\n| \n_VRMF_| \n_APAR_| \n_Remediation/First Fix_ \n---|---|---|--- \n_IBM MessageSight_| _1.1_| `_IT15931_`| _1.1.0.1-IBM-IMA-IF_`_IT15931_` \n \n_IBM MessageSight_| \n_1.2_| `_IT15495_`| _1.2.0.3-IBM-IMA-IF_`_IT15495_` \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-25T05:54:54", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM MessageSight", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2018-06-25T05:54:54", "id": "EA88DB8E17F102D78A732DAA26FDE33416E9FF3CB6B71D047CC8325768802786", "href": "https://www.ibm.com/support/pages/node/283901", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:56:28", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM MQ Appliance. IBM MQ Appliance has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM MQ Appliance M2000 \n\nIBM MQ Appliance M2001\n\n## Remediation/Fixes\n\nApply the fix for [APAR IT16192](<https://www-945.ibm.com/support/fixcentral/swg/selectFix?product=ibm/WebSphere/IBM%20MQ%20Appliance%20M2000&fixids=8.0.0.5-IBM-MQ-Appliance-IT16174&function=fixId&parent=ibm/WebSphere>)[](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+MQ+Appliance+M2000&release=All&platform=All&function=aparId&apars=IT16192>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:06:06", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM MQ Appliance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2018-06-15T07:06:06", "id": "68620709627EAD066E865897A856617556047C7100878749E07A6C6B5831EB59", "href": "https://www.ibm.com/support/pages/node/549709", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:56:33", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM PureApplication System. IBM PureApplication System has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n \nIBM PureApplication System V2.2 \nIBM PureApplication System V2.1 \nIBM PureApplication System V2.0\n\n## Remediation/Fixes\n\n \nThe PureSystems Manager on IBM PureApplication System is affected. The solution is to upgrade the IBM PureApplication System to the following fix level: \n \nIBM PureApplication System V2.2: Upgrade to IBM PureApplication System V2.2.1 \nIBM PureApplication System V2.1: Upgrade to IBM PureApplication System V2.1.2.3 \nIBM PureApplication System V2.0: Contact customer support for upgrade options. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:06:03", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM PureApplication System. (CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2018-06-15T07:06:03", "id": "864B038FC0651FF53F9210F981E5FCF3587AFB330872619016CEF5D36569E098", "href": "https://www.ibm.com/support/pages/node/548205", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:50:31", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Guardium . IBM Security Guardium has addressed the applicable CVEs\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Security Guardium V10\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Guardium | 10| [http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p6020_SecurityUpdate&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p6020_SecurityUpdate&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:42:56", "type": "ibm", "title": "Security Bulletin: : Multiple Vulnerabilities in OpenSSL affect IBM Security Guardium", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2018-06-16T21:42:56", "id": "35F9A813F05B327D07BF7368CED622D5E23B4D9BCBE752850A037D89EB6C0A00", "href": "https://www.ibm.com/support/pages/node/281159", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-28T17:39:04", "description": "## Summary\n\nIBM Integrated Management Module (IMM) for System x & BladeCenter have addressed the following vulnerabilities in OpenSSL.\n\n## Vulnerability Details\n\n**Summary**\n\nIBM Integrated Management Module (IMM) for System x & BladeCenter have addressed the following vulnerabilities in OpenSSL.\n\n**Vulnerability Details**\n\n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)\n\n**Description:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n\nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)\n\n**Description:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n\nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)\n\n**Description:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic.\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)\n\n**Description:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system.\n\nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**Affected products and versions**\n\nProduct | Affected Version \n---|--- \nIBM Integrated Management Module (IMM) for System x & BladeCenter | YUOO \n \n**Remediation/Fixes**\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nProduct | Fixed Version \n---|--- \nIBM Integrated Management Module (IMM) for System x & BladeCenter \nibm_fw_imm_yuooh4b-1.53_windows_32-64 \nibm_fw_imm_yuooh4b-1.53_linux_32-64 | YUOOH4B - 1.53 \n \n**Workarounds and Mitigations**\n\nNone.\n\n**References**\n\n * [Complete CVSS V3 Guide](<http://www.first.org/cvss/user-guide>)\n * [On-line Calculator V3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n[Lenovo Product Security Advisories](<https://support.lenovo.com/us/en/product_security/home>)\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n08 June, 2017: Original Version Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-04-14T14:32:25", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integrated Management Module (IMM) for System x & BladeCenter", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2023-04-14T14:32:25", "id": "F371D80CE1CB44AA4381E4D58E0C582D7E7120690249E2C9705A0905B942CC7C", "href": "https://www.ibm.com/support/pages/node/868738", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-28T17:54:55", "description": "## Summary\n\nOpen SSL is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs\n\n## Vulnerability Details\n\n \n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n \n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n \n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n \n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n \nPower HMC V7.3.0.0 \nPower HMC V7.9.0.0 \nPower HMC V8.1.0.0 \nPower HMC V8.2.0.0 \nPower HMC V8.3.0.0 \nPower HMC V8.4.0.0 \nPower HMC V8.5.0.0\n\n## Remediation/Fixes\n\n \nThe following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/>\n\nProduct\n\n| \n\nVRMF\n\n| \n\nAPAR\n\n| \n\nRemediation/Fix \n \n---|---|---|--- \n \nPower HMC\n\n| \n\nV7.7.3.0 SP7\n\n| \n\nMB04021\n\n| \n\n[MH01634](<https://www-945.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm~hmc~9100HMC&release=V7R7.3.0&platform=All>) \n \nPower HMC\n\n| \n\nV7.7.9.0 SP3\n\n| \n\nMB04022\n\n| \n\n[MH01635](<https://www-945.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm~hmc~9100HMC&release=V7R7.9.0&platform=All>) \n \nPower HMC\n\n| \n\nV8.8.1.0 SP3\n\n| \n\nMB04023\n\n| \n\n[MH01636](<https://www-945.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm~hmc~9100HMC&release=V8R8.1.0&platform=All>) \n \nPower HMC\n\n| \n\nV8.8.2.0 SP2\n\n| \n\nMB04024\n\n| \n\n[MH01637](<https://www-945.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm~hmc~9100HMC&release=V8R8.2.0&platform=All>) \n \nPower HMC\n\n| \n\nV8.8.3.0 SP2\n\n| \n\nMB04025\n\n| \n\n[MH01638](<https://www-945.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm~hmc~9100HMC&release=V8R8.3.0&platform=All>) \n \nPower HMC\n\n| \n\nV8.8.4.0 SP1\n\n| \n\nMB04026\n\n| \n\n[MH01639](<https://www-945.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm~hmc~9100HMC&release=V8R8.4.0&platform=All>) \n \nPower HMC\n\n| \n\nV8.8.5.0\n\n| \n\nMB04027\n\n| \n\n[MH01640](<https://www-945.ibm.com/support/fixcentral/main/selectFixes?parent=powersysmgmntcouncil&product=ibm~hmc~9100HMC&release=V8R8.5.0&platform=All>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-23T01:31:39", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect Power Hardware Management Console (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-09-23T01:31:39", "id": "FA37EFD6BCDF8414B1B01DD06C96E0D1E771E69F214D77948CB831C765C409D8", "href": "https://www.ibm.com/support/pages/node/667121", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:53:39", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM WebSphere MQ. IBM WebSphere MQ has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n \n\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n**_IBM WebSphere MQ V8.0 - Advanced Message Security on IBM i only_**\n\nIBM WebSphere MQ 8.0.0.5 and previous levels of maintenance\n\n## Remediation/Fixes\n\n**_IBM WebSphere MQ V8.0_**\n\nApply [8.0.0.6](<http://www-01.ibm.com/support/docview.wss?uid=swg21995100>) maintenance level\n\nNote: A fix for CVE-2016-2108 was provided in OpenSSL versions 1.0.1o and 1.0.2c and was previously addressed by IBM WebSphere MQ.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:07:04", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere MQ (CVE-2016-2106, CVE-2016-2109)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2018-06-15T07:07:04", "id": "0DBB6D5133BC7BF4D4C2244A52FAD1F4548D247E6EF04256F367102545D8324D", "href": "https://www.ibm.com/support/pages/node/291933", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:53:40", "description": "## Summary\n\n2016\u5e745\u67083\u65e5\u306bOpenSSL Project\u306b\u3088\u3063\u3066\u3001OpenSSL\u306e\u8106\u5f31\u6027\u304c\u958b\u793a\u3055\u308c\u307e\u3057\u305f\u3002 \nOpenSSL\u306f\u3001IBM WebSphere MQ Advanced Message Security for IBM i\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u3067\u4f7f\u7528\u3055\u308c\u3066\u3044\u307e\u3059\u3002 \nIBM WebSphere MQ\u306f\u63b2\u984c\u306eCVE\u306b\u5bfe\u51e6\u3057\u307e\u3057\u305f\u3002 \n \n\u6700\u65b0\u306e\u60c5\u5831\u306b\u3064\u3044\u3066\u306f\u4e0b\u8a18\u306e\u6587\u66f8\uff08\u82f1\u8a9e\uff09\u3092\u3054\u53c2\u7167\u304f\u3060\u3055\u3044\u3002 \nSecurity Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere MQ (CVE-2016-2106, CVE-2016-2109) \nhttp://www.ibm.com/support/docview.wss?uid=swg21998797\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL \u306b\u306f\u3001EVP_EncryptUpdate() \u95a2\u6570\u306b\u3088\u308b\u4e0d\u6b63\u306a\u30d0\u30a6\u30f3\u30c9\u30c1\u30a7\u30c3\u30af\u306b\u3088\u308a\u3001\u30d2\u30fc\u30d7\u30d9\u30fc\u30b9\u306e\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u3092\u5f15\u304d\u8d77\u3053\u3059\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u975e\u5e38\u306b\u9577\u3044\u5f15\u6570\u3092\u9001\u4fe1\u3059\u308b\u3053\u3068\u306b\u3088\u308a\u3001\u30ea\u30e2\u30fc\u30c8\u653b\u6483\u8005\u306f\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u3092\u5f15\u304d\u8d77\u3053\u3057\u3001\u30b7\u30b9\u30c6\u30e0\u3067\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3057\u3066\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u30af\u30e9\u30c3\u30b7\u30e5\u3055\u305b\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002 \nCVSS Base Score: 5.6 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n \n\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL \u306b\u306f\u3001\u30e1\u30e2\u30ea\u30a2\u30ed\u30b1\u30fc\u30b7\u30e7\u30f3\u30a8\u30e9\u30fc\u306b\u3088\u308a\u5f15\u304d\u8d77\u3053\u3055\u308c\u308b\u30b5\u30fc\u30d3\u30b9\u904b\u7528\u59a8\u5bb3\u306e\u8106\u5f31\u6027\u304c\u3042\u308a\u307e\u3059\u3002d2i_CMS_bio() \u306a\u3069\u306e\u30d5\u30a1\u30f3\u30af\u30b7\u30e7\u30f3\u3092\u4f7f\u7528\u3057\u3066\u3001\u7279\u5225\u306b\u751f\u6210\u3055\u308c\u305f ASN.1 \u3092BIO \u304b\u3089\u8aad\u307f\u8fbc\u3080\u3053\u3068\u3067\u3001\u653b\u6483\u8005\u306f\u3001\u3053\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3066\u3059\u3079\u3066\u306e\u5229\u7528\u53ef\u80fd\u306a\u30ea\u30bd\u30fc\u30b9\u3092\u6d88\u8cbb\u3057\u3066\u30e1\u30e2\u30ea\u4e0d\u8db3\u306b\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002 \nCVSS Base Score: 5.3 \nCVSS Temporal Score: \u73fe\u5728\u306e\u30b9\u30b3\u30a2\u306f [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) \u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002 \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n**_IBM WebSphere MQ V8.0 - Advanced Message Security on IBM i \u306e\u307f_** \nIBM WebSphere MQ 8.0.0.5 \u4ee5\u524d\u306e\u4fdd\u5b88\u30ec\u30d9\u30eb\n\n## Remediation/Fixes\n\n**_IBM WebSphere MQ V8.0_**\n\n\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u30fb\u30ec\u30d9\u30eb [8.0.0.6](<http://www-01.ibm.com/support/docview.wss?uid=swg21995100>) \u3092\u9069\u7528\u3057\u307e\u3059\u3002\n\n\u6ce8\u610f\uff1a CVE-2016-2108\u306e\u4fee\u6b63\u306f\u3001OpenSSL\u30d0\u30fc\u30b8\u30e7\u30f31.0.1o\u30681.0.2c\u3067\u63d0\u4f9b\u3055\u308c\u3066\u3044\u3066\u3001IBM WebSphere MQ\u306f\u65e2\u306b\u5bfe\u5fdc\u6e08\u307f\u3067\u3059\u3002\n\n## Workarounds and Mitigations\n\n\u306a\u3057\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:07:07", "type": "ibm", "title": "Security Bulletin: IBM WebSphere MQ Advanced Message Security for IBM i \u3078\u306eOpenSSL\u306e\u8106\u5f31\u6027 (CVE-2016-2106, CVE-2016-2109)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2018-06-15T07:07:07", "id": "B8AD051E12C47E6B184A60689F2D548C811310D4110E132AD2914799A6A0D4BC", "href": "https://www.ibm.com/support/pages/node/293325", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:54:48", "description": "## Summary\n\nIBM Cognos Business Intelligence is shipped as a component of IBM Cognos Planning. Information about a security vulnerability affecting IBM Cognos Business Intelligence has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin: [Security Bulletin: IBM Cognos Business Intelligence Server 2016Q2 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21984323>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)| Affected Supporting Product and Version \n---|--- \n \nIBM Cognos Planning 10.1.1| \nIBM Cognos Business Intelligence 10.1.1 \n \n## ", "cvss3": {}, "published": "2018-06-15T22:42:17", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM Cognos Business Intelligence shipped with IBM Cognos Planning (CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176, CVE-2016-2108)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-15T22:42:17", "id": "63DAB7532D89108F5D2DC3FDE381EF3F537B4BD859941C18E4BAD485F5223BE3", "href": "https://www.ibm.com/support/pages/node/541577", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T01:52:41", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cognos Controller. IBM Cognos Controller has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Cognos Controller 10.2.1 \n\nIBM Cognos Controller 10.2\n\nIBM Cognos Controller 10.1.1\n\nIBM Cognos Controller 10.1\n\n## Remediation/Fixes\n\n[IBM Cognos Controller 10.2.1 FP4 IF2](<http://www-01.ibm.com/support/docview.wss?uid=swg24042409>)\n\n[IBM Cognos Controller 10.2 FP1 IF6](<http://www-01.ibm.com/support/docview.wss?uid=swg24042408>)\n\n[IBM Cognos Controller 10.1.1 FP3 IF6](<http://www-01.ibm.com/support/docview.wss?uid=swg24042410>)\n\n \n_ \nUsers of IBM Cognos Controller v10.1 are advised to contact IBM Customer Support. \n_\n\nNote: A fix for CVE-2016-2108 was provided in OpenSSL versions 1.0.1o and 1.0.2c and was previously addressed by IBM Cognos Controller.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T22:44:22", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Cognos Controller", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-15T22:44:22", "id": "4278728D85C79F2084FC36711DAAF10C86E475C8E6940F2111DD155F1C48C0FA", "href": "https://www.ibm.com/support/pages/node/278965", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:48:45", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by Rational Reporting for Development Intelligence (RRDI). RRDI has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product(s) and Version(s) \n---|--- \nRRDI 2.0, 2.0.1, 2.0.3 and 2.0.4| Cognos BI 10.1.1 \nRRDI 2.0.5 and 2.0.6| Cognos BI 10.2.1 \nRRDI 5.0, 5.0.1 and 5.0.2| Cognos BI 10.2.1 Fix pack 2 \nJazz Reporting Service 5.0, 5.0.1 and 5.0.2 \n \n## Remediation/Fixes\n\n \nApply the recommended fixes to all affected versions of RRDI. \n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**RRDI 2.0, 2.0.0.1, 2.0.1, 2.0.3 and 2.0.4** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 19 (Implemented by file 10.1.6306.509)](<http://www-01.ibm.com/support/docview.wss?uid=swg24042359>). \nReview technote [1679281: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Reporting for Development Intelligence 2.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679281>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**RRDI 2.0.5 and 2.0.6 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.2.1 Interim Fix 17 (Implemented by file 10.2.5000.528)](<http://www-01.ibm.com/support/docview.wss?uid=swg24042360>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n \n**RRDI 5.0 and 5.0.1 and 5.0.2 ** \n \n\n\n * If the Cognos-based reporting server is used, also perform this step. \nDownload the [IBM Cognos Business Intelligence 10.2.1.1 Interim Fix 16 (Implemented by file 10.2.5010.512)](<http://www-01.ibm.com/support/docview.wss?uid=swg24042360>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T05:14:27", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect Rational Reporting for Development Intelligence", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-17T05:14:27", "id": "FB725790185B6C1D6E94DE5593F9324A99EFC707F2DA722AC7D3588D3D90484E", "href": "https://www.ibm.com/support/pages/node/284033", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:51:21", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Network Controller. IBM Security Network Controller has addressed the applicable CVEs.\n\n## Vulnerability Details\n\nCVEID: [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Security Network Controller 1.0.X\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \n** IBM Security Network Controller**| _1.0.X_| [Proventia NSC Update 14 (fw 1.0.4000)](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Tivoli/IBM+Security+Network+Active+Bypass&release=All&platform=Windows&function=all>) \n** IBM Security Network Controller**| _1.0.X_| [Proventia NSC Update 14 (fw 1.0.4000M)](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Tivoli/IBM+Security+Network+Active+Bypass&release=All&platform=Windows&function=all>) \n \nfor IBM Security Network Controller products at Firmware version 1.0.X \n\nIBM recommends upgrading to 1.0.4000M/1.0.4000 depending on current firmware installed. Update 1.0.4000M and 1.0.4000 are the supported firmware release of the product. \n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:45:31", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Security Network Controller", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-16T21:45:31", "id": "6A2E92D36FABC1D54E354DFAE40C5959271B5DD0561E7165A41D0F6CCD6A7B7C", "href": "https://www.ibm.com/support/pages/node/549617", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-23T21:51:22", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware. IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmwarehas addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**Summary**\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware. IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the applicable CVEs.\n\n**Vulnerability Details:**\n\n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)\n\n**Description:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system.\n\nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)\n\n**Description:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic.\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)\n\n**Description:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n\nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)\n\n**Description:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n\nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>)\n\n**Description:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**Affected Products and Versions**\n\nProduct | Affected Version \n---|--- \nIBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware | 3.3-3.5 \n \n**Remediation/Fixes:**\n\nFirmware fix versions are available on Fix Central: \n<http://www.ibm.com/support/fixcentral/>.\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nProduct | Fixed Version \n---|--- \nIBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware \nmlnx_fw_ppc_m460ex-sx-3.6.2002_anyos_noarch | 3.6.2002 \n \n**Workaround(s) & Mitigation(s):**\n\nNone\n\n**References:**\n\n * [Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide.html>)\n * [On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n[Lenovo Product Security Advisories](<https://support.lenovo.com/us/en/product_security/home>)\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n09 February 2017: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-31T02:25:02", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2019-01-31T02:25:02", "id": "0BF273789D1B41FCA359A93988125066B51B0DC825C21E4488D80FB61F79560E", "href": "https://www.ibm.com/support/pages/node/868642", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:46:31", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Tivoli Netcool/Reporter \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Tivoli Netcool/Reporter v2.2\n\n## Remediation/Fixes\n\n**Produc****t**\n\n| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nIBM Tivoli Netcool/Reporter| 2.2| None| Contact support \n \n## Workarounds and Mitigations\n\nPlease contact IBM support to request a fix\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T15:25:30", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Tivoli Netcool/Reporter", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-17T15:25:30", "id": "A185C8C5827E7A3A98D7506B04771B204C4CEB5CCCBECFC92AF7F9B22E4BD852", "href": "https://www.ibm.com/support/pages/node/283199", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:52:40", "description": "## Summary\n\nOpenSSL could allow a remote attacker to execute arbitrary code, obtain sensitive information or perform denial of service attacks. OpenSSL is used by IBM Algo Audit and Compliance.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Algo Audit and Compliance versions 2.1.0\n\n## Remediation/Fixes\n\nDownload and install IBM Algo Audit and Compliance version 2.1.0.3 Interim Fix 2 from Fix Central, details available at <http://www-01.ibm.com/support/docview.wss?uid=swg24042349>\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T22:44:41", "type": "ibm", "title": "Security Bulletin: OpenSSL vulnerabilities in IBM Algo Audit and Compliance (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-15T22:44:41", "id": "72D44C997959DC41BF81F871ABB53A98AEBA00944ABE8FEF404373839D0746E6", "href": "https://www.ibm.com/support/pages/node/281617", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:51:24", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Network Active Bypass. IBM Security Network Active Bypass has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nProducts: ABYP-0T-0S-4L-P, ABYP-0T-0S-4L-P-M, ABYP-0T-2S-2L-P, ABYP-0T-2S-2L-P-M, ABYP-0T-4S-0L-P, ABYP-0T-4S-0L-P-M, ABYP-10G-2SR-2LR-1-P, ABYP-10G-2SR-2LR-1-P-M, ABYP-10G-4LR-1-P, ABYP-10G-4LR-1-P-M, ABYP-10G-4SR-1-P, ABYP-10G-4SR-1-P-M, ABYP-2T-0S-2L-P, ABYP-2T-0S-2L-P-M, ABYP-2T-1S-1L-P, ABYP-2T-1S-1L-P-M, ABYP-2T-2S-0L-P, ABYP-2T-2S-0L-P-M, ABYP-4T-0S-0L-P, ABYP-4T-0S-0L-P-M, ABYP-4TL-P, ABYP-4TL-P-M, ABYP-4TS-P, ABYP-4TS-P-M \n \nFirmware versions: \n1G NAB - 2.15-36, 2.16-37, 2.18-43, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57, 3.29-9, 3.30-12, 3.30.0-13, 3.30.2-9, 3.30.4-12 \n10G NAB - 1.0.1876, 1.0.2919, 0343c3c, 2.11-28, 2.13-34, 2.15-36, 2.18-42, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57, 3.29-9, 3.30-12, 3.30.0-13, 3.30.2-9, 3.30.4-12\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \n**IBM Security Proventia Network Active Bypass**| 3.X | [Proventia 1G NAB Update 20 (fw 3.30.5-21)](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Tivoli/IBM+Security+Network+Active+Bypass&release=All&platform=All&function=all>) \n**IBM Security Proventia Network Active Bypass**| _3.X_| [Proventia 10G NAB Update 17 (fw 3.30.5-21)](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Tivoli/IBM+Security+Network+Active+Bypass&release=All&platform=All&function=all>) \n \n \nFor IBM Security Proventia Network Active Bypass products at Firmware versions: \n \n1G NAB - 2.15-36, 2.16-37, 2.18-43, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57, 3.29-9, 3.30-12, 3.30.0-13, 3.30.2-9, 3.30.4-12 \n10G NAB - 1.0.1876, 1.0.2919, 0343c3c, 2.11-28, 2.13-34, 2.15-36, 2.18-42, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57, 3.29-9, 3.30-12, 3.30.0-13, 3.30.2-9, 3.30.4-12 \n\n\nIBM recommends upgrading to 3.30.5-21, the supported firmware release of the product.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:45:04", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Active Bypass (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-16T21:45:04", "id": "1148C8DD30AC2930E528C1791D370C73ECDA7CF974AD249EBD19AD99B78AAD68", "href": "https://www.ibm.com/support/pages/node/548265", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:51:25", "description": "## Summary\n\nOpenSSL vulnerabilities disclosed on May 3 2016, https://www.openssl.org/news/secadv/20160503.txt plus CVE-2016-2842. \n\n## Vulnerability Details\n\n**CVE-ID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n** \nDescription:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n** \nCVSS Base Score:** 5.6** \nCVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score** \nCVSS Environmental Score:** *Undefined** \nCVSS Vector:** CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L \n \n** \nCVE-ID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n** \nDescription:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \n** \nCVSS Base Score:** 5.6** \nCVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score** \nCVSS Environmental Score:** *Undefined** \nCVSS Vector:** CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L \n \n** \nCVE-ID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n** \nDescription:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \n** \nCVSS Base Score:** 4.3** \nCVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score** \nCVSS Environmental Score:** *Undefined** \nCVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N \n \n** \nCVE-ID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n** \nDescription:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \n** \nCVSS Base Score:** 8.1** \nCVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score** \nCVSS Environmental Score:** *Undefined** \nCVSS Vector:** CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H \n \n** \nCVE-ID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n** \nDescription:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \n** \nCVSS Base Score:** 5.3** \nCVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score** \nCVSS Environmental Score:** *Undefined** \nCVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L \n\n** \nCVE-ID:** [_CVE-2016-2842_](<https://vulners.com/cve/CVE-2016-2842>) \n** \nDescription:** OpenSSL is vulnerable to a denial of service, caused by the failure to verify that a certain memory allocation succeeds by the doapr_outch function. A remote attacker could exploit this vulnerability using a specially crafted string to cause an out-of-bounds write or consume an overly large amount of resources. \n** \nCVSS Base Score:** 7.5** \nCVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111304_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111304>) for the current score** \nCVSS Environmental Score:** *Undefined** \nCVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\n## Affected Products and Versions\n\n * IBM QRadar 7.1.n\n * IBM QRadar 7.2.n\n\n## Remediation/Fixes\n\n * [IBM QRadar SIEM 7.1 MR2 Patch 13](<https://www-945.