{"id": "KLA10888", "bulletinFamily": "info", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "description": "### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "published": "2016-10-19T00:00:00", "modified": "2019-02-13T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "reporter": "Kaspersky Lab", "references": [], "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "type": "kaspersky", "lastseen": "2019-02-15T12:33:32", "history": [{"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 35, "enchantments": {"dependencies": {"modified": "2019-02-11T20:22:04", "references": [{"idList": ["GLSA-201612-27"], "type": "gentoo"}, {"idList": ["OPENSSL:CVE-2016-6304"], "type": "openssl"}, {"idList": ["F5:K54211024", "SOL54211024"], "type": "f5"}, {"idList": ["DEBIAN:DLA-637-1:F8314"], "type": "debian"}, {"idList": ["CESA-2016:1940"], "type": "centos"}, {"idList": ["OPENSSL_ADVISORY21.ASC"], "type": "aix"}, {"idList": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "type": "cve"}, {"idList": ["USN-3087-2"], "type": "ubuntu"}, {"idList": ["ALAS-2016-749"], "type": "amazon"}, {"idList": ["OPENVAS:1361412562310809079", "OPENVAS:1361412562310809377", "OPENVAS:1361412562310809077", "OPENVAS:1361412562310107051", "OPENVAS:1361412562310809076", "OPENVAS:1361412562310809078", "OPENVAS:1361412562310107050", "OPENVAS:1361412562310809075", "OPENVAS:1361412562310140048", "OPENVAS:1361412562310809080"], "type": "openvas"}, {"idList": ["OPENSUSE-2016-1226.NASL", "VIRTUALBOX_5_1_8.NASL", "REDHAT-RHSA-2016-2802.NASL", "OPENSUSE-2017-141.NASL", "ARISTA_EOS_SA0024_4_17.NASL", "GENTOO_GLSA-201612-27.NASL", "F5_BIGIP_SOL54211024.NASL", "ALA_ALAS-2016-749.NASL", "OPENSUSE-2016-1366.NASL", "MACOSX_SECUPD2016-007.NASL"], "type": "nessus"}, {"idList": ["SUSE-SU-2016:2470-1", "SUSE-SU-2016:2470-2", "SUSE-SU-2016:2387-1", "SUSE-SU-2016:2469-1", "OPENSUSE-SU-2016:2496-1", "SUSE-SU-2016:2458-1", "SUSE-SU-2016:2468-1", "OPENSUSE-SU-2016:2537-1"], "type": "suse"}, {"idList": ["RHSA-2017:2493", "RHSA-2017:1658", "RHSA-2017:1802", "RHSA-2017:1413", "RHSA-2017:1659", "RHSA-2017:1415", "RHSA-2016:2802", "RHSA-2017:1801", "RHSA-2017:2494", "RHSA-2017:1414"], "type": "redhat"}, {"idList": ["ASA-201609-23", "ASA-201609-24"], "type": "archlinux"}, {"idList": ["THN:35CF2D56C908025E96F8E8ADF33384DB"], "type": "thn"}, {"idList": ["1337DAY-ID-25942"], "type": "zdt"}, {"idList": ["THREATPOST:D4706357F1ED015BC0C89123865AF61A", "THREATPOST:92734AB0515417387ACE7EE44D1D5100"], "type": "threatpost"}, {"idList": ["H1:216840"], "type": "hackerone"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "f38edb42e29ae304b6928183083973cb61e2f0038510d57f0c8cb191d84b9720", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "df9924d329e61639b23ceae50bf09fef", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "eeaee7654286336903a205fbedf76f75", "key": "modified"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2019-02-11T20:22:04", "modified": "2019-02-04T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 24}, "differentElements": ["modified"], "edition": 35, "lastseen": "2019-02-11T20:22:04"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n6.5\n\n### *Detect date*:\n10/18/2016\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox-2/>)\n\n### *CVE-IDS*:\n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 4, "enchantments": {"score": {"modified": "2017-12-19T15:09:49", "value": 6.5}}, "hash": "a2fa2582266355d820984e76e907822a6f67ae2235f52d7a871e29d08e016b33", "hashmap": [{"hash": "f73537294a413783ee6a88308a25e8c1", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "b4d3fb3bf91408daca0ee87023f21135", "key": "description"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "0416e7762cb900088c87342ca21f0680", "key": "published"}, {"hash": "c61ef83b4939578e95c273912ebf5e5b", "key": "cvss"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2017-12-19T15:09:49", "modified": "2016-10-26T00:00:00", "objectVersion": "1.3", "published": "2016-10-18T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888\nMultiple vulnerabilities in Oracle VM VirtualBox\t\t\t ", "type": "kaspersky", "viewCount": 3}, "differentElements": ["cvss", "description"], "edition": 4, "lastseen": "2017-12-19T15:09:49"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 15, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "7872e3f6f2d9161896f749e16566f3aeaa79226008096150d7f21524e2d92849", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "f88d50f5167050f5b3367c6d99617b00", "key": "modified"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-09-26T09:49:01", "modified": "2018-09-12T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 15}, "differentElements": ["modified"], "edition": 15, "lastseen": "2018-09-26T09:49:01"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n6.5\n\n### *Detect date*:\n10/18/2016\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox-2/>)\n\n### *CVE-IDS*:\n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 1, "enchantments": {}, "hash": "ffa298c5075294479e7327f330cea951c4593b70b2314e2bf313c7261654f954", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "b4d3fb3bf91408daca0ee87023f21135", "key": "description"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "0416e7762cb900088c87342ca21f0680", "key": "published"}, {"hash": "6e795eb1423802a45adc4878866deaa0", "key": "title"}, {"hash": "c61ef83b4939578e95c273912ebf5e5b", "key": "cvss"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2017-05-01T09:33:16", "modified": "2016-10-26T00:00:00", "objectVersion": "1.2", "published": "2016-10-18T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888\nMultiple vulnerabilities in Oracle VM VirtualBox\t\t\t ", "type": "kaspersky", "viewCount": 2}, "differentElements": ["title"], "edition": 1, "lastseen": "2017-05-01T09:33:16"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 29, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2c146d1b60947cd5212f8da6e486d3330d4e123e0f90de6db5690bea50192381", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "3051ab0b7817043d4fdba47cdc04b224", "key": "modified"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-12-21T05:22:58", "modified": "2018-12-17T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 23}, "differentElements": ["modified"], "edition": 29, "lastseen": "2018-12-21T05:22:58"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/18/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox-2/>)\n\n### *CVE-IDS*:\n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 5, "enchantments": {"score": {"modified": "2017-12-26T14:36:44", "value": 6.5}}, "hash": "9406c08d0c5db647ed680fb1000bdddae82afab7361ed127f250afda046dece7", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "f73537294a413783ee6a88308a25e8c1", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "0416e7762cb900088c87342ca21f0680", "key": "published"}, {"hash": "144800bd639d217c03ac382921d31538", "key": "description"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2017-12-26T14:36:44", "modified": "2016-10-26T00:00:00", "objectVersion": "1.3", "published": "2016-10-18T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888\nMultiple vulnerabilities in Oracle VM VirtualBox\t\t\t ", "type": "kaspersky", "viewCount": 3}, "differentElements": ["description", "published"], "edition": 5, "lastseen": "2017-12-26T14:36:44"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 18, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "6b1ef2fa538b536176d58d45fbc5caf157cf351bba75784d5ef131ce2e318c90", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "99cf33fdc76c271eacfb873ef259f621", "key": "modified"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-10-18T16:04:10", "modified": "2018-10-16T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 19}, "differentElements": ["modified"], "edition": 18, "lastseen": "2018-10-18T16:04:10"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 24, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "f7a165d8621033b3d3385add4bc3fb90d0a4e3d8ebdc97dbda11fc9f3bbc89e4", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "015cb78ce50d3bd4e2fbe18f25603329", "key": "modified"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-11-16T08:22:55", "modified": "2018-11-15T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 21}, "differentElements": ["modified"], "edition": 24, "lastseen": "2018-11-16T08:22:55"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 22, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "6509e587bd001136315d6e51a08d0d2e1ad456a4b9912ba5dcc1c6236d6591e7", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "df9924d329e61639b23ceae50bf09fef", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "b1b97b93dd9db2b9d4b1c813cb8e2856", "key": "modified"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-11-13T22:17:53", "modified": "2018-11-06T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 20}, "differentElements": ["description"], "edition": 22, "lastseen": "2018-11-13T22:17:53"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 19, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "bd7e8f058ad0ba5b9bf53cca4c33f74e71684f9da468fb69cabe74bc55ae7894", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "8417130e0d445fc9335d4108d7416ee8", "key": "modified"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-10-31T00:07:22", "modified": "2018-10-18T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 20}, "differentElements": ["modified"], "edition": 19, "lastseen": "2018-10-31T00:07:22"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 27, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "b574945d2a681384ce89afecaa310700cbc73f48c4c12c423313e45fbbb7ef69", "hashmap": [{"hash": "f5a7c6fbed7d69b9366f07e021ae8bd3", "key": "modified"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-12-06T13:23:37", "modified": "2018-12-04T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 22}, "differentElements": ["modified"], "edition": 27, "lastseen": "2018-12-06T13:23:37"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox-2/>)\n\n### *CVE-IDS*:\n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 7, "enchantments": {"score": {"modified": "2018-02-19T21:28:11", "value": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N/"}}, "hash": "f1b13aab5083020405da2310a0ac0d005de128d6640dd4238c6f54f71f86eb2d", "hashmap": [{"hash": "df2e24c1f618fcff69ba2210c61e5e60", "key": "title"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "8cbac3b9969bcf6c6747a5ab07d21d5a", "key": "description"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-02-19T21:28:11", "modified": "2016-10-26T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox\t\t\t ", "type": "kaspersky", "viewCount": 5}, "differentElements": ["description"], "edition": 7, "lastseen": "2018-02-19T21:28:11"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 25, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "7c069ab220312494f8acf01e6c5e9bce5da22d26d9dcdcc2048330b02a43b023", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}, {"hash": "342cc90fff603913e7fb1060eccdf48e", "key": "modified"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-11-27T08:38:19", "modified": "2018-11-16T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 22}, "differentElements": ["modified"], "edition": 25, "lastseen": "2018-11-27T08:38:19"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 36, "enchantments": {"dependencies": {"modified": "2019-02-13T16:34:56", "references": [{"idList": ["GLSA-201612-27"], "type": "gentoo"}, {"idList": ["OPENSSL:CVE-2016-6304"], "type": "openssl"}, {"idList": ["F5:K54211024", "SOL54211024"], "type": "f5"}, {"idList": ["DEBIAN:DLA-637-1:F8314"], "type": "debian"}, {"idList": ["CESA-2016:1940"], "type": "centos"}, {"idList": ["OPENSSL_ADVISORY21.ASC"], "type": "aix"}, {"idList": ["OPENVAS:1361412562310809079", "OPENVAS:1361412562310809377", "OPENVAS:1361412562310809077", "OPENVAS:1361412562310107051", "OPENVAS:1361412562310809376", "OPENVAS:1361412562310809076", "OPENVAS:1361412562310809078", "OPENVAS:1361412562310809075", "OPENVAS:1361412562310140048", "OPENVAS:1361412562310809080"], "type": "openvas"}, {"idList": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "type": "cve"}, {"idList": ["USN-3087-2"], "type": "ubuntu"}, {"idList": ["ALAS-2016-749"], "type": "amazon"}, {"idList": ["OPENSUSE-2016-1226.NASL", "VIRTUALBOX_5_1_8.NASL", "REDHAT-RHSA-2016-2802.NASL", "OPENSUSE-2017-141.NASL", "ARISTA_EOS_SA0024_4_17.NASL", "GENTOO_GLSA-201612-27.NASL", "F5_BIGIP_SOL54211024.NASL", "ALA_ALAS-2016-749.NASL", "OPENSUSE-2016-1366.NASL", "MACOSX_SECUPD2016-007.NASL"], "type": "nessus"}, {"idList": ["SUSE-SU-2016:2470-1", "SUSE-SU-2016:2470-2", "SUSE-SU-2016:2387-1", "SUSE-SU-2016:2469-1", "OPENSUSE-SU-2016:2496-1", "SUSE-SU-2016:2458-1", "SUSE-SU-2016:2468-1", "OPENSUSE-SU-2016:2537-1"], "type": "suse"}, {"idList": ["RHSA-2017:2493", "RHSA-2017:1658", "RHSA-2017:1802", "RHSA-2017:1413", "RHSA-2017:1659", "RHSA-2017:1415", "RHSA-2016:2802", "RHSA-2017:1801", "RHSA-2017:2494", "RHSA-2017:1414"], "type": "redhat"}, {"idList": ["ASA-201609-23", "ASA-201609-24"], "type": "archlinux"}, {"idList": ["THN:35CF2D56C908025E96F8E8ADF33384DB"], "type": "thn"}, {"idList": ["1337DAY-ID-25942"], "type": "zdt"}, {"idList": ["THREATPOST:D4706357F1ED015BC0C89123865AF61A", "THREATPOST:92734AB0515417387ACE7EE44D1D5100"], "type": "threatpost"}, {"idList": ["H1:216840"], "type": "hackerone"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "573d9c4fe5d736998717b54936cb24cb3ead9dccbe57ac01e63f95903939dc2b", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "ac9cd05628e253f6cc41f1898f90b912", "key": "modified"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "df9924d329e61639b23ceae50bf09fef", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2019-02-13T16:34:56", "modified": "2019-02-06T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 