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=7.1.0-QRADAR-QRSIEM-1104593&continue=1>)\n * [IBM QRadar SIEM/QRIF/QRM/QVM 7.2.7 Patch 1](<https://www-945.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=7.2.7-QRADAR-QRSIEM-20160727184601&continue=1>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:44:56", "type": "ibm", "title": "Security Bulletin: OpenSSL as used in IBM QRadar SIEM is vulnerable to multiple CVE's.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2018-06-16T21:44:56", "id": "D82275F558C18EE0A66FA00314D493D498F1F12E5B589E97787630909B97E925", "href": "https://www.ibm.com/support/pages/node/547867", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:45:29", "description": "## Summary\n\nThere are multiple vulnerabilities in OpenSSL that is used by TIvoli Network Manager IP Edition 3.9 Fix Pack 4 HTTPS Support for Perl Collector Install.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4 \n\n## Remediation/Fixes\n\n**IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4**\n\n| **IV85021**| Please call IBM service and reference APAR IV85021, to obtain a fix if needed before Fix Pack 5 release. A formal fix will be provided as part of IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 5. \n---|---|--- \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T15:27:04", "type": "ibm", "title": "Security Bulletin: Multiple OpenSSL vulnerabilities affect IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4 - HTTPS support for Perl Collector install.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-17T15:27:04", "id": "0236273B86DA07DEDD01575B8D7BC09BC4245E7465F644F4852F3C74F78F2689", "href": "https://www.ibm.com/support/pages/node/548287", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T21:43:07", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n \n\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nReleases 7.1, 7.2 and 7.3 of IBM i are affected. \n\n## Remediation/Fixes\n\nThe issue can be fixed by applying a PTF to the IBM i Operating System. \n \nReleases 7.1, 7.2 and 7.3 of IBM i are supported and will be fixed. \n\n[_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>)\n\n \nThe IBM i PTF numbers are: \n \n**Release 7.1 \u2013 SI60540** \n**Release 7.2 & 7.3 \u2013 SI60539** \n \n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone \n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM i (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2019-12-18T14:26:38", "id": "DE755D1E61D0A41047FD8A35B464F4B957BE57D5BEBE81339F217B79B39CCD18", "href": "https://www.ibm.com/support/pages/node/667141", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:39:55", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by WebSphere Cast Iron Cloud integration and has addressed the applicable CVEs\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nThis vulnerability affects all versions of the product \nWebSphere Cast Iron v 7.5.x, \nWebSphere Cast Iron v 7.0.0.x, \nWebSphere Cast Iron v 6.4.0.x \nWebSphere Cast Iron v 6.3.0.x \nWebSphere Cast Iron v 6.1.0.x\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nCast Iron Appliance| 7.5.*| LI79167| [7.5.1.0-CUMUIFIX-003](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.5.1.0&platform=All&function=fixId&fixids=7.5.1.0-WS-WCI-20160707-1626_H11_64-CUMUIFIX-003.scrypt2,7.5.1.0-WS-WCI-20160707-1626_H11_64-CUMUIFIX-003.vcrypt2,7.5.1.0-WS-WCI-20160707-1626_H11_64-CUMUIFIX-003.docker&includeSupersedes=0>) \nCast Iron Appliance| 7.0.*| LI79167| [7.0.0.2-CUMUIFIX-030](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.0.0.2&platform=All&function=fixId&fixids=7.0.0.2-WS-WCI-20160711-1236_H11_64-CUMUIFIX-030.vcrypt2,7.0.0.2-WS-WCI-20160711-1236_H11_64-CUMUIFIX-030.scrypt2&includeSupersedes=0>) \nCast Iron Appliance| 6.4.0.x| LI79167| [6.4.0.1-CUMUIFIX-040](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.4.0.1&platform=All&function=fixId&fixids=6.4.0.1-WS-WCI-20160722-0710_H5-CUMUIFIX-040.scrypt2,6.4.0.1-WS-WCI-20160722-0710_H5-CUMUIFIX-040.vcrypt2&includeSupersedes=0>) \nCast Iron Appliance| 6.3.0.x| LI79167| [6.3.0.2-CUMUIFIX-022](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.3.0.2&platform=All&function=fixId&fixids=6.3.0.2-WS-WCI-20160721-1915_H3-CUMUIFIX-022.scrypt2,6.3.0.2-WS-WCI-20160721-1915_H3-CUMUIFIX-022.vcrypt2&includeSupersedes=0>) \nCast Iron Appliance| 6.1.0.x| LI79167| [6.1.0.15-CUMUIFIX-029](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.1.0.15&platform=All&function=fixId&fixids=6.1.0.15-WS-WCI-20160721-1224_H3-CUMUIFIX-029.scrypt2,6.1.0.15-WS-WCI-20160721-1224_H3-CUMUIFIX-029.vcrypt2&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-18T13:57:34", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect WebSphere Cast Iron Cloud integration", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2019-11-18T13:57:34", "id": "F8A3D4A9CDB2E69EDABA736EFD7D24F77520D958AFA106D11E5EF76D4D31E151", "href": "https://www.ibm.com/support/pages/node/547699", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:48:39", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by Rational Insight. Rational Insight has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product(s) and Version(s) \n---|--- \nRational Insight 1.1, 1.1.1, 1.1.1.1 and 1.1.1.2| Cognos BI 10.1.1 \nRational Insight 1.1.1.3| Cognos BI 10.2.1 \nRational Insight 1.1.1.4, 1.1.1.5 and 1.1.1.6| Cognos BI 10.2.1 Fix pack 2 \nJazz Reporting Service 5.0, 5.0.1 and 5.0.2 \nRational Insight 1.1.1.7| Cognos BI 10.2.1 Fix pack 2 \nJazz Reporting Service 6.0 \n \n## Remediation/Fixes\n\n \nApply the recommended fixes to all affected versions of Rational Insight. \n \n**Rational Insight 1.1 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 19 (Implemented by file 10.1.6306.509)](<http://www-01.ibm.com/support/docview.wss?uid=swg24042359>). \nReview technote [1679272: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Insight 1.1](<http://www-01.ibm.com/support/docview.wss?uid=swg21679272>) for detailed instructions.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1, 1.1.1.1 and 1.1.1.2 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 19 (Implemented by file 10.1.6306.509)](<http://www-01.ibm.com/support/docview.wss?uid=swg24042359>). \nRead technote [1679281: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Reporting for Development Intelligence 2.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679281>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.3 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.2.1 Interim Fix 17 (Implemented by file 10.2.5000.528)](<http://www-01.ibm.com/support/docview.wss?uid=swg24042360>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.4 and 1.1.1.5 and 1.1.1.6 and 1.1.1.7 ** \n \n\n\n * If the Cognos-based reporting server is used, also perform this step. \nDownload the [IBM Cognos Business Intelligence 10.2.1.1 Interim Fix 16 (Implemented by file 10.2.5010.512)](<http://www-01.ibm.com/support/docview.wss?uid=swg24042360>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T05:14:27", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect Rational Insight", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-17T05:14:27", "id": "9B62CAF06445F7A9F3CB323F735964F6F62E516F86B9B57472BC20182276D3FA", "href": "https://www.ibm.com/support/pages/node/284035", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-28T17:51:17", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system.CVSS Base Score: 8.1CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current scoreCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic.CVSS Base Score: 4.3CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current scoreCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.CVSS Base Score: 5.6CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current scoreCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.CVSS Base Score: 5.6CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current scoreCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory.CVSS Base Score: 5.3CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current scoreCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer.CVSS Base Score: 5.3CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current scoreCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nNX-OS 5.X versions prior to 5.2.8(i) \n\nNX-OS 6.X versions prior to 6.2(17)\n\nNX-OS 7.X versions prior to 7.3(1)D1\n\nNX-OS 8.X versions prior to 8.1\n\nDCNM versions prior to 10.3(1)\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _FIX_ \n---|---|--- \nNX-OS| 5.2.8(i)| <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_2/release/notes/nx-os/mds_nxos_rn_528i.html> \nNX-OS| 6.2(17)| <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/release/notes/nx-os/mds_nxos_rn_6_2_17.html> \nNX-OS| 7.3(1)D1| <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/7_x/nx-os/release/notes/7x_nx-os_release_note.html> \nNX-OS| 8.1| <https://www.cisco.com/c/en/us/support/storage-networking/mds-9000-nx-os-software-release-8-1/model.html> \nDCNM| 10.3(1)| <https://www.cisco.com/c/en/us/support/cloud-systems-management/data-center-network-manager-10/model.html> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-11T15:07:09", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2022-04-11T15:07:09", "id": "46799FCDE18E3EFD375868A79B70BC4BEDEC133C2495D8AA8CF81D91E7DEF01A", "href": "https://www.ibm.com/support/pages/node/697931", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-28T17:39:07", "description": "## Summary\n\nIBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems have addressed the following vulnerabilities in openssl.\n\n## Vulnerability Details\n\n## Summary\n\nIBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems have addressed the following vulnerabilities in openssl.\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2016-0799](<https://vulners.com/cve/CVE-2016-0799>)\n\n**Description:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory error in the BIO_*printf() functions. An attacker could exploit this vulnerability using specially crafted data to trigger an out-of-bounds read.\n\nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/111143> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n**Note:** CVE-2016-0799 is fixed in IMM2 release 1aoo72h-5.60.\n\n**CVE-ID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)\n\n**Description:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n\nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVE-ID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)\n\n**Description:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\n\nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVE-ID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)\n\n**Description:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic.\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVE-ID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)\n\n**Description:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system.\n\nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVE-ID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)\n\n**Description:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory.\n\nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected products and versions\n\nProduct | Affected Version \n---|--- \nIBM Integrated Management Module II (IMM2) for System x and Flex Systems | 1AOO \nIBM Integrated Management Module II (IMM2) for BladeCenter Systems | 1AOO \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nProduct | Fix Version \n---|--- \nIBM Integrated Management Module II (IMM2) for System x and Flex Systems \nibm_fw_imm2_1aoo74f-5.80_anyos_noarch | 1AOO74F-5.80 \nIBM Integrated Management Module II (IMM2) for BladeCenter Systems \nibm_fw_imm2_1aoo74f-5.80_bc-anyos_noarch | 1AOO74F-5.80 \n \nYou should verify applying this fix does not cause any compatibility issues.\n\n## Workarounds and Mitigations\n\nNone.\n\n## References\n\n * [Complete CVSS V3 Guide](<http://www.first.org/cvss/user-guide>)\n * [On-line Calculator V3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n[ Security Bulletin: OpenSSL vulnerabilities affect IBM IMM2 for System x, Flex and BladeCenter Systems](<http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099407>) (1aoo72h-5.60) \n[Lenovo Product Security Advisories](<https://support.lenovo.com/us/en/product_security/home>)\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n27 September, 2016: Original Version Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-04-14T14:32:25", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in openssl affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2023-04-14T14:32:25", "id": "D0668B3886412A36787AE448B5228DC65FC97C2ED5317927E724EEFD286E1DBF", "href": "https://www.ibm.com/support/pages/node/868578", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-28T17:53:41", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by Multiple N series products. Multiple N series products has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nData ONTAP operating in 7-Mode: 8.2.1, 8.2.2, 8.2.3, 8.2.4; \nSnapDrive for Unix: 5.2, 5.2.2, 5.3; \nSnapDrive for Windows: 7.1.1, 7.1.2, 7.1.3;\n\n## Remediation/Fixes\n\nFor_ _Data ONTAP operating in 7-Mode: the fix exists from microcode version 8.2.5; \nFor_ _SnapDrive for Unix: the fix exists from microcode version 5.3.1; \nFor_ _SnapDrive for Windows: the fix exists from microcode version 7.1.4; \n \nPlease contact IBM support or go to this [_link_](<https://www-945.ibm.com/support/fixcentral/>) to download a supported release. \n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-15T18:05:07", "type": "ibm", "title": "Security Bulletin: May 2016 OpenSSL Vulnerabilities affect Multiple N series Products", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2021-12-15T18:05:07", "id": "E67441CCF9840E74E9AC61C45895075B9F65BB9C0A44EFD9BE418AA4A069F2CD", "href": "https://www.ibm.com/support/pages/node/698395", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-28T17:50:55", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM InfoSphere Master Data Management Server . Information about a security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nConsult the security bulletin _Multiple vulnerabilities in IBM\u00ae Java SDK affect WebSphere Application Server January 2016 CPU (CVE-2016-2108 CVE-2016-2107 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176)_ for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nIBM InfoSphere Master Data Management Server 9.x| IBM WebSphere Application Server 7.0 \nIBM InfoSphere Master Data Management Server 10.0| IBM WebSphere Application Server 7.0 \nIBM InfoSphere Master Data Management Server 10.1| IBM WebSphere Application Server 8.0 \nIBM InfoSphere Master Data Management Standard/Advanced Edition 11.0| IBM WebSphere Application Server 8.5 \nIBM InfoSphere Master Data Management Standard/Advanced Edition 11.3| IBM WebSphere Application Server 8.5.5 \nIBM InfoSphere Master Data Management Standard/Advanced Edition 11.4| IBM WebSphere Application Server 8.5.5 \nIBM InfoSphere Master Data Management Standard/Advanced Edition 11.5| IBM WebSphere Application Server 8.5.5 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-27T09:58:00", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in IBM\u00ae Java SDK affect WebSphere Application Server shipped with IBM InfoSphere Master Data Management Server (CVE-2016-2108 CVE-2016-2107 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2022-04-27T09:58:00", "id": "A75CF978305062012B0B6A4CC62CA7EB1F166F128DE714368CFD89193833D8DE", "href": "https://www.ibm.com/support/pages/node/279743", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:50:30", "description": "## Summary\n\nThere are multiple vulnerabilities in OpenSSL that is used by IBM Security Network Protection. These vulnerabilities include CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, and CVE-2016-2842.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-0799_](<https://vulners.com/cve/CVE-2016-0799>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory error in the BIO_*printf() functions. An attacker could exploit this vulnerability using specially crafted data to trigger an out-of-bounds read. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111143_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111143>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2842_](<https://vulners.com/cve/CVE-2016-2842>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to verify that a certain memory allocation succeeds by the doapr_outch function. A remote attacker could exploit this vulnerability using a specially crafted string to cause an out-of-bounds write or consume an overly large amount of resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111304_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111304>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.3.1 \nIBM Security Network Protection 5.3.2\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection| Firmware version 5.3.1| Download Firmware 5.3.1.10 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \nIBM Security Network Protection| Firmware version 5.3.2| Install Firmware 5.3.2.4 from [IBM Security License Key and Download Center](<https://ibmss.flexnetoperations.com/control/isdl/home>) and upload and install via the Available Updates page of the Local Management Interface. \n \n## Workarounds and Mitigations\n\nnone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:42:54", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2018-06-16T21:42:54", "id": "FAA2B691DD1E76E786CADE53CD8A2391FDC6BE6F5B14624181F6008CE76C4E36", "href": "https://www.ibm.com/support/pages/node/281121", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:51:27", "description": "## Summary\n\nVulnerabilities have been identified in OpenSSL. IBM Security Access Manager for Web uses OpenSSL and is affected by these vulnerabilities. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-0799](<https://vulners.com/cve/CVE-2016-0799>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory error in the BIO_*printf() functions. An attacker could exploit this vulnerability using specially crafted data to trigger an out-of-bounds read. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111143> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2842](<https://vulners.com/cve/CVE-2016-2842>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to verify that a certain memory allocation succeeds by the doapr_outch function. A remote attacker could exploit this vulnerability using a specially crafted string to cause an out-of-bounds write or consume an overly large amount of resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111304> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Security Access Manager for Web 7.0 appliances \n\nIBM Security Access Manager for Web 8.0, all firmware versions\n\nIBM Security Access Manager 9.0, all firmware versions\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Web| 7.0 (appliance)| IV86720| Apply Interim Fix 25: \n[7.0.0-ISS-WGA-IF0025](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>) \nIBM Security Access Manager for Web| 8.0.0.0 - \n8.0.1.4| IV86699| 1\\. For versions prior to 8.0.1.4, upgrade to 8.0.1.4:[](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \n[_8.0.1-ISS-WGA-FP0004_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \n2\\. Apply 8.0.1.4 Interim Fix 1: \n[_8.0.1.4-ISS-WGA-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.1.3&platform=All&function=all>) \nIBM Security Access Manager| 9.0| IV86694| 1\\. For versions prior to 9.0.1.0, upgrade to 9.0.1.0: \n[IBM Security Access Manager V9.0.1 Multiplatform, Multilingual (CRW4EML) ](<http://www-01.ibm.com/software/passportadvantage/pacustomers.html>) \n2\\. Apply 9.0.1.0 Interim Fix 2: \n[_9.0.1.0-ISS-ISAM-IF0002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:44:53", "type": "ibm", "title": "Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in OpenSSL", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2018-06-16T21:44:53", "id": "B22C029F5DE1AFDA33C7E45788FCA8B344362343E55B19D3803A4CCFD8492525", "href": "https://www.ibm.com/support/pages/node/548069", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:50:28", "description": "## Summary\n\nVulnerabilities in Open Source openssl that is used by IBM Security Identity Governance\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2842_](<https://vulners.com/cve/CVE-2016-2842>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to verify that a certain memory allocation succeeds by the doapr_outch function. A remote attacker could exploit this vulnerability using a specially crafted string to cause an out-of-bounds write or consume an overly large amount of resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111304_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111304>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-0799_](<https://vulners.com/cve/CVE-2016-0799>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory error in the BIO_*printf() functions. An attacker could exploit this vulnerability using specially crafted data to trigger an out-of-bounds read. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111143_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111143>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nBM Security Identity Governance and Intelligence 5.2.1\n\n## Remediation/Fixes\n\nIBM Security Identity Governance and Intelligence\n\n| 5.2.1| None| [__5.2.1.1-ISS-SIGI-IF0002__](<https://www-945.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.2.1.1-ISS-SIGI-IF0002&continue=1>) \n---|---|---|--- \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:44:05", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Identity Governance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2018-06-16T21:44:05", "id": "0A94A36BE877692B2F0AB97F5081AA5C3010CDF94C05C7E8B0C0AC4E64BEBA67", "href": "https://www.ibm.com/support/pages/node/283429", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T21:52:47", "description": "## Summary\n\nMultiple security vulnerabilities have been discovered in openssl that is embedded in the IBM FSM. This fix addresses these vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-0799_](<https://vulners.com/cve/CVE-2016-0799>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory error in the BIO_*printf() functions. An attacker could exploit this vulnerability using specially crafted data to trigger an out-of-bounds read. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111143_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111143>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2842_](<https://vulners.com/cve/CVE-2016-2842>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to verify that a certain memory allocation succeeds by the doapr_outch function. A remote attacker could exploit this vulnerability using a specially crafted string to cause an out-of-bounds write or consume an overly large amount of resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111304_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111304>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nFlex System Manager 1.3.4.x \nFlex System Manager 1.3.3.x \nFlex System Manager 1.3.2.x\n\n## Remediation/Fixes\n\nIBM recommends updating the FSM using the instructions referenced in this table. \n \n\n\nProduct | \n\nVRMF | \n\nAPAR | \n\nRemediation \n---|---|---|--- \nFlex System Manager| \n\n1.3.4.x | \n\nIT16772\n\n| Ensure the steps in Technote [761981453](<http://www-01.ibm.com/support/docview.wss?uid=nas777e5323a516f40f286257f03006ae4b5>) are completed, and then install \n[fsmfix1.3.4.0_IT16772_IT16773_IT16774_IT16776](<https://www.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.4.0_IT16772_IT16773_IT16774_IT16776&function=fixId&parent=Flex%20System%20Manager%20Node>) \nFlex System Manager| \n\n1.3.3.x | \n\nIT16772\n\n| Ensure the steps in Technote [736218441](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas724cb521f58c4126286257dfd005c1958>) are completed and then install \n[fsmfix1.3.3.0_IT16772_IT16773_IT16774_IT16776](<https://www.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.3.0_IT16772_IT16773_IT16774_IT16776&function=fixId&parent=Flex%20System%20Manager%20Node>) \nFlex System Manager| \n\n1.3.2.x | \n\nIT16772\n\n| Ensure the steps in Technote [736218441](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=nas724cb521f58c4126286257dfd005c1958>) are completed and then install \n[fsmfix1.3.2.0_IT16772_IT16773_IT16774_IT16776](<https://www.ibm.com/support/fixcentral/systemx/selectFixes?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.2.0_IT16772_IT16773_IT16774_IT16776&function=fixId&parent=Flex%20System%20Manager%20Node>) \n \nFor 1.1.x.x, 1.2.x.x, 1.3.0.x and 1.3.1.x IBM recommends upgrading to a fixed, supported version/release of the product. \n\n\nYou should verify applying this fix does not cause any compatibility issues. The fix disables older encrypted protocols by default. If you change the default setting after applying the fix, you will expose yourself to the attack described in IT15244. IBM recommends that you review your entire environment to identify other areas where you have enabled weak encryption and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T01:33:29", "type": "ibm", "title": "Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple openssl vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2018-06-18T01:33:29", "id": "B180B820F6F3D6EDAC7172E78991F02AFB09886A95FE4CB55E9318F8D116CF4C", "href": "https://www.ibm.com/support/pages/node/629745", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T21:53:10", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on March 3, 2016 and May 3, 2016 by the OpenSSL Project. OpenSSL is used by PowerKVM, which has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2842_](<https://vulners.com/cve/CVE-2016-2842>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to verify that a certain memory allocation succeeds by the doapr_outch function. A remote attacker could exploit this vulnerability using a specially crafted string to cause an out-of-bounds write or consume an overly large amount of resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111304_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111304>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2016-0799_](<https://vulners.com/cve/CVE-2016-0799>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory error in the BIO_*printf() functions. An attacker could exploit this vulnerability using specially crafted data to trigger an out-of-bounds read. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111143_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111143>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nPowerKVM 2.1 and PowerKVM 3.1\n\n## Remediation/Fixes\n\nCustomers can update PowerKVM systems by using \"yum update\". \n \nFix images are made available via Fix Central. For version 3.1, see [_https://ibm.biz/BdHggw_](<https://ibm.biz/BdHggw>) for 3.1.0.1 update 2 or later. \n \nFor version 2.1, see PowerKVM 2.1.1.3-65. Update 9 at [_https://ibm.biz/BdEnT8_](<https://ibm.biz/BdEnT8>) and all later 2.1.1 service updates. Customers running v2.1 are, in any case, encouraged to upgrade to v3.1. \n \nFor v2.1 systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README> for prerequisite fixes and instructions.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T01:32:18", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect PowerKVM", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2018-06-18T01:32:18", "id": "926064F28B2809B4877A8EA78CF19B1BD358570ECBEF53DC9ABC59798101D756", "href": "https://www.ibm.com/support/pages/node/628937", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:51:24", "description": "## Summary\n\nVulnerabilities have been identified in OpenSSL. IBM Security Access Manager for Mobile uses OpenSSL and is affected by these vulnerabilities. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-0799](<https://vulners.com/cve/CVE-2016-0799>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory error in the BIO_*printf() functions. An attacker could exploit this vulnerability using specially crafted data to trigger an out-of-bounds read. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111143> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2842](<https://vulners.com/cve/CVE-2016-2842>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to verify that a certain memory allocation succeeds by the doapr_outch function. A remote attacker could exploit this vulnerability using a specially crafted string to cause an out-of-bounds write or consume an overly large amount of resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111304> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Security Access Manager for Mobile 8.0, all firmware versions \n\nIBM Security Access Manager 9.0, all firmware versions\n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected versions. Follow the installation instructions in the README file included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Mobile| 8.0.0.0 - \n8.0.1.4| IV86716| 1\\. For releases prior to 8.0.1.4, upgrade to 8.0.1.4: \n[8.0.1-ISS-ISAM-FP0004](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0&platform=Linux&function=all>) \n2\\. Apply 8.0.1.4 Interim Fix 1: \n[8.0.1.4-ISS-ISAM-IF0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0&platform=Linux&function=all>) \nIBM Security Access Manager| 9.0| IV86694| 1\\. For 9.0 environments, upgrade to 9.0.1.0: \n[IBM Security Access Manager V9.0.1 Multiplatform, Multilingual (CRW4EML) ](<http://www-01.ibm.com/software/passportadvantage/pacustomers.html>) \n2\\. Apply 9.0.1.0 Interim Fix 2: \n[_9.0.1.0-ISS-ISAM-IF0002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.0.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:45:08", "type": "ibm", "title": "Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in OpenSSL", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2018-06-16T21:45:08", "id": "D209AAB4C0E35A5C114E62A6D853762DB0AA9080D963F0EECA922C5D3ED15307", "href": "https://www.ibm.com/support/pages/node/548469", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:50:30", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Proventia Network Enterprise Scanner. IBM Security Proventia Network Enterprise Scanner has addressed the applicable CVEs. \n \nIBM Security Proventia Network Enterprise Scanner is also affected by a vulnerability found in GNU glibc. IBM Security Proventia Network Enterprise Scanner addressed the applicable CVE.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2016-2856_](<https://vulners.com/cve/CVE-2016-2856>)** \nDESCRIPTION:** pt_chown in the glibc package could allow a local attacker to bypass security restrictions, caused by the lack of a namespace check associated with file-descriptor passing in the PtChownArbitraryPtsAccessViaUserNamespace document. An attacker could exploit this vulnerability to capture keystrokes, spoof data and gain unauthorized access to the system. Note: This this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111307_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111307>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nEnterprise scanner 2.3.\n\n## Remediation/Fixes\n\nFor IBM Security Proventia Network Enterprise Scanner 2.3, IBM recommends upgrading to IBM Security QRadar Vulnerability Manager. \n\nPlease contact support for more information using [_http://www.ibm.com/support/docview.wss?uid=swg21446948_](<http://www.ibm.com/support/docview.wss?uid=swg21446948>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:42:58", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL and a vulnerability in GNU glibc affect IBM Security Proventia Network Enterprise Scanner", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-2856"], "modified": "2018-06-16T21:42:58", "id": "3D12006C995C2C683E173419369377B400C7252133E8CFEEEC83E09104078893", "href": "https://www.ibm.com/support/pages/node/281435", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-28T14:08:29", "description": "## Summary\n\nSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. IBM DataPower Gateways has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n \n\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM DataPower Gateways all versions through 7.0.0.13, 7.1.0.10, 7.2.0.6, 7.5.0.1 and 7.5.1.0. \n\nCVE-2016-2018 affects only versions through 7.0.0.13 and 7.1.0.10.\n\n## Remediation/Fixes\n\nFix is available in versions 7.0.0.14, 7.1.0.11, 7.2.0.8, 7.5.0.2 and 7.5.1.1. Refer to [APAR IT15454](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT15454>) for URLs to download the fix. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n\n_For DataPower customers using versions 6.x and earlier versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product. _\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-08T22:18:27", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2018", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2021-06-08T22:18:27", "id": "1736B585D80ED031E004E1AC38E590615C7E0F6FE6AB8A15B1B90CB8EC998277", "href": "https://www.ibm.com/support/pages/node/283945", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:39:00", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling B2B Integrator. IBM Sterling B2B Integrator has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n\n**CVEID:** [CVE-2016-2105](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Sterling B2B Integrator 5.2\n\n## Remediation/Fixes\n\n**Product & Version**\n\n| **Remediated Fix** \n---|--- \nIBM Sterling B2B Integrator 5.2| SWIFTNet Customers must upgrade their current version of OpenSSL to version 1.0.1t \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-02-05T00:53:36", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2020-02-05T00:53:36", "id": "B008610A37C6D22744FBFF511A07C43195D3F707766A5E89AB1E4CFCD0DE65C5", "href": "https://www.ibm.com/support/pages/node/281291", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:38:10", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n \n \n\n\n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score. \nCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)\n\n \n \n \n\n\n**D****ESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score. \nCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)\n\n \n \n \n\n\n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score. \nCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)\n\n \n \n \n\n\n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score. \nCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n \n \n \n\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)\n\n \n \n \n\n\n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information. By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score. \nCVSS Environmental Score*: UndefinedCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Sterling Connect:Express for UNIX 1.4.6 \n\\- All versions prior to 1.4.6.1 iFix 146-114 \n \nIBM Sterling Connect:Express for UNIX 1.5.0.13 \n\\- All versions prior to 1.5.0.13\n\n## Remediation/Fixes\n\n**VRMF**\n\n| **Remediation** \n---|--- \n1.4.6| Contact your local [IBM Remote Technical Support Center ](<https://www-304.ibm.com/webapp/set2/sas/f/handbook/contacts.html>)to request Connect:Express 1.4.6.1 iFix 146-115 \n1.5.0.12| Apply 1.5.0.13 iFix 150-1301, available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Sterling+Connect%3AExpress+for+UNIX&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-07-24T22:49:37", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Sterling Connect:Express for Unix", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2020-07-24T22:49:37", "id": "F22F8C611651BB5F2E58AC10F1F1DBEBF4869D3A824C40D9FE14FEE332E57295", "href": "https://www.ibm.com/support/pages/node/283381", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-28T14:10:41", "description": "## Summary\n\nOpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied X11 authentication credentials by the sshd server. OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by GPFS V3.5 for Windows. IBM GPFS V3.5 for Windows has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2016-3115_](<https://vulners.com/cve/CVE-2016-3115>)** \nDESCRIPTION:** OpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied X11 authentication credentials by the sshd server. By sending specially crafted X11 credential data, an attacker could exploit this vulnerability to inject xauth commands and execute arbitrary commands on the system with the privileges of the victim. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111431_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111431>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nOpenSSH for GPFS V3.5 for Windows\n\n## Remediation/Fixes\n\nIn GPFS V3.5.0.31 dated May 2016, IBM upgraded OpenSSH for GPFS on Windows to 7.2p2 and to use OpenSSL 1.0.2h to address these vulnerabilities. System administrators should update their systems to GPFS V3.5.0.31 by following the steps below. \n \n1\\. Download the GPFS 3.5.0.31 update package dated May 2016 into any directory on your system from [http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%2Bsoftware&product=ibm/power/IBM+General+Parallel+File+System&release=3.5.0&platform=Windows&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%2Bsoftware&product=ibm/power/IBM+General+Parallel+File+System&release=3.5.0&platform=Windows&function=all>) \n \n2\\. Extract the contents of the ZIP archive so that the .msi file it includes is directly accessible to your system. \n \n3\\. Follow the instructions in the README included in the update package in order to install the OpenSSH msi package. This updated OpenSSH 7.2.p2 msi package is built using OpenSSL 1.02h. \n \nIf GPFS multiclustering is configured on Windows nodes, upgrade all OpenSSL packages that may have been installed. The following can be done on a small group of nodes at each time (ensuring that quorum is maintained) to maintain file system availability: \n \na. Stop GPFS on the node \nb. Install the version of OpenSSL \nc. Restart GPFS on the node\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2021-06-25T16:46:35", "type": "ibm", "title": "Security Bulletin: A Vulnerability in OpenSSH and Multiple Vulnerabilities in OpenSSL affect IBM GPFS V3.5 for Windows", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-3115"], "modified": "2021-06-25T16:46:35", "id": "82D348B7AC274B1F17A78CC906F5DDC3A5C96BD23F4BB13600CC22F46FFF3EFD", "href": "https://www.ibm.com/support/pages/node/628991", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:53:10", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin. \n \nThe above mentioned products have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Aspera Enterprise Server 3.6.0 or earlier \nIBM Aspera Connect for Web Access 3.6.0 or earlier \nIBM Aspera Desktop Client 3.6.0 or earlier \nIBM Aspera Point to Point Client 3.6.0 or earlier \nIBM Aspera Connect Browser Plug in 3.6.6 or earlier\n\n## Remediation/Fixes\n\nUpgrade to the followings from our download site: <http://downloads.asperasoft.com/> \n \nIBM Aspera Enterprise Server 3.6.1 or later \nIBM Aspera Connect for Web Access 3.6.1 or later \nIBM Aspera Desktop Client 3.6.1 or later \nIBM Aspera Point to Point Client 3.6.1 or later \nIBM Aspera Connect Browser Plug in 3.7.0 or later \n \n*Please note that IBM Aspera Connect Browser Plug ins use of openssl is internal and has very limited exposure to any of the vulnerabilities. \n \n_For unsupported versions of I_BM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin, _IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2018-06-15T07:08:32", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin (CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2106", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-15T07:08:32", "id": "784293D9E1878AA4E3BA5C5B60C041F19D16A9A8AA40529EA178B7C8D2D6E53C", "href": "https://www.ibm.com/support/pages/node/300573", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-12T17:33:40", "description": "## Question\n\nSecurity Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin (CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)\n\n## Answer\n\n## **Security Bulletin**\n\n## **Summary **\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin.\n\nThe above mentioned products have addressed the applicable CVEs.\n\n## **Vulnerability Details**\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>)\n\n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio() an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information By sending an overly long ASN.1 string to the X509_NAME_oneline() function an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## **Affected Products and Versions**\n\nIBM Aspera Enterprise Server 3.6.0 or earlier\n\nIBM Aspera Connect for Web Access 3.6.0 or earlier\n\nIBM Aspera Desktop Client 3.6.0 or earlier\n\nIBM Aspera Point to Point Client 3.6.0 or earlier\n\nIBM Aspera Connect Browser Plug in 3.6.6 or earlier\n\n## **Remediation/Fixes **\n\nUpgrade to the followings from our download site: <http://downloads.asperasoft.com/>\n\nIBM Aspera Enterprise Server 3.6.1 or later\n\nIBM Aspera Connect for Web Access 3.6.1 or later\n\nIBM Aspera Desktop Client 3.6.1 or later\n\nIBM Aspera Point to Point Client 3.6.1 or later\n\nIBM Aspera Connect Browser Plug in 3.7.0 or later\n\n*Please note that IBM Aspera Connect Browser Plug ins use of openssl is internal and has very limited exposure to any of the vulnerabilities.\n\n_For unsupported versions of I_BM Aspera Enterprise Server IBM Aspera Connect Server IBM Aspera Point to Point Client IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin _IBM recommends upgrading to a fixed supported version/release/platform of the product._\n\n## **Workarounds and Mitigations**\n\nNone\n\n## **References**\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide>)\n\n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n## **Related Information**\n\n[IBM Secure Engineering Web Portal ](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>)\n\n## **Acknowledgement**\n\nNone\n\n## **Change History**\n\n15 September 2016: Original Version Published\n\n_*_The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## **Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST) the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8NDZ\",\"label\":\"IBM Aspera\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2018-12-08T04:55:34", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM A", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2106", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-12-08T04:55:34", "id": "9FED07EC55E63CD49E164B391F068DF3341A79CBA42CB2B0F7A8E9A8FF36DC1A", "href": "https://www.ibm.com/support/pages/node/746011", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T17:45:58", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is installed on the operating system shipped via IBM Service Delivery Manager. IBM Service Delivery Manager has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, by sending an overly long ASN.1 string to the X509_NAME_oneline () function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Service Delivery Manager 7.2.1 \nIBM Service Delivery Manager 7.2.2 \nIBM Service Delivery Manager 7.2.3 \nIBM Service Delivery Manager 7.2.4\n\n## Remediation/Fixes\n\nOpenSSL is installed on the operating system shipped via IBM Service Delivery Manager on all the IBM Service Delivery Manager versions mentioned in the 'Affected Products and Versions' section. \n\nAlternately you can check the OpenSSL version on IBM Service Delivery Manager by using openssl version \u2013a command.\n\n**Principal Product and Version(s)**| \n\n**VRMF**\n\n| **Remediation/First Fix** \n---|---|--- \nIBM Service Delivery Manager| 7.2.1 through 7.2.4| To remediate OpenSSL vulnerability follow [_ISDM OpenSSL V1.0.2h_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FTivoli%2FIBM+Service+Delivery+Manager&fixids=ISDM_OPENSSL_VULNERABILITY_MAY_3_2016&source=SAR&function=fixId&parent=ibm/Tivoli>) for fix information. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2018-06-17T22:33:13", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Service Delivery Manager (CVE-2016-2105, CVE-2016-2109, CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2105", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-17T22:33:13", "id": "CC25D6C5A01A94217471AF86730DAA9FE8580225C3F9D90883A7CCED2BA42A42", "href": "https://www.ibm.com/support/pages/node/609255", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:54:27", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cognos Metrics Manager. IBM Cognos Metrics Manager has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n * * IBM Cognos Metrics Manager 10.2.2\n * IBM Cognos Metrics Manager 10.2.1\n * IBM Cognos Metrics Manager 10.2\n * IBM Cognos Metrics Manager 10.1.1\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as practical. As the fix is in a shared component across the Business Intelligence portfolio, applying the BI Interim Fix will resolve the issue. Note that the prerequisites named in the links are also satisfied by an IBM Cognos Metrics Manager install of the same version. \n\n\n \n[IBM Cognos Business Intelligence 10.1.1 Interim Fixes](<http://www-01.ibm.com/support/docview.wss?uid=swg24042359>) \n[IBM Cognos Business Intelligence 10.2.x Interim Fixes](<http://www-01.ibm.com/support/docview.wss?uid=swg24042360>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T23:15:11", "type": "ibm", "title": "Security Bulletin: A vulnerability in OpenSSL affects IBM Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108"], "modified": "2018-06-15T23:15:11", "id": "4904478758E68B5AAF1019EF051EFDC11A110285B2C9609A3BF862A4F48B7806", "href": "https://www.ibm.com/support/pages/node/542395", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T21:52:57", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Systems Director. IBM Systems Director has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID: **_CVE-2016-2108_ \n**DESCRIPTION: **OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **_CVE-2016-2109_ \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **_CVE-2016-2176_ \n**DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM Systems Director: \n\u00b7 5.2.x.x \n\u00b7 6.1.x.x \n\u00b7 6.2.0.x \n\u00b7 6.2.1.x \n\u00b7 6.3.0.0 \n\u00b7 6.3.1.0 \n\u00b7 6.3.1.1 \n\u00b7 6.3.2.0 \n\u00b7 6.3.2.1 \n\u00b7 6.3.2.2 \n\u00b7 6.3.3.0 \n\u00b7 6.3.3.1 \n\u00b7 6.3.5.0 \n\u00b7 6.3.6.0 \n\u00b7 6.3.7.0\n\n## Remediation/Fixes\n\nReleases 5.2.x.x, 6.1.x.x , 6.2 and version pre 6.3.5 are unsupported and will not be fixed. \nPlease follow the instructions provided to apply fixes on the below releases. \n\n\n * 6.3.5.0 \n * 6.3.6.0\n * 6.3.7.0\n\n1\\. Click the following link: \n\n \n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FDirector%2FSystemsDirector&fixids=SysDir6_3_5_0_6_3_6_0_6_3_7_0_IT16425_IT16426_IT16427_IT16430](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FDirector%2FSystemsDirector&fixids=SysDir6_3_5_0_6_3_6_0_6_3_7_0_IT16425_IT16426_IT16427_IT16430>) \n\n\n2\\. Select the following fix pack: \n\nSysDir6_3_x_0_IT16425_IT16426_IT16427_IT16430.zip\n\n**Note:** This fix package includes fixes for all the supported platforms. \n\n3\\. Follow the Instructions beneath the table for your desired platform\n\n_Product_| _VRMF_| _APAR_| _Associated Technote_ \n---|---|---|--- \nIBM Systems Director and IBM Systems Director Platform Agent| Xlinux Platform Agent 6.3.5 to 6.3.7| IT16425| 787618975 \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \nIBM Systems Director and IBM Systems Director Platform Agent| Windows Platform Agent 6.3.5 to 6.3.7| IT16426| 787673953 \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \nIBM Systems Director and IBM Systems Director Platform Agent| Power Linux Platform Agent 6.3.5 to 6.3.7| IT16427| 787614786 \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \nIBM Systems Director and \nIBM Systems Director Platform Agent| Zlinux Platform Agent 6.2.0.x to 6.3.6| IT16430| 787637652 \nGo to <http://www-01.ibm.com/support/us/search/> and search for the technote number. \n \n## Workarounds and Mitigations\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-18T01:32:59", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Systems Director (CVE-2016-2108,CVE-2016-2109,CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-18T01:32:59", "id": "617C583F1B601DBBC85F015EB5AD2C7D657D3E942922DF7791A8F5B7C26F82DF", "href": "https://www.ibm.com/support/pages/node/629373", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:53:18", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Transfer Cluster Manager, IBM Aspera faspex on Demand, IBM Aspera Server on Demand, IBM Aspera Application Platform on Demand, and IBM Aspera Azure on Demand. \n \nThe named on demand applications referenced above have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:**** **[CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Aspera Transfer Clustered Manager 3.6.0 or earlier \nIBM Aspera faspex on Demand 3.6.0 or earlier \nIBM Aspera Server on Demand 3.6.0 or earlier \nIBM Aspera Application Platform on Demand 3.6.0 or earlier \nIBM Aspera Azure on Demand 3.5.6 or earlier\n\n## Remediation/Fixes\n\nUpgrade to the followings from the cloud provider: \n \nIBM Aspera Transfer Clustered Manager 3.6.2 or later \nIBM Aspera faspex on Demand 3.7.1 or later \nIBM Aspera Server on Demand 3.7.1 or later \nIBM Aspera Application Platform on Demand 3.7.1 or later \nIBM Aspera Azure on Demand 3.7.1 or later \n \n_For unsupported versions of IBM Aspera on Demand products, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2018-06-15T07:08:32", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, faspex on Demand, Server on Demand, Application Platform on Demand, and Azure on Demand. (CVE-2016-2107, CVE-2016-2106, CVE-2016-2176)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-06-15T07:08:32", "id": "B2A25ABFDD14D83A9C74878F4C63CE1CD6838525C412393629ECDB21E73AF9AE", "href": "https://www.ibm.com/support/pages/node/300575", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-12T17:33:39", "description": "## Question\n\nSecurity Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, faspex on Demand, Server on Demand, Application Platform on Demand, and Azure on Demand. (CVE-2016-2107, CVE-2016-2106, CVE-2016-2176)\n\n## Answer\n\n## **Security Bulletin**\n\n## **Summary **\n\nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Transfer Cluster Manager, IBM Aspera faspex on Demand, IBM Aspera Server on Demand, IBM Aspera Application Platform on Demand, and IBM Aspera Azure on Demand.\n\nThe named on demand applications referenced above have addressed the applicable CVEs.\n\n## **Vulnerability Details**\n\n**CVEID:** [CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107\">) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio() an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information By sending an overly long ASN.1 string to the X509_NAME_oneline() function an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## **Affected Products and Versions**\n\nIBM Aspera Transfer Clustered Manager 3.6.0 or earlier\n\nIBM Aspera faspex on Demand 3.6.0 or earlier\n\nIBM Aspera Server on Demand 3.6.0 or earlier\n\nIBM Aspera Application Platform on Demand 3.6.0 or earlier\n\nIBM Aspera Azure on Demand 3.5.6 or earlier\n\n## **Remediation/Fixes **\n\nUpgrade to the followings from the cloud provider:\n\nIBM Aspera Transfer Clustered Manager 3.6.2 or later\n\nIBM Aspera faspex on Demand 3.7.1 or later\n\nIBM Aspera Server on Demand 3.7.1 or later\n\nIBM Aspera Application Platform on Demand 3.7.1 or later\n\nIBM Aspera Azure on Demand 3.7.1 or later\n\n_For unsupported versions of IBM Aspera on Demand products IBM recommends upgrading to a fixed supported version/release/platform of the product._\n\n## **Workarounds and Mitigations**\n\nNone\n\n## **References**\n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide>)\n\n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n## **Related Information**\n\n[IBM Secure Engineering Web Portal ](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>)\n\n## **Acknowledgement**\n\nNone\n\n## **Change History**\n\n31 October 2016: Original Version Published\n\n_*_The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## **Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST) the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SS8NDZ\",\"label\":\"IBM Aspera\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2018-12-08T04:55:34", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Transfer Cluster Manager, faspex on Demand, Server on Demand, Application Platform on", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2018-12-08T04:55:34", "id": "7E5316C696B18FF3DFF87CA859F82C9C66CB155243A7620FC742BE55816A9D9C", "href": "https://www.ibm.com/support/pages/node/746007", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:54:07", "description": "## Summary\n\nThere is an XML External Entity Injection (XXE) vulnerability in the Apache Standard Taglibs that affects IBM WebSphere Application Server. There is an information disclosure vulnerability in IBM WebSphere Application Server Liberty for any users of the JAX-RS API. There is a potential for weaker than expected security when using the WebSphere Application Server Liberty profile API Discovery feature and Swagger documents. There is a potential information disclosure vulnerability in Admin Center for IBM WebSphere Application Server Liberty. There is a potential HTTP response splitting vulnerability in IBM WebSphere Application Server. OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. \n \n\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-0254_](<https://vulners.com/cve/CVE-2015-0254>)** \nDESCRIPTION:** Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending specially-crafted XML data, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101550_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101550>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n**CVEID:** [_CVE-2016-2923_](<https://vulners.com/cve/CVE-2016-2923>)** \nDESCRIPTION:** IBM WebSphere Application Server Liberty using JAX-RS API could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113354_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113354>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n\n**CVEID:** [_CVE-2016-2945_](<https://vulners.com/cve/CVE-2016-2945>)** \nDESCRIPTION:** IBM WebSphere Application Server Liberty Profile using the API discovery feature could provide weaker than expected security. when using Swagger documents with external references, which could allow an authenticated attacker to gain the privileges of the user. \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113591_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113591>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L) \n\n \n \n**CVEID:** [_CVE-2016-0389_](<https://vulners.com/cve/CVE-2016-0389>)** \nDESCRIPTION:** IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by improper handling by the Admin Center. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112529_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112529>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2016-0359_](<https://vulners.com/cve/CVE-2016-0359>)** \nDESCRIPTION:** IBM WebSphere Application Server is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111929_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111929>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures and later reserializes them. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAll vulnerabilities affect the following versions and releases of IBM WebSphere Application Server: \n\n * Version 8.5.5 Liberty\nOnly CVE-2016-0254, CVE-2016-0359 and OpenSSL vulnerabilities affect the following versions and releases of IBM WebSphere Application Server: \n * Version 8.5.5 Full Profile.\n\n## Remediation/Fixes\n\nTo **patch an existing service instance** requires two steps: \n \n1\\. To update WebSphere Application Server refer to the IBM WebSphere Application Server bulletins: \n \n[Security Bulletin: Vulnerability in Apache Standard Taglibs affects IBM WebSphere Application Server (CVE-2015-0254)](<http://www-01.ibm.com/support/docview.wss?uid=swg21978495>) \n \n[Security Bulletin: Information disclosure in WebSphere Application Server Liberty (CVE-2016-2923) ](<http://www.ibm.com/support/docview.wss?uid=swg21983700>)\n\n[Security Bulletin: WebSphere Application Server Liberty API Discovery feature has potential vulnerability (CVE-2016-2945) ](<http://www.ibm.com/support/docview.wss?uid=swg21984502>)\n\n \n \n[Security Bulletin: Information disclosure vulnerability in IBM WebSphere Application Server Liberty (CVE-2016-0389) ](<http://www.ibm.com/support/docview.wss?uid=swg21982012>) \n \n[Security Bulletin: HTTP Response Splitting in WebSphere Application Server (CVE-2016-0359) ](<http://www.ibm.com/support/docview.wss?uid=swg21982526>) \n \n \n2\\. To apply the RHEL OS updates, run **yum update.** \n \nWhen **creating a new service instance**, the following maintenance must be manually applied to an IBM WebSphere Application Server Version 8.5.5 Full Profile: \n \n[Security Bulletin: HTTP Response Splitting in WebSphere Application Server (CVE-2016-0359) ](<http://www.ibm.com/support/docview.wss?uid=swg21982526>) \n \nAll other maintenance is included in the new service instance. \n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T07:05:51", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0254", "CVE-2016-0254", "CVE-2016-0359", "CVE-2016-0389", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-2923", "CVE-2016-2945"], "modified": "2018-06-15T07:05:51", "id": "462CCAEFE39DE4B8C89C00328CBC9CA234F0066E30424E0C8AE6BA1EF9AA8903", "href": "https://www.ibm.com/support/pages/node/281699", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:52:29", "description": "## Summary\n\nThis bulletin addresses several security vulnerabilities. \n \nThere are multiple vulnerabilities in IBM\u00ae Runtime Environment Java\u2122 Technology Edition, Version 6 and the IBM\u00ae Runtime Environment Java\u2122 Technology Edition, Version 7 that are used by IBM Cognos Business Intelligence. These issues were disclosed as part of the IBM Java SDK updates in April 2016. \n \nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cognos Business Intelligence. IBM Cognos Business Intelligence has addressed the applicable CVEs. \n \nIBM Cognos Business Intelligence has addressed a Tomcat vulnerability. \n \nIBM Cognos Business Intelligence has addressed an Apache Xerces-C XML parser Vulnerability. \n \nIf you are using IBM Cognos TM1, you should also apply IBM Cognos TM1 Security fixes. This will ensure TM1 and Business Intelligence continue to operate as expected. Please see the Related Information section below.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-5174](<https://vulners.com/cve/CVE-2015-5174>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) in the getResource(), getResourceAsStream() and getResourcePaths() ServletContext methods to obtain a directory listing for the directory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/110860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2015-5345](<https://vulners.com/cve/CVE-2015-5345>) \n**DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/110857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-0221](<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-0221>) \n**DESCRIPTION:** IBM Cognos TM1 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109745> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID:** [CVE-2016-0346](<https://vulners.com/cve/CVE-2016-0346>) \n**DESCRIPTION:** IBM Cognos Business Intelligence is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111787> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID:** [CVE-2016-0729](<https://vulners.com/cve/CVE-2016-0729>) \n**DESCRIPTION:** Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reporting. By sending specially crafted input documents, an attacker could exploit this vulnerability to cause the library to crash or possibly execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111028> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[**CVE-2016-2105**](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112855> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2016-2106](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112856> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2016-2107](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112854> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-2108](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2016-2109](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112857> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [CVE-2016-2176](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112858> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [CVE-2016-3427](<https://vulners.com/cve/CVE-2016-3427>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java, SE Java SE Embedded and JRockit related to the JMX component has complete confidentiality impact, complete integrity impact, and complete availability impact. \nCVSS Base Score: 10 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112459> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n## Affected Products and Versions\n\n * * IBM Cognos Business Intelligence Server 10.2.2\n * IBM Cognos Business Intelligence Server 10.2.1.1\n * IBM Cognos Business Intelligence Server 10.2.1\n * IBM Cognos Business Intelligence Server 10.2\n * IBM Cognos Business Intelligence Server 10.1.1\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix for versions listed as soon as practical. \n \n10.1.1: <http://www-01.ibm.com/support/docview.wss?uid=swg24042359> \n10.2.x: <http://www-01.ibm.com/support/docview.wss?uid=swg24042360>\n\n## Workarounds and Mitigations\n\nNone known. Apply fixes.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T23:16:04", "type": "ibm", "title": "Security Bulletin: IBM Cognos Business Intelligence Server 2016Q2 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5174", "CVE-2015-5345", "CVE-2016-0221", "CVE-2016-0346", "CVE-2016-0729", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-3427"], "modified": "2018-06-15T23:16:04", "id": "C0F8A4FDB16B6060757282B298924E8005EF0D1B30BB3472B793362E6109A282", "href": "https://www.ibm.com/support/pages/node/280731", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:46:29", "description": "## Summary\n\nThis bulletin addresses several security vulnerabilities. \n \nThere are multiple vulnerabilities in IBM\u00ae Runtime Environment Java\u2122 Technology Edition, Version 6 and the IBM\u00ae Runtime Environment Java\u2122 Technology Edition, Version 7 that are used by IBM Cognos Business Intelligence. These issues were disclosed as part of the IBM Java SDK updates in April 2016. \n \nOpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cognos Business Intelligence. IBM Cognos Business Intelligence has addressed the applicable CVEs. \n \nIBM Cognos Business Intelligence has addressed a Tomcat vulnerability. \n \nIBM Cognos Business Intelligence has addressed an Apache Xerces-C XML parser Vulnerability.\n\n## Vulnerability Details\n\nCVEID: [_CVE-2015-5174_](<https://vulners.com/cve/CVE-2015-5174>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) in the getResource(), getResourceAsStream() and getResourcePaths() ServletContext methods to obtain a directory listing for the directory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/110860_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110860>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[_CVE-2015-5345_](<https://vulners.com/cve/CVE-2015-5345>) \n**DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/110857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2016-0221_](<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-0221>) \n**DESCRIPTION:** IBM Cognos TM1 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/109745_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/109745>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID:** [_CVE-2016-0346_](<https://vulners.com/cve/CVE-2016-0346>) \n**DESCRIPTION:** IBM Cognos Business Intelligence is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111787_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111787>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID:** [_CVE-2016-0729_](<https://vulners.com/cve/CVE-2016-0729>) \n**DESCRIPTION:** Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reporting. By sending specially crafted input documents, an attacker could exploit this vulnerability to cause the library to crash or possibly execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111028_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111028>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[_CVE-2016-2015_](<https://vulners.com/cve/CVE-2016-2105>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>) \n**DESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>) \n**DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID:** [_CVE-2016-2176_](<https://vulners.com/cve/CVE-2016-2176>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, By sending an overly long ASN.1 string to the X509_NAME_oneline() function, an attacker could exploit this vulnerability to return arbitrary stack data in the buffer. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112858_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112858>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2016-3427_](<https://vulners.com/cve/CVE-2016-3427>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java, SE Java SE Embedded and JRockit related to the JMX component has complete confidentiality impact, complete integrity impact, and complete availability impact. \nCVSS Base Score: 10 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112459_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112459>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n## Affected Products and Versions\n\nTivoli Common Reporting 3.1 \n\nTivoli Common Reporting 3.1.0.1\n\nTivoli Common Reporting 3.1.0.2\n\nTivoli Common Reporting 3.1.2\n\nTivoli Common Reporting 3.1.2.1\n\nTivoli Common Reporting 3.1.3\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix for versions listed as soon as practical. \n \n \n\n\n**Tivoli Common reporting release**| **Remediation ** \n---|--- \n3.1.0.0 through 3.1.2| [Download 10.2-BA-CBI-<OS>64-IF0020](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Cognos&product=ibm/Information+Management/Cognos+8+Business+Intelligence&release=10.2&platform=All&function=fixId&fixids=10.2-BA-CBI-AIX64-IF0020&includeSupersedes=0>) \n[Install 10.2-BA-CBI-<OS>64-IF0020](<http://www-01.ibm.com/support/docview.wss?uid=swg21967299>) \n3.1.2.1| [Download 10.2.1.1-BA-CBI-<OS>64-IF0016](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Cognos&product=ibm/Information+Management/Cognos+8+Business+Intelligence&release=10.2.1.1&platform=All&function=all>) \n[Install 10.2.1.1-BA-CBI-<OS>64-IF0016](<http://www-01.ibm.com/support/docview.wss?uid=swg21967299>) \n3.1.3| [Download 10.2.2-BA-CBI-<OS>64-IF0012](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Cognos&product=ibm/Information+Management/Cognos+8+Business+Intelligence&release=10.2.2&platform=All&function=all>) \n[Install 10.2.2-BA-CBI-<OS>64-IF0012](<http://www.ibm.com/support/knowledgecenter/SSEKCU_1.1.3.0/com.ibm.psc.doc/tcr_original/ttcr_cognos_out_tcr.html>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T15:25:58", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Common Reporting (TCR) 2016Q2 Security Updater : IBM Tivoli Common Reporting is affected by multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5174", "CVE-2015-5345", "CVE-2016-0221", "CVE-2016-0346", "CVE-2016-0729", "CVE-2016-2015", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-3427"], "modified": "2018-06-17T15:25:58", "id": "C3FB79ADA39B46791DCF93E4A2B6E50FE2792D0E382EF08036106CE4972770C2", "href": "https://www.ibm.com/support/pages/node/284197", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:50:28", "description": "## Summary\n\nThere are multiple security vulnerabilities in various components used by IBM Security Identity Manager Virtual Appliance\n\n## Vulnerability Details\n\n \n \n**CVEID:** [_CVE-2016-0330_](<https://vulners.com/cve/CVE-2016-0330>)** \nDESCRIPTION:** IBM Security Identity Manager Virtual Appliance uses a weak password algorithm which allows users to create insecure passwords. An attacker could exploit this vulnerability to gain access to the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111693_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111693>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID:** [_CVE-2016-0338_](<https://vulners.com/cve/CVE-2016-0338>)** \nDESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow a local user to obtain sensitive information including passwords in cleartext by examining configuration files and/or running processes. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111748_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111748>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID:** [_CVE-2016-0339_](<https://vulners.com/cve/CVE-2016-0339>)** \nDESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow an attacker with traffic records between a victim and the ISIM to spoof another user due to invalid session identifiers after the victim has logged out. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111749 _](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111749>)for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [_CVE-2016-0340_](<https://vulners.com/cve/CVE-2016-0340>)** \nDESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow a local user to take over a previously logged in user due to session expiration not being inforced. \nCVSS Base Score: 4.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111780_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111780>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID:** [_CVE-2016-0357_](<https://vulners.com/cve/CVE-2016-0357>)** \nDESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111896_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111896>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID:** [_CVE-2016-0799_](<https://vulners.com/cve/CVE-2016-0799>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory error in the BIO_*printf() functions. An attacker could exploit this vulnerability using specially crafted data to trigger an out-of-bounds read. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111143_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111143>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n**CVEID:** [_CVE-2016-2105_](<https://vulners.com/cve/CVE-2016-2105>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncodeUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112855_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112855>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2106_](<https://vulners.com/cve/CVE-2016-2106>)** \nDESCRIPTION:** OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVP_EncryptUpdate() function. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112856_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112856>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2016-2107_](<https://vulners.com/cve/CVE-2016-2107>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error when the connection uses an AES CBC cipher and the server support AES-NI. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112854>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2016-2108_](<https://vulners.com/cve/CVE-2016-2108>)** \nDESCRIPTION:** OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a buffer underflow when deserializing untrusted ASN.1 structures. An attacker could exploit this vulnerability to corrupt memory and trigger an out-of-bounds write and execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2016-2109_](<https://vulners.com/cve/CVE-2016-2109>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a memory allocation error. By reading specially crafted ASN.1 data from a BIO using functions such as d2i_CMS_bio(), an attacker could exploit this vulnerability to consume all available resources and exhaust memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/112857_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112857>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [_CVE-2016-2842_](<https://vulners.com/cve/CVE-2016-2842>)** \nDESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the failure to verify that a certain memory allocation succeeds by the doapr_outch function. A remote attacker could exploit this vulnerability using a specially crafted string to cause an out-of-bounds write or consume an overly large amount of resources. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111304_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111304>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n \n**CVEID:** [_CVE-2016-1978_](<https://vulners.com/cve/CVE-2016-1978>)** \nDESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in ssl3_HandleECDHServerKeyExchange. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111321_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111321>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2016-1979_](<https://vulners.com/cve/CVE-2016-1979>)** \nDESCRIPTION:** Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free when processing DER encoded keys in the Network Security Services (NSS) libraries. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111365_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111365>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM Security Identity Manager Virtual Appliance versions 7.0.0.0, 7.0.0.1, 7.0.0.2, 7.0.0.3, 7.0.1.0, 7.0.1.1\n\n## Remediation/Fixes\n\nEnsure that the version listed below is installed on the system. \n\nProduct Version| Fix level \n---|--- \nIBM Security Identity Manager (ISIM) Virtual Appliance releases 7.0.0.0, 7.0.0.1, 7.0.0.2, 7.0.0.3, 7.0.1.0, 7.0.1.1 \n \nNote: Upgrading from firmware version 7.0.0.0 to 7.0.1.3 requires intermediate upgrade to 7.0.0.2 or 7.0.1.0. Upgrading from 7.0.0.2 or later requires no intermediate upgrade.| Apply \nIBM Security Identity Manager (ISIM) [7.0.1-ISS-SIM-FP0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Identity+Manager&release=7.0.1&platform=All&function=all>) \n \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T21:43:49", "type": "ibm", "title": "Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Manager Virtual Appliance available", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0330", "CVE-2016-0338", "CVE-2016-0339", "CVE-2016-0340", "CVE-2016-0357", "CVE-2016-0799", "CVE-2016-1978", "CVE-2016-1979", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2018-06-16T21:43:49", "id": "92D11E24F34620A6FE2D4691E3050E4E91C0E161FD1B94C9116E157ADB7BACCC", "href": "https://www.ibm.com/support/pages/node/282791", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-01-31T18:34:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for openssl (SUSE-SU-2016:1228-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851289", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851289", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851289\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 15:29:09 +0530 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for openssl (SUSE-SU-2016:1228-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n\n - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode\n (bsc#958501)\");\n\n script_tag(name:\"affected\", value:\"openssl on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"SUSE-SU\", value:\"2016:1228-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~27.16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~27.16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~27.16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~27.16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~27.16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~27.16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~27.16.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1i~27.16.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:35:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl (openSUSE-SU-2016:1238-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851297", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851297", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851297\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 05:19:21 +0200 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for openssl (openSUSE-SU-2016:1238-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (boo#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (boo#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (boo#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (boo#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (boo#976942)\n\n - boo#976943: Buffer overrun in ASN1_parse\n\n - boo#977621: Preserve digests for SNI\n\n - boo#958501: Fix openssl enc -non-fips-allow option in FIPS mode\");\n\n script_tag(name:\"affected\", value:\"openssl on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1238-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.1k~2.36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:54:47", "description": "Several vulnerabilities were discovered\nin OpenSSL, a Secure Socket Layer toolkit.\n\nCVE-2016-2105 \nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncodeUpdate(), used for Base64 encoding, if an attacker can\nsupply a large amount of data. This could lead to a heap corruption.\n\nCVE-2016-2106 \nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncryptUpdate() if an attacker can supply a large amount of data.\nThis could lead to a heap corruption.\n\nCVE-2016-2107 \nJuraj Somorovsky discovered a padding oracle in the AES CBC cipher\nimplementation based on the AES-NI instruction set. This could allow\nan attacker to decrypt TLS traffic encrypted with one of the cipher\nsuites based on AES CBC.\n\nCVE-2016-2108 \nDavid Benjamin from Google discovered that two separate bugs in the\nASN.1 encoder, related to handling of negative zero integer values\nand large universal tags, could lead to an out-of-bounds write.\n\nCVE-2016-2109 \nBrian Carpenter discovered that when ASN.1 data is read from a BIO\nusing functions such as d2i_CMS_bio(), a short invalid encoding can\ncause allocation of large amounts of memory potentially consuming\nexcessive resources or exhausting memory.\n\nAdditional information about these issues can be found in the OpenSSL\nsecurity advisory at https://www.openssl.org/news/secadv/20160503.txt", "cvss3": {}, "published": "2016-05-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3566-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703566", "href": "http://plugins.openvas.org/nasl.php?oid=703566", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3566.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3566-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703566);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_name(\"Debian Security Advisory DSA 3566-1 (openssl - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-05-03 00:00:00 +0200 (Tue, 03 May 2016)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3566.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"openssl on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is part of the OpenSSL\nproject's implementation of the SSL and TLS cryptographic protocols for secure\ncommunication over the Internet.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 1.0.1k-3+deb8u5.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2h-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered\nin OpenSSL, a Secure Socket Layer toolkit.\n\nCVE-2016-2105 \nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncodeUpdate(), used for Base64 encoding, if an attacker can\nsupply a large amount of data. This could lead to a heap corruption.\n\nCVE-2016-2106 \nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncryptUpdate() if an attacker can supply a large amount of data.\nThis could lead to a heap corruption.\n\nCVE-2016-2107 \nJuraj Somorovsky discovered a padding oracle in the AES CBC cipher\nimplementation based on the AES-NI instruction set. This could allow\nan attacker to decrypt TLS traffic encrypted with one of the cipher\nsuites based on AES CBC.\n\nCVE-2016-2108 \nDavid Benjamin from Google discovered that two separate bugs in the\nASN.1 encoder, related to handling of negative zero integer values\nand large universal tags, could lead to an out-of-bounds write.\n\nCVE-2016-2109 \nBrian Carpenter discovered that when ASN.1 data is read from a BIO\nusing functions such as d2i_CMS_bio(), a short invalid encoding can\ncause allocation of large amounts of memory potentially consuming\nexcessive resources or exhausting memory.\n\nAdditional information about these issues can be found in the OpenSSL\nsecurity advisory at https://www.openssl.org/news/secadv/20160503.txt\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed\nsoftware version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev:amd64\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev:i386\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg:amd64\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg:i386\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1k-3+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-31T18:35:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-11T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for compat-openssl098 (openSUSE-SU-2016:1273-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851309", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851309", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851309\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-05-11 05:24:06 +0200 (Wed, 11 May 2016)\");\n script_cve_id(\"CVE-2016-0702\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for compat-openssl098 (openSUSE-SU-2016:1273-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'compat-openssl098'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for compat-openssl098 fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular exponentiation\n 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n The following non-security bugs were fixed:\n\n - bsc#889013: Rename README.SuSE to the new spelling (bsc#889013)\n\n This update was imported from the SUSE:SLE-12:Update update project.\");\n\n script_tag(name:\"affected\", value:\"compat-openssl098 on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1273-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl098-debugsource\", rpm:\"compat-openssl098-debugsource~0.9.8j~12.2\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~12.2\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8j~12.2\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~12.2\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8j~12.2\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:35:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl (openSUSE-SU-2016:1243-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851295", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851295\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 05:19:10 +0200 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for openssl (openSUSE-SU-2016:1243-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n\n - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode\n (bsc#958501)\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\");\n\n script_tag(name:\"affected\", value:\"openssl on openSUSE Leap 42.