24}, "differentElements": ["modified"], "edition": 36, "lastseen": "2019-02-13T16:34:56"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n6.5\n\n### *Detect date*:\n10/18/2016\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox-2/>)\n\n### *CVE-IDS*:\n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 2, "enchantments": {}, "hash": "bdbac08ebf317fd679205a2df817820664523b65cdb4ee465f93c6a572257e9d", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "8ebc64676c4898ca5e75dacd5156e183", "key": "title"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "b4d3fb3bf91408daca0ee87023f21135", "key": "description"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "0416e7762cb900088c87342ca21f0680", "key": "published"}, {"hash": "c61ef83b4939578e95c273912ebf5e5b", "key": "cvss"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2017-10-17T15:13:49", "modified": "2016-10-26T00:00:00", "objectVersion": "1.3", "published": "2016-10-18T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888\n Multiple vulnerabilities in Oracle VM VirtualBox \n ", "type": "kaspersky", "viewCount": 2}, "differentElements": ["title"], "edition": 2, "lastseen": "2017-10-17T15:13:49"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 10, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "bd9ec020625ba8b76f2c355fc7a19884d36009e10e7cba168990992484f0c9c1", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "464857d7b87b7b905e79b99c78b7d97a", "key": "modified"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-08-27T12:38:48", "modified": "2018-08-17T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 14}, "differentElements": ["cvss"], "edition": 10, "lastseen": "2018-08-27T12:38:48"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 16, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "bcf46563e3ba5f3923c2f8f0d82a1da90180bf7f6e70821532ebd4e7dce90ce9", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4f39b12f12b9cfc524b1a9ccce1883fb", "key": "modified"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-09-27T11:50:41", "modified": "2018-09-26T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 17}, "differentElements": ["modified"], "edition": 16, "lastseen": "2018-09-27T11:50:41"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 30, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "33d647208ea1cbcf540956668f5f107ec3abb1b212c59f43cbd8e5a5b24d0b8e", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "c32cbe5fddac08eeb23415ae701ad676", "key": "modified"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-12-28T11:33:54", "modified": "2018-12-28T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 23}, "differentElements": ["modified"], "edition": 30, "lastseen": "2018-12-28T11:33:54"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 11, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "ac3a4b42341576813315365ba46af6eb74eb9ee11d4b68236ae8c3aefeebdca1", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "464857d7b87b7b905e79b99c78b7d97a", "key": "modified"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-08-30T20:38:16", "modified": "2018-08-17T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 14}, "differentElements": ["cvss"], "edition": 11, "lastseen": "2018-08-30T20:38:16"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2016-5611", "CVE-2016-5608", "CVE-2016-5610", "CVE-2016-6304", "CVE-2016-5605", "CVE-2016-5538", "CVE-2016-5613", "CVE-2016-5501"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "### *CVSS*:\n7.8\n\n### *Detect date*:\n10/19/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity or obtain sensitive information. These vulnerabilities can be executed remotely and related to Core, OpenSSL and VRDE.\n\n### *Affected products*:\nOracle VM VirtualBox versions earlier than 5.0.28 \nOracle VM VirtualBox 5.1 versions earlier than 5.1.8\n\n### *Solution*:\nUpdate to the latest version \n[Oracle VM VirtualBox download page](<https://www.virtualbox.org/wiki/Downloads>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixOVIR>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle VirtualBox](<https://threats.kaspersky.com/en/product/Oracle-VirtualBox/>)\n\n### *CVE-IDS*:\n[CVE-2016-5605](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5605>) \n[CVE-2016-5501](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5501>) \n[CVE-2016-5610](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5610>) \n[CVE-2016-5538](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5538>) \n[CVE-2016-5608](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5608>) \n[CVE-2016-5611](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5611>) \n[CVE-2016-5613](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5613>) \n[CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)", "edition": 21, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2cf9aa9b273ceffcf1a783ce960e63085cf54475255227fba3e6cd7f5a9f9613", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "04e046712c1b52712f7a7ed82498f22c", "key": "cvelist"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "c66430bd0c8689a06d21da9689458836", "key": "description"}, {"hash": "1c5f25be316d43f9aaa0e7a4f1809d08", "key": "href"}, {"hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1", "key": "type"}, {"hash": "b1b97b93dd9db2b9d4b1c813cb8e2856", "key": "modified"}, {"hash": "1473cc95d97afe32f88497f5af8e9307", "key": "published"}, {"hash": "be9ec55550d2e9f1827933b580aea00d", "key": "title"}, {"hash": "c7d33ff7b19a6a933a6f8c682a1e11aa", "key": "reporter"}], "history": [], "href": "https://threats.kaspersky.com/en/vulnerability/KLA10888", "id": "KLA10888", "lastseen": "2018-11-08T14:12:37", "modified": "2018-11-06T00:00:00", "objectVersion": "1.3", "published": "2016-10-19T00:00:00", "references": [], "reporter": "Kaspersky Lab", "title": "\r KLA10888Multiple vulnerabilities in Oracle VM VirtualBox ", "type": "kaspersky", "viewCount": 20}, "differentElements": ["description"], "edition": 21, "lastseen": "2018-11-08T14:12:37"}], "edition": 37, "hashmap": [{"key": "bulletinFamily", "hash": "caf9b6b99962bf5c2264824231d7a40c"}, {"key": "cvelist", "hash": "04e046712c1b52712f7a7ed82498f22c"}, {"key": "cvss", "hash": "ed3111898fb94205e2b64cefef5a2081"}, {"key": "description", "hash": "df9924d329e61639b23ceae50bf09fef"}, {"key": "href", "hash": "1c5f25be316d43f9aaa0e7a4f1809d08"}, {"key": "modified", "hash": "dc7bd333fcf4f62e78c15dc6692ca728"}, {"key": "published", "hash": "1473cc95d97afe32f88497f5af8e9307"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "c7d33ff7b19a6a933a6f8c682a1e11aa"}, {"key": "title", "hash": "be9ec55550d2e9f1827933b580aea00d"}, {"key": "type", "hash": "d85eb9a86b89fb1c1dcf7dbb6a9f02d1"}], "hash": "49cf615b3706e37229934858ee7553743e48c1316fb900715355516464fa1538", "viewCount": 24, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["VIRTUALBOX_5_1_8.NASL", "OPENSUSE-2016-1366.NASL", "OPENSUSE-2016-1226.NASL", "OPENSUSE-2017-141.NASL", "ALA_ALAS-2016-749.NASL", "REDHAT-RHSA-2016-2802.NASL", "GENTOO_GLSA-201612-27.NASL", "F5_BIGIP_SOL54211024.NASL", "MACOSX_SECUPD2016-007.NASL", "ARISTA_EOS_SA0024_4_17.