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1243-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1i~15.1\", rls:\"openSUSELeap42.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:56:10", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-695)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120684", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120684", "sourceData": "# Copyright (C) 2016 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120684\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-05-09 14:12:00 +0300 (Mon, 09 May 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-695)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenSSL. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-695.html\");\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2107\", \"CVE-2016-2106\", \"CVE-2016-2109\", \"CVE-2016-2108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1k~14.91.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~14.91.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1k~14.91.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1k~14.91.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~14.91.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:39", "description": "Several vulnerabilities were discovered\nin OpenSSL, a Secure Socket Layer toolkit.\n\nCVE-2016-2105\nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncodeUpdate(), used for Base64 encoding, if an attacker can\nsupply a large amount of data. This could lead to a heap corruption.\n\nCVE-2016-2106\nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncryptUpdate() if an attacker can supply a large amount of data.\nThis could lead to a heap corruption.\n\nCVE-2016-2107\nJuraj Somorovsky discovered a padding oracle in the AES CBC cipher\nimplementation based on the AES-NI instruction set. This could allow\nan attacker to decrypt TLS traffic encrypted with one of the cipher\nsuites based on AES CBC.\n\nCVE-2016-2108\nDavid Benjamin from Google discovered that two separate bugs in the\nASN.1 encoder, related to handling of negative zero integer values\nand large universal tags, could lead to an out-of-bounds write.\n\nCVE-2016-2109\nBrian Carpenter discovered that when ASN.1 data is read from a BIO\nusing functions such as d2i_CMS_bio(), a short invalid encoding can\ncause allocation of large amounts of memory potentially consuming\nexcessive resources or exhausting memory.", "cvss3": {}, "published": "2016-05-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3566-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703566", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703566", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3566.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3566-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703566\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_name(\"Debian Security Advisory DSA 3566-1 (openssl - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-03 00:00:00 +0200 (Tue, 03 May 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3566.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 1.0.1k-3+deb8u5.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2h-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered\nin OpenSSL, a Secure Socket Layer toolkit.\n\nCVE-2016-2105\nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncodeUpdate(), used for Base64 encoding, if an attacker can\nsupply a large amount of data. This could lead to a heap corruption.\n\nCVE-2016-2106\nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncryptUpdate() if an attacker can supply a large amount of data.\nThis could lead to a heap corruption.\n\nCVE-2016-2107\nJuraj Somorovsky discovered a padding oracle in the AES CBC cipher\nimplementation based on the AES-NI instruction set. This could allow\nan attacker to decrypt TLS traffic encrypted with one of the cipher\nsuites based on AES CBC.\n\nCVE-2016-2108\nDavid Benjamin from Google discovered that two separate bugs in the\nASN.1 encoder, related to handling of negative zero integer values\nand large universal tags, could lead to an out-of-bounds write.\n\nCVE-2016-2109\nBrian Carpenter discovered that when ASN.1 data is read from a BIO\nusing functions such as d2i_CMS_bio(), a short invalid encoding can\ncause allocation of large amounts of memory potentially consuming\nexcessive resources or exhausting memory.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed\nsoftware version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev:amd64\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev:i386\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg:amd64\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg:i386\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1k-3+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:34:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-10T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for compat-openssl098 (SUSE-SU-2016:1267-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851308", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851308\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-05-10 05:21:45 +0200 (Tue, 10 May 2016)\");\n script_cve_id(\"CVE-2016-0702\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for compat-openssl098 (SUSE-SU-2016:1267-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'compat-openssl098'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for compat-openssl098 fixes the following issues:\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular exponentiation\n 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n The following non-security bugs were fixed:\n\n - bsc#889013: Rename README.SuSE to the new spelling (bsc#889013)\");\n\n script_tag(name:\"affected\", value:\"compat-openssl098 on SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"SUSE-SU\", value:\"2016:1267-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLED12\\.0SP0\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl098-debugsource\", rpm:\"compat-openssl098-debugsource~0.9.8j~97.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~97.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~97.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8j~97.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8j~97.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:34:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libopenssl0_9_8 (openSUSE-SU-2016:1242-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851296", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851296", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851296\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 05:19:16 +0200 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2016-0702\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for libopenssl0_9_8 (openSUSE-SU-2016:1242-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libopenssl0_9_8'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libopenssl0_9_8 fixes the following issues:\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular exponentiation\n 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\");\n\n script_tag(name:\"affected\", value:\"libopenssl0_9_8 on openSUSE Leap 42.1, openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1242-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8zh~9.6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8zh~9.6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debugsource\", rpm:\"libopenssl0_9_8-debugsource~0.9.8zh~9.6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8zh~9.6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8zh~9.6.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:36:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl (openSUSE-SU-2016:1240-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851299", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851299\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 05:19:37 +0200 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for openssl (openSUSE-SU-2016:1240-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl fixes the following issues:\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\");\n\n script_tag(name:\"affected\", value:\"openssl on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1240-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1k~11.87.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-04T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-2959-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842729", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842729", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openssl USN-2959-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842729\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-04 05:19:55 +0200 (Wed, 04 May 2016)\");\n script_cve_id(\"CVE-2016-2108\", \"CVE-2016-2107\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openssl USN-2959-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Huzaifa Sidhpurwala, Hanno B&#246 ck, and\n David Benjamin discovered that OpenSSL incorrectly handled memory when decoding\n ASN.1 structures. A remote attacker could use this issue to cause OpenSSL to\n crash, resulting in a denial of service, or possibly execute arbitrary code.\n (CVE-2016-2108)\n\n Juraj Somorovsky discovered that OpenSSL incorrectly performed padding when\n the connection uses the AES CBC cipher and the server supports AES-NI. A\n remote attacker could possibly use this issue to perform a padding oracle\n attack and decrypt traffic. (CVE-2016-2107)\n\n Guido Vranken discovered that OpenSSL incorrectly handled large amounts of\n input data to the EVP_EncodeUpdate() function. A remote attacker could use\n this issue to cause OpenSSL to crash, resulting in a denial of service, or\n possibly execute arbitrary code. (CVE-2016-2105)\n\n Guido Vranken discovered that OpenSSL incorrectly handled large amounts of\n input data to the EVP_EncryptUpdate() function. A remote attacker could use\n this issue to cause OpenSSL to crash, resulting in a denial of service, or\n possibly execute arbitrary code. (CVE-2016-2106)\n\n Brian Carpenter discovered that OpenSSL incorrectly handled memory when\n ASN.1 data is read from a BIO. A remote attacker could possibly use this\n issue to cause memory consumption, resulting in a denial of service.\n (CVE-2016-2109)\n\n As a security improvement, this update also modifies OpenSSL behaviour to\n reject DH key sizes below 1024 bits, preventing a possible downgrade\n attack.\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 15.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2959-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2959-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu2.19\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu2.19\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1-4ubuntu5.36\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1-4ubuntu5.36\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.2d-0ubuntu1.5\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.2d-0ubuntu1.5\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:30", "description": "Junos OS is prone to multiple vulnerabilities in OpenSSL.", "cvss3": {}, "published": "2016-10-14T00:00:00", "type": "openvas", "title": "Junos Multiple OpenSSL Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2180", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-2106"], "modified": "2018-10-29T00:00:00", "id": "OPENVAS:1361412562310106355", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106355", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_junos_cve-2016-2105.nasl 12149 2018-10-29 10:48:30Z asteins $\n#\n# Junos Multiple OpenSSL Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/o:juniper:junos';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106355\");\n script_version(\"$Revision: 12149 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-29 11:48:30 +0100 (Mon, 29 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-14 09:51:23 +0700 (Fri, 14 Oct 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2176\",\n\"CVE-2016-2180\");\n\n script_name(\"Junos Multiple OpenSSL Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_family(\"JunOS Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_ssh_junos_get_version.nasl\", \"gb_junos_snmp_version.nasl\");\n script_mandatory_keys(\"Junos/Version\");\n\n script_tag(name:\"summary\", value:\"Junos OS is prone to multiple vulnerabilities in OpenSSL.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable OS build is present on the target host.\");\n\n script_tag(name:\"impact\", value:\"A remote attacker may execute arbitrary code or cause a denial of service\ncondition.\");\n\n script_tag(name:\"affected\", value:\"Junos OS 13.3, 14.1, 14.2 and 15.1\");\n\n script_tag(name:\"solution\", value:\"New builds of Junos OS software are available from Juniper.\");\n\n script_xref(name:\"URL\", value:\"http://kb.juniper.net/JSA10759\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\ninclude(\"version_func.inc\");\n\nif (!version = get_app_version(cpe: CPE, nofork: TRUE))\n exit(0);\n\nif (version =~ \"^15\") {\n if (revcomp(a: version, b: \"15.1F5-S4\") < 0) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"15.1F5-S4\");\n security_message(port: 0, data: report);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"15.1F6-S2\") < 0) &&\n (revcomp(a: version, b: \"15.1F6\") >= 0)) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"15.1F6-S2\");\n security_message(port: 0, data: report);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"15.1R4\") < 0) &&\n (revcomp(a: version, b: \"15.1R1\") >= 0)) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"15.1R4\");\n security_message(port: 0, data: report);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"15.1X53-D50\") < 0) &&\n (revcomp(a: version, b: \"15.1X53\") >= 0)) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"15.1X53-D50\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^14\") {\n if (revcomp(a: version, b: \"14.1R9\") < 0) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"14.1R9\");\n security_message(port: 0, data: report);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"14.1X53-D40\") < 0) &&\n (revcomp(a: version, b: \"14.1X53\") >= 0)) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"14.1X53-D40\");\n security_message(port: 0, data: report);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"14.2R8\") < 0) &&\n (revcomp(a: version, b: \"14.2\") >= 0)) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"14.2R8\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^13\") {\n if (revcomp(a: version, b: \"13.3R10\") < 0) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"13.3R10\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:27", "description": "Splunk Enterprise is prone to multiple OpenSSL vulnerabilities.", "cvss3": {}, "published": "2016-09-19T00:00:00", "type": "openvas", "title": "Splunk Enterprise Multiple OpenSSL Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-2106"], "modified": "2018-11-13T00:00:00", "id": "OPENVAS:1361412562310106262", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106262", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_splunk_enterprise_openssl_vuln.nasl 12338 2018-11-13 14:51:17Z asteins $\n#\n# Splunk Enterprise Multiple OpenSSL Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:splunk:splunk';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106262\");\n script_version(\"$Revision: 12338 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-13 15:51:17 +0100 (Tue, 13 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-19 11:58:34 +0700 (Mon, 19 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\",\n\"CVE-2016-2176\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Splunk Enterprise Multiple OpenSSL Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_splunk_detect.nasl\");\n script_mandatory_keys(\"Splunk/installed\");\n\n script_tag(name:\"summary\", value:\"Splunk Enterprise is prone to multiple OpenSSL vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Splunk Enterprise is affected by multiple OpenSSL vulnerabilities.\");\n\n script_tag(name:\"affected\", value:\"Splunk Enterprise 6.4.x, 6.3.x, 6.2.x, 6.1.x, 6.0.x and 5.0.x\");\n\n script_tag(name:\"solution\", value:\"Update to version 6.4.2, 6.3.6, 6.2.10, 6.1.11, 6.0.12 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.splunk.com/view/SP-CAAAPQM\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version =~ \"^6\\.4\") {\n if (version_is_less(version: version, test_version: \"6.4.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"6.4.2\");\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^6\\.3\") {\n if (version_is_less(version: version, test_version: \"6.3.6\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"6.3.6\");\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\n\nif (version =~ \"^6\\.2\") {\n if (version_is_less(version: version, test_version: \"6.2.10\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"6.2.10\");\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^6\\.1\") {\n if (version_is_less(version: version, test_version: \"6.1.11\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"6.1.11\");\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version_is_less(version: version, test_version: \"6.0.12\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"6.0.12\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:58", "description": "Mageia Linux Local Security Checks mgasa-2016-0169", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0169", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310131285", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131285", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0169.nasl 11856 2018-10-12 07:45:29Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131285\");\n script_version(\"$Revision: 11856 $\");\n script_tag(name:\"creation_date\", value:\"2016-05-09 14:17:48 +0300 (Mon, 09 May 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 09:45:29 +0200 (Fri, 12 Oct 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0169\");\n script_tag(name:\"insight\", value:\"An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption (CVE-2016-2105). An overflow can occur in the EVP_EncryptUpdate() function. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption (CVE-2016-2106). A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI (CVE-2016-2107). When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory (CVE-2016-2109)\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0169.html\");\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0169\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2h~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-05T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2016-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2106"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808016", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808016", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2016-05\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808016\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-05 05:22:40 +0200 (Thu, 05 May 2016)\");\n script_cve_id(\"CVE-2016-2108\", \"CVE-2016-2107\", \"CVE-2016-2105\", \"CVE-2016-2106\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2016-05\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-05\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2h~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-11T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2016-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2106"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808029", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808029", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2016-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808029\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-11 05:22:20 +0200 (Wed, 11 May 2016)\");\n script_cve_id(\"CVE-2016-2108\", \"CVE-2016-2107\", \"CVE-2016-2105\", \"CVE-2016-2106\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2016-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~15.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-08T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2016-1411324654", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2106"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310807997", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807997", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2016-1411324654\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807997\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-08 05:18:22 +0200 (Sun, 08 May 2016)\");\n script_cve_id(\"CVE-2016-2108\", \"CVE-2016-2107\", \"CVE-2016-2105\", \"CVE-2016-2106\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2016-1411324654\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1411324654\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2h~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-10T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2016:0722-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2842", "CVE-2016-2106"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871610", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871610", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2016:0722-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871610\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-10 05:19:08 +0200 (Tue, 10 May 2016)\");\n script_cve_id(\"CVE-2016-0799\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\",\n \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2842\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2016:0722-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\nSecure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as\na full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n * A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially crafted\ncertificate which, when verified or re-encoded by OpenSSL, could cause it\nto crash, or execute arbitrary code using the permissions of the user\nrunning an application compiled against the OpenSSL library.\n(CVE-2016-2108)\n\n * Two integer overflow flaws, leading to buffer overflows, were found in\nthe way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL\nparsed very large amounts of input data. A remote attacker could use these\nflaws to crash an application using OpenSSL or, possibly, execute arbitrary\ncode with the permissions of the user running that application.\n(CVE-2016-2105, CVE-2016-2106)\n\n * It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n * Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. Applications which passed large amounts of\nuntrusted data through these functions could crash or potentially execute\ncode with the permissions of the user running such an application.\n(CVE-2016-0799, CVE-2016-2842)\n\n * A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could be\nforced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno Bock, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108 Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799 and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107.\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0722-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-May/msg00008.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~51.el7_2.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~51.el7_2.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~51.el7_2.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~51.el7_2.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:32", "description": "Check the version of openssl", "cvss3": {}, "published": "2016-05-10T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2016:0722 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2842", "CVE-2016-2106"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882486", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882486", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2016:0722 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882486\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-10 05:19:51 +0200 (Tue, 10 May 2016)\");\n script_cve_id(\"CVE-2016-0799\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\",\n \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2842\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2016:0722 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\nSecure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols,\nas well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n * A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially crafted\ncertificate which, when verified or re-encoded by OpenSSL, could cause it\nto crash, or execute arbitrary code using the permissions of the user\nrunning an application compiled against the OpenSSL library.\n(CVE-2016-2108)\n\n * Two integer overflow flaws, leading to buffer overflows, were found in\nthe way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL\nparsed very large amounts of input data. A remote attacker could use these\nflaws to crash an application using OpenSSL or, possibly, execute arbitrary\ncode with the permissions of the user running that application.\n(CVE-2016-2105, CVE-2016-2106)\n\n * It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n * Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. Applications which passed large amounts of\nuntrusted data through these functions could crash or potentially execute\ncode with the permissions of the user running such an application.\n(CVE-2016-0799, CVE-2016-2842)\n\n * A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could be\nforced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno Bock, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108 Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799 and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0722\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-May/021860.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~51.el7_2.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~51.el7_2.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~51.el7_2.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~51.el7_2.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~51.el7_2.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-11T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2016:0996-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2842", "CVE-2016-2106"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871614", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871614", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2016:0996-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871614\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-11 05:23:21 +0200 (Wed, 11 May 2016)\");\n script_cve_id(\"CVE-2016-0799\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2842\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2016:0996-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library.\n\nSecurity Fix(es):\n\n * A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially crafted\ncertificate which, when verified or re-encoded by OpenSSL, could cause it\nto crash, or execute arbitrary code using the permissions of the user\nrunning an application compiled against the OpenSSL library.\n(CVE-2016-2108)\n\n * Two integer overflow flaws, leading to buffer overflows, were found in\nthe way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL\nparsed very large amounts of input data. A remote attacker could use these\nflaws to crash an application using OpenSSL or, possibly, execute arbitrary\ncode with the permissions of the user running that application.