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310809076", "OPENVAS:1361412562310809075", "OPENVAS:1361412562310809077", "OPENVAS:1361412562310140048", "OPENVAS:1361412562310107051", "OPENVAS:1361412562310809080", "OPENVAS:1361412562310809078", "OPENVAS:1361412562310809079", "OPENVAS:1361412562310809377", "OPENVAS:1361412562310107050"]}, {"type": "cve", "idList": ["CVE-2016-5538", "CVE-2016-5610", "CVE-2016-5608", "CVE-2016-5613", "CVE-2016-5611", "CVE-2016-5605", "CVE-2016-5501", "CVE-2016-6304"]}, {"type": "f5", "idList": ["F5:K54211024", "SOL54211024"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2016-6304"]}, {"type": "zdt", "idList": ["1337DAY-ID-25942"]}, {"type": "gentoo", "idList": ["GLSA-201612-27"]}, {"type": "redhat", "idList": ["RHSA-2016:2802", "RHSA-2017:1801", "RHSA-2017:1658", "RHSA-2017:2493", "RHSA-2017:1659", "RHSA-2017:2494", "RHSA-2017:1802", "RHSA-2017:1413", "RHSA-2017:1414", "RHSA-2017:1415"]}, {"type": "thn", "idList": ["THN:35CF2D56C908025E96F8E8ADF33384DB"]}, {"type": "amazon", "idList": ["ALAS-2016-749"]}, {"type": "threatpost", "idList": ["THREATPOST:92734AB0515417387ACE7EE44D1D5100", "THREATPOST:D4706357F1ED015BC0C89123865AF61A"]}, {"type": "hackerone", "idList": ["H1:216840"]}, {"type": "suse", "idList": ["SUSE-SU-2016:2470-2", "SUSE-SU-2016:2470-1", "OPENSUSE-SU-2016:2496-1", "SUSE-SU-2016:2458-1", "OPENSUSE-SU-2016:2537-1", "SUSE-SU-2016:2468-1", "OPENSUSE-SU-2016:2391-1"]}, {"type": "ubuntu", "idList": ["USN-3087-2", "USN-3087-1"]}, {"type": "centos", "idList": ["CESA-2016:1940"]}, {"type": "archlinux", "idList": ["ASA-201609-24", "ASA-201609-23"]}, {"type": "aix", "idList": ["OPENSSL_ADVISORY21.ASC"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-1940"]}], "modified": "2019-02-15T12:33:32"}, "score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "scheme": null}

{"nessus": [{"lastseen": "2019-01-16T20:25:11", "bulletinFamily": "scanner", "description": "The version of the Oracle VM VirtualBox application installed on the\nremote host is 5.0.x prior to 5.0.28 or 5.1.x prior to 5.1.8. It is,\ntherefore, affected by multiple vulnerabilities :\n\n - Multiple unspecified flaws exist in the Core\n subcomponent that allow a local attacker to gain\n elevated privileges. (CVE-2016-5501, CVE-2016-5538)\n\n - An unspecified flaw exists in the VirtualBox Remote\n Desktop Extension (VRDE) subcomponent that allows an\n unauthenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2016-5605)\n\n - Multiple unspecified flaws exist in the Core\n subcomponent that allow a local attacker to cause a\n denial of service condition. (CVE-2016-5608,\n CVE-2016-5613)\n\n - An unspecified flaw exists in the Core subcomponent that\n allows a local attacker to impact on integrity and\n availability. (CVE-2016-5610)\n\n - An unspecified flaw exists in the Core subcomponent that\n allows a local attacker to disclose sensitive\n information. (CVE-2016-5611)\n\n - A flaw exists in the OpenSSL subcomponent, specifically\n within the ssl_parse_clienthello_tlsext() function in\n t1_lib.c due, to improper handling of overly large OCSP\n Status Request extensions from clients. An\n unauthenticated, remote attacker can exploit this, via\n large OCSP Status Request extensions, to exhaust memory\n resources, resulting in a denial of service condition.\n (CVE-2016-6304)", "modified": "2018-11-08T00:00:00", "published": "2016-10-20T00:00:00", "id": "VIRTUALBOX_5_1_8.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=94168", "title": "Oracle VM VirtualBox 5.0.x < 5.0.28 / 5.1.x < 5.1.8 Multiple Vulnerabilities (October 2016 CPU)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94168);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/08 11:55:29\");\n\n script_cve_id(\n \"CVE-2016-5501\",\n \"CVE-2016-5538\",\n \"CVE-2016-5605\",\n \"CVE-2016-5608\",\n \"CVE-2016-5610\",\n \"CVE-2016-5611\",\n \"CVE-2016-5613\",\n \"CVE-2016-6304\"\n );\n script_bugtraq_id(\n 93150,\n 93685,\n 93687,\n 93697,\n 93711,\n 93718,\n 93728,\n 93744\n );\n\n script_name(english:\"Oracle VM VirtualBox 5.0.x < 5.0.28 / 5.1.x < 5.1.8 Multiple Vulnerabilities (October 2016 CPU)\");\n script_summary(english:\"Performs a version check on VirtualBox.exe.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of the Oracle VM VirtualBox application installed on the\nremote host is 5.0.x prior to 5.0.28 or 5.1.x prior to 5.1.8. It is,\ntherefore, affected by multiple vulnerabilities :\n\n - Multiple unspecified flaws exist in the Core\n subcomponent that allow a local attacker to gain\n elevated privileges. (CVE-2016-5501, CVE-2016-5538)\n\n - An unspecified flaw exists in the VirtualBox Remote\n Desktop Extension (VRDE) subcomponent that allows an\n unauthenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2016-5605)\n\n - Multiple unspecified flaws exist in the Core\n subcomponent that allow a local attacker to cause a\n denial of service condition. (CVE-2016-5608,\n CVE-2016-5613)\n\n - An unspecified flaw exists in the Core subcomponent that\n allows a local attacker to impact on integrity and\n availability. (CVE-2016-5610)\n\n - An unspecified flaw exists in the Core subcomponent that\n allows a local attacker to disclose sensitive\n information. (CVE-2016-5611)\n\n - A flaw exists in the OpenSSL subcomponent, specifically\n within the ssl_parse_clienthello_tlsext() function in\n t1_lib.c due, to improper handling of overly large OCSP\n Status Request extensions from clients. An\n unauthenticated, remote attacker can exploit this, via\n large OCSP Status Request extensions, to exhaust memory\n resources, resulting in a denial of service condition.\n (CVE-2016-6304)\");\n # http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\n script_set_attribute(attribute:\"see_also\",value:\"http://www.nessus.org/u?bac902d5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.virtualbox.org/wiki/Changelog\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle VM VirtualBox version 5.0.28 / 5.1.8 or later as\nreferenced in the October 2016 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-6304\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:vm_virtualbox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"virtualbox_installed.nasl\", \"macosx_virtualbox_installed.nbin\");\n script_require_ports(\"installed_sw/Oracle VM VirtualBox\", \"installed_sw/VirtualBox\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = NULL;\napps = make_list('Oracle VM VirtualBox', 'VirtualBox');\n\nforeach app (apps)\n{\n if (get_install_count(app_name:app)) break;\n else app = NULL;\n}\n\nif (isnull(app)) audit(AUDIT_NOT_INST, 'Oracle VM VirtualBox');\n\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nver = install['version'];\npath = install['path'];\n\n# Affected :\n# 5.0.x < 5.0.28 / 5.1.x < 5.1.8\nif (ver =~ '^5\\\\.0' && ver_compare(ver:ver, fix:'5.0.26', strict:FALSE) < 0) fix = '5.0.26';\nelse if (ver =~ '^5\\\\.1' && ver_compare(ver:ver, fix:'5.1.8', strict:FALSE) < 0) fix = '5.1.8';\nelse audit(AUDIT_INST_PATH_NOT_VULN, app, ver, path);\n\nport = 0;\nif (app == 'Oracle VM VirtualBox')\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n}\n\nreport =\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\nsecurity_report_v4(port:port, extra:report, severity:SECURITY_HOLE);\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:25:30", "bulletinFamily": "scanner", "description": "This update for virtualbox fixes the following issues :\n\n - Fixes\n CVE-2016-5501,CVE-2016-5538,CVE-2016-5605,CVE-2016-5608,\n CVE-2016-5610,CVE-2016-5611,CVE-2016-5613 (bsc#1005621)\n\n - Add patch to limit number of simultaneous make jobs.\n\n - Version bump to 5.1.8 (released 2016-10-18 by Oracle)\n This is a maintenance release. The following items were\n fixed and/or added: GUI: fixed keyboard shortcut\n handling regressions (Mac OS X hosts only; bugs #15937\n and #15938) GUI: fixed keyboard handling regression for\n separate UI (Windows hosts only; bugs #15928) NAT: don't\n exceed the maximum number of 'search' suffixes. Patch\n from bug #15948. NAT: fixed parsing of port-forwarding\n rules with a name which contains a slash (bug #16002)\n NAT Network: when the host has only loopback nameserver\n that cannot be mapped to the guests (e.g. dnsmasq\n running on 127.0.1.1), make DHCP supply NAT Network DNS\n proxy as nameserver. Bridged Network: prevent flooding\n syslog with packet allocation error messages (bug\n #15569) Audio: now using Audio Queues on Mac OS X hosts\n Audio: fixed recording with the PulseAudio backend (5.1\n regression) Audio: various bugfixes Snapshots: fixed\n regression in 5.1.4 for deleting snapshots with several\n disks (bug #15831) Snapshots: crash fix and better error\n reporting when snapshot deletion failed Storage: some\n fixes for the NVMe emulation with Windows guests API:\n fixed initialization of SAS controllers (bug #15972)\n Build system: make it possible to build VBox on systems\n which default to Python 3 Windows Additions / VGA: if\n the guest's power management turns a virtual screen off,\n blank the corresponding VM window rather than hide the\n window Windows Additions: fixed a generic bug which\n could lead to freezing shared folders (bug #15662) Linux\n hosts / guests: fix for kernels with\n CONFIG_CPUMASK_OFFSTACK set (bug #16020) Linux\n Additions: don't require all virtual consoles be in text\n mode. This should fix cases when the guest is booted\n with a graphical boot screen (bug #15683) Linux\n Additions: added depmod overrides for the vboxguest and\n vboxsf kernel modules to fix conflicts with modules\n shipped by certain Linux distributions X11 Additions:\n disable 3D on the guest if the host does not provide\n enough capabilities (bug #15860) \n\n - Builds keep running out of memory when building the web\n server part of the package. To help the memory pressure,\n I have forced make to run with '-j2', rather than use\n the number of processors. Such a change will slow the\n build, but will result in a higher rate of success.\n\n - Increase memory allowed in build to 10000 MB.\n\n - Remove file 'fix_removal_of_DEFINE_PCI_DEVICE_TABLE' -\n fixed upstream.\n\n - Version bump to 5.1.6 (released 2016-09-12 by Oracle)\n This is a maintenance release. The following items were\n fixed and/or added: GUI: fixed issue with opening\n '.vbox' files and it's aliases GUI: keyboard grabbing\n fixes (bugs #15771 and #15745) GUI: fix for passing\n through Ctrl + mouse-click (Mac OS X hosts only; bug\n #15714) GUI: fixed automatic deletion of extension pack\n files (bugs #11352 and #14742) USB: fixed showing\n unknown device instead of the manufacturer or product\n description under certain circumstances (5.1.0\n regression; bug #15764) XHCI: another fix for a hanging\n guest under certain conditions as result of the fix for\n bug #15747, this time for Windows 7 guests Serial: fixed\n high CPU usage with certain USB to serial converters on\n Linux hosts (bug #7796) Storage: fixed attaching stream\n optimized VMDK images (bug #14764) Storage: reject image\n variants which are unsupported by the backend (bug\n #7227) Storage: fixed loading saved states created with\n VirtualBox 5.0.10 and older when using a SCSI controller\n (bug #15865) Storage: fixed broken NVMe emulation if the\n host I/O cache setting is enabled Storage: fixed using\n multiple NVMe controllers if ICH9 is used NVMe: fixed a\n crash during reset which could happen under certain\n circumstances Audio: fixed microphone input (5.1.2\n regression; bugs #14386 and #15802) Audio: fixed crashes\n under certain conditions (5.1.0 regression; bug #15887\n and others) Audio: fixed recording with the ALSA backend\n (5.1 regression) Audio: fixed stream access mode with\n OSS backend (5.1 regression, thanks to Jung-uk Kim)\n E1000: do also return masked bits when reading the ICR\n register, this fixes booting from iPXE (5.1.2\n regression; bug #15846) BIOS: fixed 4bpp scanline\n calculation (bug #15787) API: relax the check for the\n version attribute in OVF/OVA appliances (bug #15856)\n Windows hosts: fixed crashes when terminating the VM\n selector or other VBox COM clients (bug #15726 and\n others) Linux Installer: fixed path to the documentation\n in .rpm packages (5.1.0 regression) Linux Installer:\n fixed the vboxdrv.sh script to prevent an SELinux\n complaint (bug #15816) Linux hosts: don't use 32-bit\n legacy capabilities Linux Additions: Linux 4.8 fix for\n the kernel display driver (bugs #15890 and #15896) Linux\n Additions: don't load the kernel modules provided by the\n Linux distribution but load the kernel modules from the\n official Guest Additions package instead (bug #15324)\n Linux Additions: fix dynamic resizing problems in recent\n Linux guests (bug #15875) User Manual: fixed error in\n the VBoxManage chapter for the getextradata enumerate\n example (bug #15862) \n\n - Add file 'fix_removal_of_DEFINE_PCI_DEVICE_TABLE' to\n compile on kernel 4.8.", "modified": "2016-11-29T00:00:00", "published": "2016-11-29T00:00:00", "id": "OPENSUSE-2016-1366.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=95378", "title": "openSUSE Security Update : virtualbox (openSUSE-2016-1366)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1366.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95378);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2016/11/29 14:25:51 $\");\n\n script_cve_id(\"CVE-2016-5501\", \"CVE-2016-5538\", \"CVE-2016-5605\", \"CVE-2016-5608\", \"CVE-2016-5610\", \"CVE-2016-5611\", \"CVE-2016-5613\");\n\n script_name(english:\"openSUSE Security Update : virtualbox (openSUSE-2016-1366)\");\n script_summary(english:\"Check for the openSUSE-2016-1366 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for virtualbox fixes the following issues :\n\n - Fixes\n CVE-2016-5501,CVE-2016-5538,CVE-2016-5605,CVE-2016-5608,\n CVE-2016-5610,CVE-2016-5611,CVE-2016-5613 (bsc#1005621)\n\n - Add patch to limit number of simultaneous make jobs.