\n(CVE-2016-2105, CVE-2016-2106)\n\n * It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n * Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. Applications which passed large amounts of\nuntrusted data through these functions could crash or potentially execute\ncode with the permissions of the user running such an application.\n(CVE-2016-0799, CVE-2016-2842)\n\n * A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could be\nforced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno Bock, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108 Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799 and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107.\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0996-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-May/msg00017.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~48.el6_8.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~48.el6_8.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~48.el6_8.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:34", "description": "Oracle Linux Local Security Checks ELSA-2016-0722", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2016-0722", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2842", "CVE-2016-2106"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310122924", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122924", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-0722.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.fi>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://solinor.fi\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122924\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-05-09 14:24:42 +0300 (Mon, 09 May 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-0722\");\n script_tag(name:\"insight\", value:\"ELSA-2016-0722 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-0722\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-0722.html\");\n script_cve_id(\"CVE-2016-0799\", \"CVE-2016-2105\", \"CVE-2016-2107\", \"CVE-2016-2842\", \"CVE-2016-2106\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~51.el7_2.5\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~51.el7_2.5\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~51.el7_2.5\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~51.el7_2.5\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~51.el7_2.5\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:18", "description": "This host is running OpenSSL and is prone\n to multiple vulnerabilities.", "cvss3": {}, "published": "2016-05-02T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Vulnerabilities -01 May16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-2106"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310807569", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807569", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mult_vuln01_may16_win.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL Multiple Vulnerabilities -01 May16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807569\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2016-2176\", \"CVE-2016-2109\", \"CVE-2016-2106\", \"CVE-2016-2107\",\n \"CVE-2016-2105\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-02 12:46:24 +0530 (Mon, 02 May 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"OpenSSL Multiple Vulnerabilities -01 May16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c\n script in OpenSSL.\n\n - An integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c\n script in OpenSSL.\n\n - An error in the 'asn1_d2i_read_bio' function in crypto/asn1/a_d2i_fp.c script\n in the ASN.1 BIO implementation in OpenSSL.\n\n - An error in 'X509_NAME_oneline' function in crypto/x509/x509_obj.c in OpenSSL.\n\n - A MITM attacker can use a padding oracle attack to decrypt traffic\n when the connection uses an AES CBC cipher and the server support AES-NI.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to conduct mitm attack, gain access to potentially sensitive information,\n and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions 1.0.1 before 1.0.1t\n and 1.0.2 before 1.0.2h on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL 1.0.1t or 1.0.2h or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20160503.txt\");\n script_xref(name:\"URL\", value:\"https://mta.openssl.org/pipermail/openssl-announce/2016-April/000069.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^1\\.0\\.1\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.1t\"))\n {\n fix = \"1.0.1t\";\n VULN = TRUE;\n }\n}\n\nelse if(vers =~ \"^1\\.0\\.2\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.2h\"))\n {\n fix = \"1.0.2h\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:52", "description": "This host is running OpenSSL and is prone\n to multiple vulnerabilities.", "cvss3": {}, "published": "2016-05-02T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Vulnerabilities -01 May16 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-2106"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310807570", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807570", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mult_vuln01_may16_lin.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL Multiple Vulnerabilities -01 May16 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807570\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2016-2176\", \"CVE-2016-2109\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2105\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-02 12:46:24 +0530 (Mon, 02 May 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"OpenSSL Multiple Vulnerabilities -01 May16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c\n script in OpenSSL.\n\n - An integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c\n script in OpenSSL.\n\n - An error in the 'asn1_d2i_read_bio' function in crypto/asn1/a_d2i_fp.c script\n in the ASN.1 BIO implementation in OpenSSL.\n\n - An error in 'X509_NAME_oneline' function in crypto/x509/x509_obj.c in OpenSSL.\n\n - A MITM attacker can use a padding oracle attack to decrypt traffic\n when the connection uses an AES CBC cipher and the server support AES-NI.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to conduct mitm attack, gain access to potentially sensitive information,\n and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions 1.0.1 before 1.0.1t\n and 1.0.2 before 1.0.2h on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL 1.0.1t or 1.0.2h or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20160503.txt\");\n script_xref(name:\"URL\", value:\"https://mta.openssl.org/pipermail/openssl-announce/2016-April/000069.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^1\\.0\\.1\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.1t\"))\n {\n fix = \"1.0.1t\";\n VULN = TRUE;\n }\n}\n\nelse if(vers =~ \"^1\\.0\\.2\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.2h\"))\n {\n fix = \"1.0.2h\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-06-08T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-openssl FEDORA-2016-e1234b65a2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3197", "CVE-2016-0705", "CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808374", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808374", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-openssl FEDORA-2016-e1234b65a2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808374\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-08 15:31:52 +0200 (Wed, 08 Jun 2016)\");\n script_cve_id(\"CVE-2015-3197\", \"CVE-2016-0799\", \"CVE-2016-0705\", \"CVE-2016-2109\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-openssl FEDORA-2016-e1234b65a2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-openssl on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-e1234b65a2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN6AJM6GYTDFGXU53P74KMZ33XECAKO7\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-openssl\", rpm:\"mingw-openssl~1.0.2h~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-06-08T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-openssl FEDORA-2016-c558e58b21", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3197", "CVE-2016-0705", "CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808407", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808407", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-openssl FEDORA-2016-c558e58b21\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808407\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-08 15:49:09 +0200 (Wed, 08 Jun 2016)\");\n script_cve_id(\"CVE-2015-3197\", \"CVE-2016-0799\", \"CVE-2016-0705\", \"CVE-2016-2109\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-openssl FEDORA-2016-c558e58b21\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-openssl on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-c558e58b21\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYBHHHTWEPK32J4FFHV4SRR36KSJOXNO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-openssl\", rpm:\"mingw-openssl~1.0.2h~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:36:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libopenssl0_9_8 (openSUSE-SU-2016:1241-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3197", "CVE-2016-2108", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-0797", "CVE-2016-0702", "CVE-2016-2109", "CVE-2016-0800", "CVE-2016-2106"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851298", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851298", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851298\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-05-06 05:19:27 +0200 (Fri, 06 May 2016)\");\n script_cve_id(\"CVE-2015-3197\", \"CVE-2016-0702\", \"CVE-2016-0797\", \"CVE-2016-0799\",\n \"CVE-2016-0800\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\",\n \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for libopenssl0_9_8 (openSUSE-SU-2016:1241-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libopenssl0_9_8'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libopenssl0_9_8 fixes the following issues:\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular exponentiation\n 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n and updates the package to version 0.9.8zh which collects many other\n fixes, including security ones.\");\n\n script_tag(name:\"affected\", value:\"libopenssl0_9_8 on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1241-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8zh~5.3.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8zh~5.3.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debugsource\", rpm:\"libopenssl0_9_8-debugsource~0.9.8zh~5.3.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8zh~5.3.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8zh~5.3.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:38:55", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-1861)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1789", "CVE-2015-3195", "CVE-2016-2108", "CVE-2014-3571", "CVE-2016-2177", "CVE-2016-2105", "CVE-2016-2109", "CVE-2015-0292", "CVE-2016-2106"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191861", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191861", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1861\");\n script_version(\"2020-01-23T12:24:58+0000\");\n script_cve_id(\"CVE-2014-3571\", \"CVE-2015-0292\", \"CVE-2015-1789\", \"CVE-2015-3195\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2177\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:24:58 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:24:58 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-1861)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1861\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1861\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl098e' package(s) announced via the EulerOS-SA-2019-1861 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded.(CVE-2015-0292)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially crafted SSL/TLS certificate or CRL (Certificate Revocation List), which when parsed by an application would cause that application to crash.(CVE-2015-1789)\n\nA memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash.(CVE-2015-3195)\n\nOpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.(CVE-2014-3571)\n\nOpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.(CVE-2016-2177)\n\nAn integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application.(CVE-2016-2105)\n\nAn integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application.(CVE-2016-2106)\n\nA flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'openssl098e' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl098e\", rpm:\"openssl098e~0.9.8e~29.3.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:36:45", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6306", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2109", "CVE-2016-2842", "CVE-2016-2106"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192217", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192217", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2217\");\n script_version(\"2020-01-23T12:40:17+0000\");\n script_cve_id(\"CVE-2016-0799\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2109\", \"CVE-2016-2842\", \"CVE-2016-6306\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:40:17 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:40:17 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2217)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2217\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2217\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl098e' package(s) announced via the EulerOS-SA-2019-2217 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application.(CVE-2016-2105)\n\nAn integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application.(CVE-2016-2106)\n\nA denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data.(CVE-2016-2109)\n\nThe fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-2842.(CVE-2016-0799)\n\nThe certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.(CVE-2016-6306)\n\nThe doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memory consumption) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-0799.(CVE-2016-2842)\");\n\n script_tag(name:\"affected\", value:\"'openssl098e' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl098e\", rpm:\"openssl098e~0.9.8e~29.3.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-08T17:36:55", "description": "Xerox AltaLink Printers are prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-04T00:00:00", "type": "openvas", "title": "Xerox AltaLink Printers Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176", "CVE-2016-2106", "CVE-2018-17172"], "modified": "2020-05-06T00:00:00", "id": "OPENVAS:1361412562310141826", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141826", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Xerox AltaLink Printers Multiple Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141826\");\n script_version(\"2020-05-06T10:58:02+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-06 10:58:02 +0000 (Wed, 06 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-04 15:55:04 +0700 (Fri, 04 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_cve_id(\"CVE-2016-2109\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2176\", \"CVE-2016-2107\",\n \"CVE-2018-17172\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Xerox AltaLink Printers Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_xerox_printer_consolidation.nasl\");\n script_mandatory_keys(\"xerox_printer/detected\");\n\n script_tag(name:\"summary\", value:\"Xerox AltaLink Printers are prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"Xerox AltaLink Printers are prone to multiple vulnerabilities:\n\n - Reflective cross site scripting vulnerability (XSS)\n\n - Additional other cross site scripting vulnerabilities (XSS)\n\n - Vulnerabilities found in OpenSSL (CVE-2016-2109, CVE-2016-2105, CVE-2016-2106, CVE-2016-2176, CVE-2016-2107)\n\n - Unauthenticated command injection in the web application interface (CVE-2018-17172)\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable firmware version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Xerox AltaLink B80xx, C8030, C8035, C8045, C8055 and C8070 prior to\n firmware version 100.008.028.05200.\");\n\n script_tag(name:\"solution\", value:\"Update to version 100.008.028.05200 or later.\");\n\n script_xref(name:\"URL\", value:\"https://securitydocs.business.xerox.com/wp-content/uploads/2018/12/cert_Security_Mini_Bulletin_XRX18AL_for_ALB80xx-C80xx_v1.1.pdf\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ncpe_list = make_list(\"cpe:/o:xerox:altalink_b8045_firmware\",\n \"cpe:/o:xerox:altalink_b8055_firmware\",\n \"cpe:/o:xerox:altalink_b8065_firmware\",\n \"cpe:/o:xerox:altalink_b8075_firmware\",\n \"cpe:/o:xerox:altalink_b8090_firmware\",\n \"cpe:/o:xerox:altalink_c8030_firmware\",\n \"cpe:/o:xerox:altalink_c8035_firmware\",\n \"cpe:/o:xerox:altalink_c8045_firmware\",\n \"cpe:/o:xerox:altalink_c8055_firmware\",\n \"cpe:/o:xerox:altalink_c8070_firmware\");\n\nif (!infos = get_app_version_from_list(cpe_list: cpe_list, nofork: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\n\nif (version_is_less(version: version, test_version: \"100.008.028.05200\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"100.008.028.05200\");\n security_message(port: 0, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:34:06", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2271)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1789", "CVE-2016-2109", "CVE-2016-2106"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192271", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192271", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2271\");\n script_version(\"2020-01-23T12:43:54+0000\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2016-2106\", \"CVE-2016-2109\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:43:54 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:43:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2271)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2271\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2271\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl098e' package(s) announced via the EulerOS-SA-2019-2271 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application.(CVE-2016-2106)\n\nA denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data.(CVE-2016-2109)\n\nThe X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.(CVE-2015-1789)\");\n\n script_tag(name:\"affected\", value:\"'openssl098e' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl098e\", rpm:\"openssl098e~0.9.8e~29.3.h4\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:36", "description": "Splunk Light is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-09-19T00:00:00", "type": "openvas", "title": "Splunk Light Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4857", "CVE-2016-2108", "CVE-2016-4858", "CVE-2016-2105", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2176", "CVE-2015-2304", "CVE-2013-0211", "CVE-2016-1541", "CVE-2016-2106"], "modified": "2018-10-25T00:00:00", "id": "OPENVAS:1361412562310106267", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106267", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_splunk_light_mult_vuln.nasl 12096 2018-10-25 12:26:02Z asteins $\n#\n# Splunk Light Multiple Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:splunk:light';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106267\");\n script_version(\"$Revision: 12096 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-25 14:26:02 +0200 (Thu, 25 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-19 11:58:34 +0700 (Mon, 19 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\",\n\"CVE-2016-2176\", \"CVE-2016-1541\", \"CVE-2015-2304\", \"CVE-2013-0211\", \"CVE-2016-4858\", \"CVE-2016-4857\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Splunk Light Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_splunk_light_detect.nasl\");\n script_mandatory_keys(\"SplunkLight/installed\");\n\n script_tag(name:\"summary\", value:\"Splunk Light is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Splunk Light is affected by multiple vulnerabilities:\n\nMultiple OpenSSL vulnerabilities (CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109,\nCVE-2016-2176).\n\nMultiple vulnerabilities in libarchive (CVE-2016-1541, CVE-2015-2304, CVE-2013-0211).\n\nOpen redirect vulnerability (CVE-2016-4857).\n\nCross-site scripting vulnerability (CVE-2016-4858).\");\n\n script_tag(name:\"affected\", value:\"Splunk Light before 6.4.2\");\n\n script_tag(name:\"solution\", value:\"Update to version 6.4.2 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.splunk.com/view/SP-CAAAPQM\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_is_less(version: version, test_version: \"6.4.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"6.4.2\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:25:26", "description": "The version of OpenSSL installed on the remote AIX host is affected by the following vulnerabilities :\n\n - A heap buffer overflow condition exists in the EVP_EncodeUpdate() function within file crypto/evp/encode.c that is triggered when handling a large amount of input data. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-2105)\n\n - A heap buffer overflow condition exists in the EVP_EncryptUpdate() function within file crypto/evp/evp_enc.c that is triggered when handling a large amount of input data after a previous call occurs to the same function with a partial block. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-2106)\n\n - A remote code execution vulnerability exists in the ASN.1 encoder due to an underflow condition that occurs when attempting to encode the value zero represented as a negative integer. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in the execution of arbitrary code. (CVE-2016-2108)\n\n - Multiple unspecified flaws exist in the d2i BIO functions when reading ASN.1 data from a BIO due to invalid encoding causing a large allocation of memory.\n An unauthenticated, remote attacker can exploit these to cause a denial of service condition through resource exhaustion. (CVE-2016-2109)\n\n - An out-of-bounds read error exists in the X509_NAME_oneline() function within file crypto/x509/x509_obj.c when handling very long ASN1 strings. An unauthenticated, remote attacker can exploit this to disclose the contents of stack memory.\n (CVE-2016-2176)", "cvss3": {}, "published": "2016-07-15T00:00:00", "type": "nessus", "title": "AIX OpenSSL Advisory : openssl_advisory20.asc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2023-04-21T00:00:00", "cpe": ["cpe:/o:ibm:aix", "cpe:/a:openssl:openssl"], "id": "AIX_OPENSSL_ADVISORY20.NASL", "href": "https://www.tenable.com/plugins/nessus/92323", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92323);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/21\");\n\n script_cve_id(\n \"CVE-2016-2105\",\n \"CVE-2016-2106\",\n \"CVE-2016-2108\",\n \"CVE-2016-2109\",\n \"CVE-2016-2176\"\n );\n script_bugtraq_id(\n 87940,\n 89744,\n 89746,\n 89752,\n 89757\n );\n\n script_name(english:\"AIX OpenSSL Advisory : openssl_advisory20.asc\");\n script_summary(english:\"Checks the version of the OpenSSL packages and iFixes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host has a version of OpenSSL installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of OpenSSL installed on the remote AIX host is affected by\nthe following vulnerabilities :\n\n - A heap buffer overflow condition exists in the\n EVP_EncodeUpdate() function within file\n crypto/evp/encode.c that is triggered when handling\n a large amount of input data. An unauthenticated, remote\n attacker can exploit this to cause a denial of service\n condition. (CVE-2016-2105)\n\n - A heap buffer overflow condition exists in the\n EVP_EncryptUpdate() function within file\n crypto/evp/evp_enc.c that is triggered when handling a\n large amount of input data after a previous call occurs\n to the same function with a partial block. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition. (CVE-2016-2106)\n\n - A remote code execution vulnerability exists in the\n ASN.1 encoder due to an underflow condition that occurs\n when attempting to encode the value zero represented as\n a negative integer. An unauthenticated, remote attacker\n can exploit this to corrupt memory, resulting in the\n execution of arbitrary code. (CVE-2016-2108)\n\n - Multiple unspecified flaws exist in the d2i BIO\n functions when reading ASN.1 data from a BIO due to\n invalid encoding causing a large allocation of memory.\n An unauthenticated, remote attacker can exploit these to\n cause a denial of service condition through resource\n exhaustion. (CVE-2016-2109)\n\n - An out-of-bounds read error exists in the\n X509_NAME_oneline() function within file\n crypto/x509/x509_obj.c when handling very long ASN1\n strings. An unauthenticated, remote attacker can exploit\n this to disclose the contents of stack memory.\n (CVE-2016-2176)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20160503.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"A fix is available and can be downloaded from the IBM AIX website.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"AIX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\ninclude(\"aix.inc\");\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item_or_exit(\"Host/AIX/version\");\nif ( oslevel != \"AIX-5.3\" && oslevel != \"AIX-6.1\" && oslevel != \"AIX-7.1\" && oslevel != \"AIX-7.2\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 5.3 / 6.1 / 7.1 / 7.2\", oslevel);\n}\n\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\n#0.9.8.2507\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"0.9.8.401\", maxpackagever:\"0.9.8.2506\", fixpackagever:\"12.9.8.2507\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"0.9.8.401\", maxpackagever:\"0.9.8.2506\", fixpackagever:\"12.9.8.2507\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"0.9.8.401\", maxpackagever:\"0.9.8.2506\", fixpackagever:\"12.9.8.2507\") > 0) flag++;\nif (aix_check_package(release:\"7.2\", package:\"openssl.base\", minpackagever:\"0.9.8.401\", maxpackagever:\"0.9.8.2506\", fixpackagever:\"12.9.8.2507\") > 0) flag++;\n\n#12.9.8.2507\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"12.9.8.1100\", maxpackagever:\"12.9.8.2506\", fixpackagever:\"12.9.8.2507\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"12.9.8.1100\", maxpackagever:\"12.9.8.2506\", fixpackagever:\"12.9.8.2507\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"12.9.8.1100\", maxpackagever:\"12.9.8.2506\", fixpackagever:\"12.9.8.2507\") > 0) flag++;\nif (aix_check_package(release:\"7.2\", package:\"openssl.base\", minpackagever:\"12.9.8.1100\", maxpackagever:\"12.9.8.2506\", fixpackagever:\"12.9.8.2507\") > 0) flag++;\n\n#1.0.1.516\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"1.0.1.500\", maxpackagever:\"1.0.1.515\", fixpackagever:\"1.0.1.516\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"1.0.1.500\", maxpackagever:\"1.0.1.515\", fixpackagever:\"1.0.1.516\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"1.0.1.500\", maxpackagever:\"1.0.1.515\", fixpackagever:\"1.0.1.516\") > 0) flag++;\nif (aix_check_package(release:\"7.2\", package:\"openssl.base\", minpackagever:\"1.0.1.500\", maxpackagever:\"1.0.1.515\", fixpackagever:\"1.0.1.516\") > 0) flag++;\n\n#1.0.2.800\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"1.0.2.500\", maxpackagever:\"1.0.2.799\", fixpackagever:\"1.0.2.800\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"1.0.2.500\", maxpackagever:\"1.0.2.799\", fixpackagever:\"1.0.2.800\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"1.0.2.500\", maxpackagever:\"1.0.2.799\", fixpackagever:\"1.0.2.800\") > 0) flag++;\nif (aix_check_package(release:\"7.2\", package:\"openssl.base\", minpackagever:\"1.0.2.500\", maxpackagever:\"1.0.2.799\", fixpackagever:\"1.0.2.800\") > 0) flag++;\n\n#20.11.101.501\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"20.11.101.500\", maxpackagever:\"20.11.101.500\", fixpackagever:\"20.11.101.501\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"20.11.101.500\", maxpackagever:\"20.11.101.500\", fixpackagever:\"20.11.101.501\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"20.11.101.500\", maxpackagever:\"20.11.101.500\", fixpackagever:\"20.11.101.501\") > 0) flag++;\nif (aix_check_package(release:\"7.2\", package:\"openssl.base\", minpackagever:\"20.11.101.500\", maxpackagever:\"20.11.101.500\", fixpackagever:\"20.11.101.501\") > 0) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl.base\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:05", "description": "This update for openssl fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (boo#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (boo#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (boo#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (boo#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (boo#976942)\n\n - boo#976943: Buffer overrun in ASN1_parse\n\n - boo#977621: Preserve digests for SNI \n\n - boo#958501: Fix openssl enc -non-fips-allow option in FIPS mode", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl (openSUSE-2016-561)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debugsource", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-561.NASL", "href": "https://www.tenable.com/plugins/nessus/90933", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-561.