\n\n - Version bump to 5.1.8 (released 2016-10-18 by Oracle)\n This is a maintenance release. The following items were\n fixed and/or added: GUI: fixed keyboard shortcut\n handling regressions (Mac OS X hosts only; bugs #15937\n and #15938) GUI: fixed keyboard handling regression for\n separate UI (Windows hosts only; bugs #15928) NAT: don't\n exceed the maximum number of 'search' suffixes. Patch\n from bug #15948. NAT: fixed parsing of port-forwarding\n rules with a name which contains a slash (bug #16002)\n NAT Network: when the host has only loopback nameserver\n that cannot be mapped to the guests (e.g. dnsmasq\n running on 127.0.1.1), make DHCP supply NAT Network DNS\n proxy as nameserver. Bridged Network: prevent flooding\n syslog with packet allocation error messages (bug\n #15569) Audio: now using Audio Queues on Mac OS X hosts\n Audio: fixed recording with the PulseAudio backend (5.1\n regression) Audio: various bugfixes Snapshots: fixed\n regression in 5.1.4 for deleting snapshots with several\n disks (bug #15831) Snapshots: crash fix and better error\n reporting when snapshot deletion failed Storage: some\n fixes for the NVMe emulation with Windows guests API:\n fixed initialization of SAS controllers (bug #15972)\n Build system: make it possible to build VBox on systems\n which default to Python 3 Windows Additions / VGA: if\n the guest's power management turns a virtual screen off,\n blank the corresponding VM window rather than hide the\n window Windows Additions: fixed a generic bug which\n could lead to freezing shared folders (bug #15662) Linux\n hosts / guests: fix for kernels with\n CONFIG_CPUMASK_OFFSTACK set (bug #16020) Linux\n Additions: don't require all virtual consoles be in text\n mode. This should fix cases when the guest is booted\n with a graphical boot screen (bug #15683) Linux\n Additions: added depmod overrides for the vboxguest and\n vboxsf kernel modules to fix conflicts with modules\n shipped by certain Linux distributions X11 Additions:\n disable 3D on the guest if the host does not provide\n enough capabilities (bug #15860) \n\n - Builds keep running out of memory when building the web\n server part of the package. To help the memory pressure,\n I have forced make to run with '-j2', rather than use\n the number of processors. Such a change will slow the\n build, but will result in a higher rate of success.\n\n - Increase memory allowed in build to 10000 MB.\n\n - Remove file 'fix_removal_of_DEFINE_PCI_DEVICE_TABLE' -\n fixed upstream.\n\n - Version bump to 5.1.6 (released 2016-09-12 by Oracle)\n This is a maintenance release. The following items were\n fixed and/or added: GUI: fixed issue with opening\n '.vbox' files and it's aliases GUI: keyboard grabbing\n fixes (bugs #15771 and #15745) GUI: fix for passing\n through Ctrl + mouse-click (Mac OS X hosts only; bug\n #15714) GUI: fixed automatic deletion of extension pack\n files (bugs #11352 and #14742) USB: fixed showing\n unknown device instead of the manufacturer or product\n description under certain circumstances (5.1.0\n regression; bug #15764) XHCI: another fix for a hanging\n guest under certain conditions as result of the fix for\n bug #15747, this time for Windows 7 guests Serial: fixed\n high CPU usage with certain USB to serial converters on\n Linux hosts (bug #7796) Storage: fixed attaching stream\n optimized VMDK images (bug #14764) Storage: reject image\n variants which are unsupported by the backend (bug\n #7227) Storage: fixed loading saved states created with\n VirtualBox 5.0.10 and older when using a SCSI controller\n (bug #15865) Storage: fixed broken NVMe emulation if the\n host I/O cache setting is enabled Storage: fixed using\n multiple NVMe controllers if ICH9 is used NVMe: fixed a\n crash during reset which could happen under certain\n circumstances Audio: fixed microphone input (5.1.2\n regression; bugs #14386 and #15802) Audio: fixed crashes\n under certain conditions (5.1.0 regression; bug #15887\n and others) Audio: fixed recording with the ALSA backend\n (5.1 regression) Audio: fixed stream access mode with\n OSS backend (5.1 regression, thanks to Jung-uk Kim)\n E1000: do also return masked bits when reading the ICR\n register, this fixes booting from iPXE (5.1.2\n regression; bug #15846) BIOS: fixed 4bpp scanline\n calculation (bug #15787) API: relax the check for the\n version attribute in OVF/OVA appliances (bug #15856)\n Windows hosts: fixed crashes when terminating the VM\n selector or other VBox COM clients (bug #15726 and\n others) Linux Installer: fixed path to the documentation\n in .rpm packages (5.1.0 regression) Linux Installer:\n fixed the vboxdrv.sh script to prevent an SELinux\n complaint (bug #15816) Linux hosts: don't use 32-bit\n legacy capabilities Linux Additions: Linux 4.8 fix for\n the kernel display driver (bugs #15890 and #15896) Linux\n Additions: don't load the kernel modules provided by the\n Linux distribution but load the kernel modules from the\n official Guest Additions package instead (bug #15324)\n Linux Additions: fix dynamic resizing problems in recent\n Linux guests (bug #15875) User Manual: fixed error in\n the VBoxManage chapter for the getextradata enumerate\n example (bug #15862) \n\n - Add file 'fix_removal_of_DEFINE_PCI_DEVICE_TABLE' to\n compile on kernel 4.8.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005621\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected virtualbox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"python-virtualbox-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"python-virtualbox-debuginfo-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-debuginfo-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-debugsource-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-devel-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-desktop-icons-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-kmp-default-5.1.8_k4.4.27_2-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-kmp-default-debuginfo-5.1.8_k4.4.27_2-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-tools-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-tools-debuginfo-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-x11-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-x11-debuginfo-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-host-kmp-default-5.1.8_k4.4.27_2-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-host-kmp-default-debuginfo-5.1.8_k4.4.27_2-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-host-source-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-qt-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-qt-debuginfo-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-websrv-5.1.8-3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-websrv-debuginfo-5.1.8-3.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualbox / python-virtualbox-debuginfo / virtualbox / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:25:13", "bulletinFamily": "scanner", "description": "This update for virtualbox fixes the following issues :\n\n - Address CVE-2016-5501, CVE-2016-5538, CVE-2016-5605,\n CVE-2016-5608, CVE-2016-5610, CVE-2016-5611,\n CVE-2016-5613 (boo#1005621).\n\n - Reduce memory needs during build.\n\n - Version bump to 5.0.28 (released 2016-10-18 by Oracle)\n This is a maintenance release. The following items were\n fixed and/or added: NAT: Don't exceed the maximum number\n of 'search' suffixes. Patch from bug #15948. NAT: fixed\n parsing of port-forwarding rules with a name which\n contains a slash (bug #16002) NAT Network: when the host\n has only loopback nameserver that cannot be mapped to\n the guests (e.g. dnsmasq running on 127.0.1.1), make\n DHCP supply NAT Network DNS proxy as nameserver. Bridged\n Network: prevent flooding syslog with packet allocation\n error messages (bug #15569) USB: fixed a possible crash\n when detaching a USB device Audio: fixes for recording\n (Mac OS X hosts only) Audio: now using Audio Queues on\n Mac OS X hosts OVF: improve importing of VMs created by\n VirtualBox 5.1 VHDX: fixed cloning images with\n VBoxManage cloned (bug #14288) Storage: Fixed broken\n bandwidth limitation when the limit is very low (bug\n #14982) Serial: Fixed high CPU usage with certain USB to\n serial converters on Linux hosts (bug #7796) BIOS: fixed\n 4bpp scanline calculation (bug #15787) VBoxManage: Don't\n try to set the medium type if there is no change (bug\n #13850) API: fixed initialization of SAS controllers\n (bug #15972) Linux hosts: don't use 32-bit legacy\n capabilities Linux hosts / guests: fix for kernels with\n CONFIG_CPUMASK_OFFSTACK set (bug #16020) Linux\n Additions: several fixes for X11 guests running non-root\n X servers Linux Additions: fix for Linux 4.7 (bug\n #15769) Linux Additions: fix for the display kmod driver\n with Linux 4.8 (bugs #15890 and #15896) Windows\n Additions: auto-resizing fixes for Windows 10 guests\n (bug #15257) Windows Additions: fixes for arranging the\n guest screens in multi-screen scenarios Windows\n Additions / VGA: if the guest's power management turns a\n virtual screen off, blank the corresponding VM window\n rather than hide the VM window Windows Additions: fixed\n a generic bug which could lead to freezing shared\n folders (bug #15662) \n\n - Modify virtualbox-guest-preamble and\n virtualbox-host-preamble to obsolete old versions of the\n kernel modules. This change should fix the problem in\n (boo#983629).", "modified": "2016-10-31T00:00:00", "published": "2016-10-27T00:00:00", "id": "OPENSUSE-2016-1226.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=94302", "title": "openSUSE Security Update : virtualbox (openSUSE-2016-1226)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1226.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94302);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2016/10/31 13:56:11 $\");\n\n script_cve_id(\"CVE-2016-5501\", \"CVE-2016-5538\", \"CVE-2016-5605\", \"CVE-2016-5608\", \"CVE-2016-5610\", \"CVE-2016-5611\", \"CVE-2016-5613\");\n\n script_name(english:\"openSUSE Security Update : virtualbox (openSUSE-2016-1226)\");\n script_summary(english:\"Check for the openSUSE-2016-1226 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for virtualbox fixes the following issues :\n\n - Address CVE-2016-5501, CVE-2016-5538, CVE-2016-5605,\n CVE-2016-5608, CVE-2016-5610, CVE-2016-5611,\n CVE-2016-5613 (boo#1005621).\n\n - Reduce memory needs during build.\n\n - Version bump to 5.0.28 (released 2016-10-18 by Oracle)\n This is a maintenance release. The following items were\n fixed and/or added: NAT: Don't exceed the maximum number\n of 'search' suffixes. Patch from bug #15948. NAT: fixed\n parsing of port-forwarding rules with a name which\n contains a slash (bug #16002) NAT Network: when the host\n has only loopback nameserver that cannot be mapped to\n the guests (e.g. dnsmasq running on 127.0.1.1), make\n DHCP supply NAT Network DNS proxy as nameserver. Bridged\n Network: prevent flooding syslog with packet allocation\n error messages (bug #15569) USB: fixed a possible crash\n when detaching a USB device Audio: fixes for recording\n (Mac OS X hosts only) Audio: now using Audio Queues on\n Mac OS X hosts OVF: improve importing of VMs created by\n VirtualBox 5.1 VHDX: fixed cloning images with\n VBoxManage cloned (bug #14288) Storage: Fixed broken\n bandwidth limitation when the limit is very low (bug\n #14982) Serial: Fixed high CPU usage with certain USB to\n serial converters on Linux hosts (bug #7796) BIOS: fixed\n 4bpp scanline calculation (bug #15787) VBoxManage: Don't\n try to set the medium type if there is no change (bug\n #13850) API: fixed initialization of SAS controllers\n (bug #15972) Linux hosts: don't use 32-bit legacy\n capabilities Linux hosts / guests: fix for kernels with\n CONFIG_CPUMASK_OFFSTACK set (bug #16020) Linux\n Additions: several fixes for X11 guests running non-root\n X servers Linux Additions: fix for Linux 4.7 (bug\n #15769) Linux Additions: fix for the display kmod driver\n with Linux 4.8 (bugs #15890 and #15896) Windows\n Additions: auto-resizing fixes for Windows 10 guests\n (bug #15257) Windows Additions: fixes for arranging the\n guest screens in multi-screen scenarios Windows\n Additions / VGA: if the guest's power management turns a\n virtual screen off, blank the corresponding VM window\n rather than hide the VM window Windows Additions: fixed\n a generic bug which could lead to freezing shared\n folders (bug #15662) \n\n - Modify virtualbox-guest-preamble and\n virtualbox-host-preamble to obsolete old versions of the\n kernel modules. This change should fix the problem in\n (boo#983629).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=983629\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected virtualbox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-virtualbox-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-virtualbox-debuginfo-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-debuginfo-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-debugsource-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-devel-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-desktop-icons-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-default-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-default-debuginfo-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-desktop-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-desktop-debuginfo-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-pae-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-pae-debuginfo-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-tools-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-tools-debuginfo-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-x11-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-x11-debuginfo-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-default-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-default-debuginfo-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-desktop-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-desktop-debuginfo-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-pae-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-pae-debuginfo-5.0.28_k3.16.7_42-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-source-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-qt-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-qt-debuginfo-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-websrv-5.0.28-54.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-websrv-debuginfo-5.0.28-54.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualbox / python-virtualbox-debuginfo / virtualbox / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:25:57", "bulletinFamily": "scanner", "description": "This update for virtualbox fixes the following issues :\n\n - The version has been updated from 5.1.8 to 5.1.12.\n Upstream fixed various functional and security issues.\n\n - Multiple security issues have been fixed that could\n cause DoS and possibly privilege escalation\n (CVE-2016-5501,CVE-2016-5538,CVE-2016-5605,CVE-2016-5608\n ,CVE-2016-5610, CVE-2016-5611,CVE-2016-561313,\n boo#1005621)\n\n - A security warning regarding USB passthru has been\n added. It will be shown only the first time virtualbox\n is started. (bnc#1018340)\n\n - Reverted a previously introduced user interface scaling\n change, because it caused problems\n (https://forums.opensuse.org/showthread.php/521520-Virtu\n alBox-interface-scaling, bsc#1014694)", "modified": "2017-01-25T00:00:00", "published": "2017-01-25T00:00:00", "id": "OPENSUSE-2017-141.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96750", "title": "openSUSE Security Update : virtualbox (openSUSE-2017-141)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-141.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96750);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/01/25 14:53:04 $\");\n\n script_cve_id(\"CVE-2016-5501\", \"CVE-2016-5538\", \"CVE-2016-5605\", \"CVE-2016-5608\", \"CVE-2016-5610\", \"CVE-2016-5611\", \"CVE-2016-561313\");\n\n script_name(english:\"openSUSE Security Update : virtualbox (openSUSE-2017-141)\");\n script_summary(english:\"Check for the openSUSE-2017-141 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for virtualbox fixes the following issues :\n\n - The version has been updated from 5.1.8 to 5.1.12.\n Upstream fixed various functional and security issues.\n\n - Multiple security issues have been fixed that could\n cause DoS and possibly privilege escalation\n (CVE-2016-5501,CVE-2016-5538,CVE-2016-5605,CVE-2016-5608\n ,CVE-2016-5610, CVE-2016-5611,CVE-2016-561313,\n boo#1005621)\n\n - A security warning regarding USB passthru has been\n added. It will be shown only the first time virtualbox\n is started. (bnc#1018340)\n\n - Reverted a previously introduced user interface scaling\n change, because it caused problems\n (https://forums.opensuse.org/showthread.php/521520-Virtu\n alBox-interface-scaling, bsc#1014694)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1014694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1018340\"\n );\n # https://forums.opensuse.org/showthread.php/521520-VirtualBox-interface-scaling,\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c5e689a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected virtualbox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"python-virtualbox-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"python-virtualbox-debuginfo-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-debuginfo-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-debugsource-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-devel-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-desktop-icons-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-kmp-default-5.1.12_k4.4.36_8-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-kmp-default-debuginfo-5.1.12_k4.4.36_8-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-tools-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-tools-debuginfo-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-x11-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-guest-x11-debuginfo-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-host-kmp-default-5.1.12_k4.4.36_8-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-host-kmp-default-debuginfo-5.1.12_k4.4.36_8-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-host-source-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-qt-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-qt-debuginfo-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-websrv-5.1.12-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"virtualbox-websrv-debuginfo-5.1.12-6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualbox / python-virtualbox-debuginfo / virtualbox / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:24:56", "bulletinFamily": "scanner", "description": "A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount\nof memory and, possibly, exit unexpectedly after exhausting all\navailable memory, if it enabled OCSP stapling support.\n\nThe OpenSSL Security Advisory [22 Sep 2016] refers to additional CVEs.\nCVE-2016-6305 does not affect OpenSSL 1.0.1. The remaining CVEs listed\nwill be fixed in a later update.\n\nThe OpenSSL Security Advisory [26 Sep 2016] refers to two additional\nCVEs which do not affect OpenSSL 1.0.1.\n\n(Updated 2016-09-26: Included a reference to the 26 Sep 2016 upstream\nadvisory.)", "modified": "2018-04-18T00:00:00", "published": "2016-09-23T00:00:00", "id": "ALA_ALAS-2016-749.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=93665", "title": "Amazon Linux AMI : openssl (ALAS-2016-749)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-749.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93665);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-6304\");\n script_xref(name:\"ALAS\", value:\"2016-749\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2016-749)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount\nof memory and, possibly, exit unexpectedly after exhausting all\navailable memory, if it enabled OCSP stapling support.\n\nThe OpenSSL Security Advisory [22 Sep 2016] refers to additional CVEs.\nCVE-2016-6305 does not affect OpenSSL 1.0.1. The remaining CVEs listed\nwill be fixed in a later update.\n\nThe OpenSSL Security Advisory [26 Sep 2016] refers to two additional\nCVEs which do not affect OpenSSL 1.0.1.\n\n(Updated 2016-09-26