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90933);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-2016-561)\");\n script_summary(english:\"Check for the openSUSE-2016-561 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (boo#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check\n (boo#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (boo#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (boo#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (boo#976942)\n\n - boo#976943: Buffer overrun in ASN1_parse\n\n - boo#977621: Preserve digests for SNI \n\n - boo#958501: Fix openssl enc -non-fips-allow option in\n FIPS mode\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977621\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl-devel-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-debuginfo-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-hmac-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-debuginfo-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-debugsource-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1k-2.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1k-2.36.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl-devel-32bit / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:48", "description": "This update for openssl fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n\n - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode (bsc#958501)\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update project.", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl (openSUSE-2016-564)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debugsource", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-564.NASL", "href": "https://www.tenable.com/plugins/nessus/90934", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-564.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90934);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-2016-564)\");\n script_summary(english:\"Check for the openSUSE-2016-564 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (bsc#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check\n (bsc#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n - bsc#977621: Preserve negotiated digests for SNI\n (bsc#977621)\n\n - bsc#958501: Fix openssl enc -non-fips-allow option in\n FIPS mode (bsc#958501)\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977621\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl-devel-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl1_0_0-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl1_0_0-hmac-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"openssl-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"openssl-debuginfo-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"openssl-debugsource-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1i-15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl-devel-32bit / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:52", "description": "This update for compat-openssl098 fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-11T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2016:1267-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0702", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:compat-openssl098-debugsource", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-1267-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91043", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1267-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91043);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-0702\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2016:1267-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for compat-openssl098 fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (bsc#977617)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular\n exponentiation 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=889013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-0702/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2105/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2106/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2108/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2109/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161267-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b3e0bdef\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP1-2016-735=1\n\nSUSE Linux Enterprise Module for Legacy Software 12 :\n\nzypper in -t patch SUSE-SLE-Module-Legacy-12-2016-735=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-735=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2016-735=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:compat-openssl098-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"compat-openssl098-debugsource-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-32bit-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-debuginfo-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"compat-openssl098-debugsource-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"compat-openssl098-debugsource-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-0.9.8j-97.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8j-97.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openssl098\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:17", "description": "Huzaifa Sidhpurwala, Hanno Bock, and David Benjamin discovered that OpenSSL incorrectly handled memory when decoding ASN.1 structures. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2016-2108)\n\nJuraj Somorovsky discovered that OpenSSL incorrectly performed padding when the connection uses the AES CBC cipher and the server supports AES-NI. A remote attacker could possibly use this issue to perform a padding oracle attack and decrypt traffic. (CVE-2016-2107)\n\nGuido Vranken discovered that OpenSSL incorrectly handled large amounts of input data to the EVP_EncodeUpdate() function. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2016-2105)\n\nGuido Vranken discovered that OpenSSL incorrectly handled large amounts of input data to the EVP_EncryptUpdate() function. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2016-2106)\n\nBrian Carpenter discovered that OpenSSL incorrectly handled memory when ASN.1 data is read from a BIO. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. (CVE-2016-2109)\n\nAs a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 1024 bits, preventing a possible downgrade attack.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-04T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : openssl vulnerabilities (USN-2959-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-2959-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90887", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2959-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90887);\n script_version(\"2.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n script_xref(name:\"USN\", value:\"2959-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 / 16.04 LTS : openssl vulnerabilities (USN-2959-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Huzaifa Sidhpurwala, Hanno Bock, and David Benjamin discovered that\nOpenSSL incorrectly handled memory when decoding ASN.1 structures. A\nremote attacker could use this issue to cause OpenSSL to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2016-2108)\n\nJuraj Somorovsky discovered that OpenSSL incorrectly performed padding\nwhen the connection uses the AES CBC cipher and the server supports\nAES-NI. A remote attacker could possibly use this issue to perform a\npadding oracle attack and decrypt traffic. (CVE-2016-2107)\n\nGuido Vranken discovered that OpenSSL incorrectly handled large\namounts of input data to the EVP_EncodeUpdate() function. A remote\nattacker could use this issue to cause OpenSSL to crash, resulting in\na denial of service, or possibly execute arbitrary code.\n(CVE-2016-2105)\n\nGuido Vranken discovered that OpenSSL incorrectly handled large\namounts of input data to the EVP_EncryptUpdate() function. A remote\nattacker could use this issue to cause OpenSSL to crash, resulting in\na denial of service, or possibly execute arbitrary code.\n(CVE-2016-2106)\n\nBrian Carpenter discovered that OpenSSL incorrectly handled memory\nwhen ASN.1 data is read from a BIO. A remote attacker could possibly\nuse this issue to cause memory consumption, resulting in a denial of\nservice. (CVE-2016-2109)\n\nAs a security improvement, this update also modifies OpenSSL behaviour\nto reject DH key sizes below 1024 bits, preventing a possible\ndowngrade attack.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2959-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libssl1.0.0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.10|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.10 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1-4ubuntu5.36\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1f-1ubuntu2.19\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.2d-0ubuntu1.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.2g-1ubuntu4.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl1.0.0\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:04", "description": "A vulnerability was discovered that allows a man-in-the-middle attacker to use a padding oracle attack to decrypt traffic on a connection using an AES CBC cipher with a server supporting AES-NI.\n(CVE-2016-2107 , Important)\n\nIt was discovered that the ASN.1 parser can misinterpret a large universal tag as a negative value. If an application deserializes and later reserializes untrusted ASN.1 structures containing an ANY field, an attacker may be able to trigger an out-of-bounds write, which can cause potentially exploitable memory corruption. (CVE-2016-2108 , Important)\n\nAn overflow bug was discovered in the EVP_EncodeUpdate() function. An attacker could supply very large amounts of input data to overflow a length check, resulting in heap corruption. (CVE-2016-2105 , Low)\n\nAn overflow bug was discovered in the EVP_EncryptUpdate() function. An attacker could supply very large amounts of input data to overflow a length check, resulting in heap corruption. (CVE-2016-2106 , Low)\n\nAn issue was discovered in the BIO functions, such as d2i_CMS_bio(), where a short invalid encoding in ASN.1 data can cause allocation of large amounts of memory, potentially resulting in a denial of service.\n(CVE-2016-2109 , Low)", "cvss3": {}, "published": "2016-05-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : openssl (ALAS-2016-695)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2019-04-11T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-695.NASL", "href": "https://www.tenable.com/plugins/nessus/90864", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-695.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90864);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/04/11 17:23:06\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n script_xref(name:\"ALAS\", value:\"2016-695\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2016-695)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered that allows a man-in-the-middle\nattacker to use a padding oracle attack to decrypt traffic on a\nconnection using an AES CBC cipher with a server supporting AES-NI.\n(CVE-2016-2107 , Important)\n\nIt was discovered that the ASN.1 parser can misinterpret a large\nuniversal tag as a negative value. If an application deserializes and\nlater reserializes untrusted ASN.1 structures containing an ANY field,\nan attacker may be able to trigger an out-of-bounds write, which can\ncause potentially exploitable memory corruption. (CVE-2016-2108 ,\nImportant)\n\nAn overflow bug was discovered in the EVP_EncodeUpdate() function. An\nattacker could supply very large amounts of input data to overflow a\nlength check, resulting in heap corruption. (CVE-2016-2105 , Low)\n\nAn overflow bug was discovered in the EVP_EncryptUpdate() function. An\nattacker could supply very large amounts of input data to overflow a\nlength check, resulting in heap corruption. (CVE-2016-2106 , Low)\n\nAn issue was discovered in the BIO functions, such as d2i_CMS_bio(),\nwhere a short invalid encoding in ASN.1 data can cause allocation of\nlarge amounts of memory, potentially resulting in a denial of service.\n(CVE-2016-2109 , Low)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-695.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.1k-14.91.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.1k-14.91.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.1k-14.91.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.1k-14.91.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.1k-14.91.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:47", "description": "Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit.\n\n - CVE-2016-2105 Guido Vranken discovered that an overflow can occur in the function EVP_EncodeUpdate(), used for Base64 encoding, if an attacker can supply a large amount of data. This could lead to a heap corruption.\n\n - CVE-2016-2106 Guido Vranken discovered that an overflow can occur in the function EVP_EncryptUpdate() if an attacker can supply a large amount of data. This could lead to a heap corruption.\n\n - CVE-2016-2107 Juraj Somorovsky discovered a padding oracle in the AES CBC cipher implementation based on the AES-NI instruction set. This could allow an attacker to decrypt TLS traffic encrypted with one of the cipher suites based on AES CBC.\n\n - CVE-2016-2108 David Benjamin from Google discovered that two separate bugs in the ASN.1 encoder, related to handling of negative zero integer values and large universal tags, could lead to an out-of-bounds write.\n\n - CVE-2016-2109 Brian Carpenter discovered that when ASN.1 data is read from a BIO using functions such as d2i_CMS_bio(), a short invalid encoding can cause allocation of large amounts of memory potentially consuming excessive resources or exhausting memory.\n\nAdditional information about these issues can be found in the OpenSSL security advisory at https://www.openssl.org/news/secadv/20160503.txt", "cvss3": {}, "published": "2016-05-05T00:00:00", "type": "nessus", "title": "Debian DSA-3566-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3566.NASL", "href": "https://www.tenable.com/plugins/nessus/90896", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3566. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90896);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n script_xref(name:\"DSA\", value:\"3566\");\n\n script_name(english:\"Debian DSA-3566-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in OpenSSL, a Secure Socket\nLayer toolkit.\n\n - CVE-2016-2105\n Guido Vranken discovered that an overflow can occur in\n the function EVP_EncodeUpdate(), used for Base64\n encoding, if an attacker can supply a large amount of\n data. This could lead to a heap corruption.\n\n - CVE-2016-2106\n Guido Vranken discovered that an overflow can occur in\n the function EVP_EncryptUpdate() if an attacker can\n supply a large amount of data. This could lead to a heap\n corruption.\n\n - CVE-2016-2107\n Juraj Somorovsky discovered a padding oracle in the AES\n CBC cipher implementation based on the AES-NI\n instruction set. This could allow an attacker to decrypt\n TLS traffic encrypted with one of the cipher suites\n based on AES CBC.\n\n - CVE-2016-2108\n David Benjamin from Google discovered that two separate\n bugs in the ASN.1 encoder, related to handling of\n negative zero integer values and large universal tags,\n could lead to an out-of-bounds write.\n\n - CVE-2016-2109\n Brian Carpenter discovered that when ASN.1 data is read\n from a BIO using functions such as d2i_CMS_bio(), a\n short invalid encoding can cause allocation of large\n amounts of memory potentially consuming excessive\n resources or exhausting memory.\n\nAdditional information about these issues can be found in the OpenSSL\nsecurity advisory at https://www.openssl.org/news/secadv/20160503.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20160503.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3566\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 1.0.1k-3+deb8u5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libcrypto1.0.0-udeb\", reference:\"1.0.1k-3+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl-dev\", reference:\"1.0.1k-3+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl-doc\", reference:\"1.0.1k-3+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl1.0.0\", reference:\"1.0.1k-3+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl1.0.0-dbg\", reference:\"1.0.1k-3+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openssl\", reference:\"1.0.1k-3+deb8u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:37", "description": "This update for openssl fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n\n - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode (bsc#958501)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-05T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:1228-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-1228-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90913", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1228-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90913);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:1228-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (bsc#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check\n (bsc#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n - bsc#977621: Preserve negotiated digests for SNI\n (bsc#977621)\n\n - bsc#958501: Fix openssl enc -non-fips-allow option in\n FIPS mode (bsc#958501)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2105/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2106/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2107/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2108/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2109/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161228-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?91f413d4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2016-715=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2016-715=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2016-715=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-hmac-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-debuginfo-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-debugsource-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-32bit-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1i-27.16.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-debugsource-1.0.1i-27.16.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:08", "description": "This update for openssl fixes the following issues :\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse", "cvss3": {}, "published": "2016-05-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl (openSUSE-2016-562)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debugsource", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2016-562.NASL", "href": "https://www.tenable.com/plugins/nessus/91067", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-562.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91067);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-2016-562)\");\n script_summary(english:\"Check for the openSUSE-2016-562 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl fixes the following issues :\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check\n (bsc#977616)\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (bsc#977617)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl-devel-1.0.1k-11.87.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl1_0_0-1.0.1k-11.87.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl1_0_0-debuginfo-1.0.1k-11.87.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-1.0.1k-11.87.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-debuginfo-1.0.1k-11.87.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-debugsource-1.0.1k-11.87.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1k-11.87.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1k-11.87.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1k-11.87.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl-devel-32bit / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:07", "description": "This update for compat-openssl098 fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\nThe following non-security bugs were fixed :\n\n - bsc#889013: Rename README.SuSE to the new spelling (bsc#889013)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2016-05-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : compat-openssl098 (openSUSE-2016-575)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0702", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:compat-openssl098-debugsource", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo-32bit", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-575.NASL", "href": "https://www.tenable.com/plugins/nessus/91070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-575.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91070);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-0702\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"openSUSE Security Update : compat-openssl098 (openSUSE-2016-575)\");\n script_summary(english:\"Check for the openSUSE-2016-575 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for compat-openssl098 fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (bsc#977617)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular\n exponentiation 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\nThe following non-security bugs were fixed :\n\n - bsc#889013: Rename README.SuSE to the new spelling\n (bsc#889013)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=889013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected compat-openssl098 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl098-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"compat-openssl098-debugsource-0.9.8j-12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl0_9_8-0.9.8j-12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl0_9_8-debuginfo-0.9.8j-12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8j-12.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openssl098-debugsource / libopenssl0_9_8 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:11", "description": "This update for openssl fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)\n\nBugs fixed :\n\n - fate#320304: build 32bit devel package\n\n - bsc#976943: Fix buffer overrun in ASN1_parse\n\n - bsc#973223: allow weak DH groups, vulnerable to the logjam attack, when environment variable OPENSSL_ALLOW_LOGJAM_ATTACK is set\n\n - bsc#889013: Rename README.SuSE to the new spelling\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-16T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : openssl (SUSE-SU-2016:1290-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0702", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-devel", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-1290-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91158", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1290-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91158);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-0702\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"SUSE SLES11 Security Update : openssl (SUSE-SU-2016:1290-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (bsc#977617)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular\n exponentiation 'CacheBleed' (bsc#968050)\n\nBugs fixed :\n\n - fate#320304: build 32bit devel package\n\n - bsc#976943: Fix buffer overrun in ASN1_parse\n\n - bsc#973223: allow weak DH groups, vulnerable to the\n logjam attack, when environment variable\n OPENSSL_ALLOW_LOGJAM_ATTACK is set\n\n - bsc#889013: Rename README.SuSE to the new spelling\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=889013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-0702/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2105/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2106/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2108/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2109/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161290-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?66635c17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Studio Onsite 1.3 :\n\nzypper in -t patch slestso13-openssl-12557=1\n\nSUSE OpenStack Cloud 5 :\n\nzypper in -t patch sleclo50sp3-openssl-12557=1\n\nSUSE Manager Proxy 2.1 :\n\nzypper in -t patch slemap21-openssl-12557=1\n\nSUSE Manager 2.1 :\n\nzypper in -t patch sleman21-openssl-12557=1\n\nSUSE Linux Enterprise Software Development Kit 11-SP4 :\n\nzypper in -t patch sdksp4-openssl-12557=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-openssl-12557=1\n\nSUSE Linux Enterprise Server 11-SP3-LTSS :\n\nzypper in -t patch slessp3-openssl-12557=1\n\nSUSE Linux Enterprise Server 11-SP2-LTSS :\n\nzypper in -t patch slessp2-openssl-12557=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4 :\n\nzypper in -t patch dbgsp4-openssl-12557=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3 :\n\nzypper in -t patch dbgsp3-openssl-12557=1\n\nSUSE Linux Enterprise Debuginfo 11-SP2 :\n\nzypper in -t patch dbgsp2-openssl-12557=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2/3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libopenssl0_9_8-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libopenssl0_9_8-hmac-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"openssl-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"openssl-doc-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libopenssl-devel-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libopenssl0_9_8-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libopenssl0_9_8-hmac-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"openssl-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"openssl-doc-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libopenssl-devel-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libopenssl0_9_8-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libopenssl0_9_8-hmac-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"openssl-0.9.8j-0.97.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"openssl-doc-0.9.8j-0.97.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:54", "description": "This update for OpenSSL fixes the following security issues :\n\nCVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\nCVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\nCVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\nCVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\nCVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-20T00:00:00", "type": "nessus", "title": "SUSE SLES10 Security Update : openssl (SUSE-SU-2016:1360-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0702", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-devel", "p-cpe:/a:novell:suse_linux:openssl-doc", "cpe:/o:novell:suse_linux:10"], "id": "SUSE_SU-2016-1360-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91282", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1360-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91282);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-0702\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"SUSE SLES10 Security Update : openssl (SUSE-SU-2016:1360-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for OpenSSL fixes the following security issues :\n\nCVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\nCVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\nCVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\nCVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\nCVE-2016-0702: Side channel attack on modular exponentiation\n'CacheBleed' (bsc#968050)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977617\"\n );\n # https://download.suse.com/patch/finder/?keywords=bfdaa5a35088a70db557cea0e263ef89\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?940836c9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-0702/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2105/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2106/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2108/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2109/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161360-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c5f6259b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.96.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.96.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"openssl-32bit-0.9.8a-18.96.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"openssl-devel-32bit-0.9.8a-18.96.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"openssl-0.9.8a-18.96.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"openssl-devel-0.9.8a-18.96.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"openssl-doc-0.9.8a-18.96.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:07:12", "description": "This update for openssl fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n - bsc#977621: Preserve negotiated digests for SNI (bsc#977621)\n\n - bsc#958501: Fix openssl enc -non-fips-allow option in FIPS mode (bsc#958501)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-05T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:1233-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-1233-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90914", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1233-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90914);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:1233-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl fixes the following issues :\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (bsc#977617)\n\n - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check\n (bsc#977616)\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (bsc#976942)\n\n - bsc#976943: Buffer overrun in ASN1_parse\n\n - bsc#977621: Preserve negotiated digests for SNI\n (bsc#977621)\n\n - bsc#958501: Fix openssl enc -non-fips-allow option in\n FIPS mode (bsc#958501)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2105/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2106/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2107/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2108/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2109/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161233-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?271da3db\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP1-2016-717=1\n\nSUSE Linux Enterprise Server 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-717=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-717=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-hmac-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"openssl-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"openssl-debuginfo-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"openssl-debugsource-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-32bit-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"openssl-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1i-47.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"openssl-debugsource-1.0.1i-47.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:07:15", "description": "This update for libopenssl0_9_8 fixes the following issues :\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse", "cvss3": {}, "published": "2016-05-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-565)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0702", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2108", "CVE-2016-2109"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-debugsource", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-565.NASL", "href": "https://www.tenable.com/plugins/nessus/90935", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-565.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90935);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-0702\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2108\", \"CVE-2016-2109\");\n\n script_name(english:\"openSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-565)\");\n script_summary(english:\"Check for the openSUSE-2016-565 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libopenssl0_9_8 fixes the following issues :\n\n - CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)\n\n - CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)\n\n - CVE-2016-2108: Memory corruption in the ASN.1 encoder\n (bsc#977617)\n\n - CVE-2016-2109: ASN.1 BIO excessive memory allocation\n (bsc#976942)\n\n - CVE-2016-0702: Side channel attack on modular\n exponentiation 'CacheBleed' (bsc#968050)\n\n - bsc#976943: Buffer overrun in ASN1_parse\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=976943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=977617\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl0_9_8 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl0_9_8-0.9.8zh-9.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl0_9_8-debuginfo-0.9.8zh-9.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl0_9_8-debugsource-0.9.8zh-9.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8zh-9.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8zh-9.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl0_9_8-0.9.8zh-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl0_9_8-debuginfo-0.9.8zh-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libopenssl0_9_8-debugsource-0.9.8zh-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8zh-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8zh-17.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl0_9_8 / libopenssl0_9_8-32bit / libopenssl0_9_8-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:47", "description": "OpenSSL reports :\n\nMemory corruption in the ASN.1 encoder\n\nPadding oracle in AES-NI CBC MAC check\n\nEVP_EncodeUpdate overflow\n\nEVP_EncryptUpdate overflow\n\nASN.1 BIO excessive memory allocation\n\nEBCDIC overread (OpenSSL only)", "cvss3": {}, "published": "2016-05-04T00:00:00", "type": "nessus", "title": "FreeBSD : OpenSSL -- multiple vulnerabilities (01d729ca-1143-11e6-b55e-b499baebfeaf)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libressl", "p-cpe:/a:freebsd:freebsd:libressl-devel", "p-cpe:/a:freebsd:freebsd:linux-c6-openssl", "p-cpe:/a:freebsd:freebsd:openssl", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_01D729CA114311E6B55EB499BAEBFEAF.NASL", "href": "https://www.tenable.com/plugins/nessus/90876", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90876);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2176\");\n script_xref(name:\"FreeBSD\", value:\"SA-16:17.openssl\");\n\n script_name(english:\"FreeBSD : OpenSSL -- multiple vulnerabilities (01d729ca-1143-11e6-b55e-b499baebfeaf)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL reports :\n\nMemory corruption in the ASN.1 encoder\n\nPadding oracle in AES-NI CBC MAC check\n\nEVP_EncodeUpdate overflow\n\nEVP_EncryptUpdate overflow\n\nASN.1 BIO excessive memory allocation\n\nEBCDIC overread (OpenSSL only)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20160503.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=openbsd-tech&m=146228598730414\"\n );\n # https://vuxml.freebsd.org/freebsd/01d729ca-1143-11e6-b55e-b499baebfeaf.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7231d985\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libressl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libressl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c6-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"openssl<1.0.2_11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-c6-openssl<1.0.1e_8\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libressl>=2.3.0<2.3.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libressl<2.2.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libressl-devel<2.3.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:16", "description": "New openssl packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues.", "cvss3": {}, "published": "2016-05-04T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / current : openssl (SSA:2016-124-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2016-124-01.NASL", "href": "https://www.tenable.com/plugins/nessus/90863", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-124-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90863);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2176\");\n script_xref(name:\"SSA\", value:\"2016-124-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : openssl (SSA:2016-124-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New openssl packages are available for Slackware 14.0, 14.1, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ddcc7818\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"openssl\", pkgver:\"1.0.1t\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1t\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1t\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1t\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"openssl\", pkgver:\"1.0.1t\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1t\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1t\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1t\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"1.0.2h\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"1.0.2h\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.2h\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.2h\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:17", "description": "Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit.\n\nCVE-2016-2105\n\nGuido Vranken discovered that an overflow can occur in the function EVP_EncodeUpdate(), used for Base64 encoding, if an attacker can supply a large amount of data. This could lead to a heap corruption.\n\nCVE-2016-2106\n\nGuido Vranken discovered that an overflow can occur in the function EVP_EncryptUpdate() if an attacker can supply a large amount of data.\nThis could lead to a heap corruption.\n\nCVE-2016-2107\n\nJuraj Somorovsky discovered a padding oracle in the AES CBC cipher implementation based on the AES-NI instruction set. This could allow an attacker to decrypt TLS traffic encrypted with one of the cipher suites based on AES CBC.\n\nCVE-2016-2108\n\nDavid Benjamin from Google discovered that two separate bugs in the ASN.1 encoder, related to handling of negative zero integer values and large universal tags, could lead to an out-of-bounds write.\n\nCVE-2016-2109\n\nBrian Carpenter discovered that when ASN.1 data is read from a BIO using functions such as d2i_CMS_bio(), a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory.\n\nCVE-2016-2176\n\nGuido Vranken discovered that ASN.1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer.\n\nAdditional information about these issues can be found in the OpenSSL security advisory at https://www.openssl.org/news/secadv/20160503.txt\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-04T00:00:00", "type": "nessus", "title": "Debian DLA-456-1 : openssl security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2176"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libssl-dev", "p-cpe:/a:debian:debian_linux:libssl-doc", "p-cpe:/a:debian:debian_linux:libssl1.0.0", "p-cpe:/a:debian:debian_linux:libssl1.0.0-dbg", "p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-456.NASL", "href": "https://www.tenable.com/plugins/nessus/90874", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-456-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90874);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2176\");\n\n script_name(english:\"Debian DLA-456-1 : openssl security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in OpenSSL, a Secure Socket\nLayer toolkit.\n\nCVE-2016-2105\n\nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncodeUpdate(), used for Base64 encoding, if an attacker can\nsupply a large amount of data. This could lead to a heap corruption.\n\nCVE-2016-2106\n\nGuido Vranken discovered that an overflow can occur in the function\nEVP_EncryptUpdate() if an attacker can supply a large amount of data.\nThis could lead to a heap corruption.\n\nCVE-2016-2107\n\nJuraj Somorovsky discovered a padding oracle in the AES CBC cipher\nimplementation based on the AES-NI instruction set. This could allow\nan attacker to decrypt TLS traffic encrypted with one of the cipher\nsuites based on AES CBC.\n\nCVE-2016-2108\n\nDavid Benjamin from Google discovered that two separate bugs in the\nASN.1 encoder, related to handling of negative zero integer values and\nlarge universal tags, could lead to an out-of-bounds write.\n\nCVE-2016-2109\n\nBrian Carpenter discovered that when ASN.1 data is read from a BIO\nusing functions such as d2i_CMS_bio(), a short invalid encoding can\ncasuse allocation of large amounts of memory potentially consuming\nexcessive resources or exhausting memory.\n\nCVE-2016-2176\n\nGuido Vranken discovered that ASN.1 Strings that are over 1024 bytes\ncan cause an overread in applications using the X509_NAME_oneline()\nfunction on EBCDIC systems. This could result in arbitrary stack data\nbeing returned in the buffer.\n\nAdditional information about these issues can be found in the OpenSSL\nsecurity advisory at https://www.openssl.org/news/secadv/20160503.txt\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/05/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20160503.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl1.0.0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libssl-dev\", reference:\"1.0.1e-2+deb7u21\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl-doc\", reference:\"1.0.1e-2+deb7u21\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl1.0.0\", reference:\"1.0.1e-2+deb7u21\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl1.0.0-dbg\", reference:\"1.0.1e-2+deb7u21\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openssl\", reference:\"1.0.1e-2+deb7u21\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:57", "description": "Description of changes:\n\n[0.9.8e-40.0.2]\n- CVE-2016-0799 - Fix memory issues in BIO_*printf functions\n- CVE-2016-2105 - Avoid overflow in EVP_EncodeUpdate\n- CVE-2016-2106 - Fix encrypt overflow\n- CVE-2016-2109 - Harden ASN.1 BIO handling of large amounts of data.", "cvss3": {}, "published": "2016-06-22T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : openssl (ELSA-2016-3576)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2109"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2016-3576.NASL", "href": "https://www.tenable.com/plugins/nessus/91738", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2016-3576.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91738);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-0799\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2109\");\n\n script_name(english:\"Oracle Linux 5 : openssl (ELSA-2016-3576)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[0.9.8e-40.0.2]\n- CVE-2016-0799 - Fix memory issues in BIO_*printf functions\n- CVE-2016-2105 - Avoid overflow in EVP_EncodeUpdate\n- CVE-2016-2106 - Fix encrypt overflow\n- CVE-2016-2109 - Harden ASN.1 BIO handling of large amounts of data.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-June/006124.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"openssl-0.9.8e-40.0.2.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openssl-devel-0.9.8e-40.0.2.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openssl-perl-0.9.8e-40.0.2.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:38", "description": "Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-09T00:00:00", "type": "nessus", "title": "Fedora 24 : openssl-1.0.2h-1.fc24 (2016-1411324654)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-1411324654.NASL", "href": "https://www.tenable.com/plugins/nessus/90949", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-1411324654.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90949);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\");\n script_xref(name:\"FEDORA\", value:\"2016-1411324654\");\n\n script_name(english:\"Fedora 24 : openssl-1.0.2h-1.fc24 (2016-1411324654)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105,\nCVE-2016-2106\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331536\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5c3dabb3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"openssl-1.0.2h-1.fc24\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:48", "description": "Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-05T00:00:00", "type": "nessus", "title": "Fedora 23 : openssl-1.0.2h-1.fc23 (2016-05c567df1a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-05C567DF1A.NASL", "href": "https://www.tenable.com/plugins/nessus/90898", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-05c567df1a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90898);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\");\n script_xref(name:\"FEDORA\", value:\"2016-05c567df1a\");\n\n script_name(english:\"Fedora 23 : openssl-1.0.2h-1.fc23 (2016-05c567df1a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105,\nCVE-2016-2106\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331536\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a4caa443\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"openssl-1.0.2h-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:58", "description": "Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-12T00:00:00", "type": "nessus", "title": "Fedora 22 : openssl-1.0.1k-15.fc22 (2016-1e39d934ed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-1E39D934ED.NASL", "href": "https://www.tenable.com/plugins/nessus/91058", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-1e39d934ed.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91058);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\");\n script_xref(name:\"FEDORA\", value:\"2016-1e39d934ed\");\n\n script_name(english:\"Fedora 22 : openssl-1.0.1k-15.fc22 (2016-1e39d934ed)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-2108, CVE-2016-2107, CVE-2016-2105,\nCVE-2016-2106\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1331536\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?86fd4a4d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"openssl-1.0.1k-15.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:27", "description": "An update for openssl is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108)\n\n* Two integer overflow flaws, leading to buffer overflows, were found in the way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL parsed very large amounts of input data. A remote attacker could use these flaws to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n* Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application. (CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Bock, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.", "cvss3": {}, "published": "2016-10-18T00:00:00", "type": "nessus", "title": "RHEL 6 : openssl (RHSA-2016:2073)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6.7"], "id": "REDHAT-RHSA-2016-2073.NASL", "href": "https://www.tenable.com/plugins/nessus/94105", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2073. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94105);\n script_version(\"2.9\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-0799\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2842\");\n script_xref(name:\"RHSA\", value:\"2016:2073\");\n\n script_name(english:\"RHEL 6 : openssl (RHSA-2016:2073)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for openssl is now available for Red Hat Enterprise Linux\n6.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)\nand Transport Layer Security (TLS) protocols, as well as a\nfull-strength general-purpose cryptography library.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially\ncrafted certificate which, when verified or re-encoded by OpenSSL,\ncould cause it to crash, or execute arbitrary code using the\npermissions of the user running an application compiled against the\nOpenSSL library. (CVE-2016-2108)\n\n* Two integer overflow flaws, leading to buffer overflows, were found\nin the way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of\nOpenSSL parsed very large amounts of input data. A remote attacker\ncould use these flaws to crash an application using OpenSSL or,\npossibly, execute arbitrary code with the permissions of the user\nrunning that application. (CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when the\nconnection used the AES CBC cipher suite and the server supported\nAES-NI. A remote attacker could possibly use this flaw to retrieve\nplain text from encrypted packets by using a TLS/SSL or DTLS server as\na padding oracle. (CVE-2016-2107)\n\n* Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. Applications which passed large amounts of\nuntrusted data through these functions could crash or potentially\nexecute code with the permissions of the user running such an\napplication. (CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could\nbe forced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106,\nCVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa\nSidhpurwala (Red Hat), Hanno Bock, and David Benjamin (Google) as the\noriginal reporters of CVE-2016-2108; Guido Vranken as the original\nreporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and\nCVE-2016-0799; and Juraj Somorovsky as the original reporter of\nCVE-2016-2107.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2073\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-0799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2842\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6\\.7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.7\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2073\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"openssl-1.0.1e-42.el6_7.5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"openssl-debuginfo-1.0.1e-42.el6_7.5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"openssl-devel-1.0.1e-42.el6_7.5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"openssl-perl-1.0.1e-42.el6_7.5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-42.el6_7.5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el6_7.5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"openssl-static-1.0.1e-42.el6_7.5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"openssl-static-1.0.1e-42.el6_7.5\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el6_7.5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:00", "description": "From Red Hat Security Advisory 2016:0996 :\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108)\n\n* Two integer overflow flaws, leading to buffer overflows, were found in the way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL parsed very large amounts of input data. A remote attacker could use these flaws to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n* Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application. (CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Bock, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.", "cvss3": {}, "published": "2016-05-16T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : openssl (ELSA-2016-0996)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2842"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "p-cpe:/a:oracle:linux:openssl-static", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2016-0996.NASL", "href": "https://www.tenable.com/plugins/nessus/91152", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:0996 and \n# Oracle Linux Security Advisory ELSA-2016-0996 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91152);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-0799\", \"CVE-2016-2105\", \"CVE-2016-2106\", \"CVE-2016-2107\", \"CVE-2016-2108\", \"CVE-2016-2109\", \"CVE-2016-2842\");\n script_xref(name:\"RHSA\", value:\"2016:0996\");\n\n script_name(english:\"Oracle Linux 6 : openssl (ELSA-2016-0996)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:0996 :\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)\nand Transport Layer Security (TLS) protocols, as well as a\nfull-strength general-purpose cryptography library.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially\ncrafted certificate which, when verified or re-encoded by OpenSSL,\ncould cause it to crash, or execute arbitrary code using the\npermissions of the user running an application compiled against the\nOpenSSL library. (CVE-2016-2108)\n\n* Two integer overflow flaws, leading to buffer overflows, were found\nin the way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of\nOpenSSL parsed very large amounts of input data. A remote attacker\ncould use these flaws to crash an application using OpenSSL or,\npossibly, execute arbitrary code with the permissions of the user\nrunning that application. (CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when the\nconnection used the AES CBC cipher suite and the server supported\nAES-NI. A remote attacker could possibly use this flaw to retrieve\nplain text from encrypted packets by using a TLS/SSL or DTLS server as\na padding oracle. (CVE-2016-2107)\n\n* Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. Applications which passed large amounts of\nuntrusted data through these functions could crash or potentially\nexecute code with the permissions of the user running such an\napplication. (CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could\nbe forced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106,\nCVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa\nSidhpurwala (Red Hat), Hanno Bock, and David Benjamin (Google) as the\noriginal reporters of CVE-2016-2108; Guido Vranken as the original\nreporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and\nCVE-2016-0799; and Juraj Somorovsky as the original reporter of\nCVE-2016-2107.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-May/006053.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o: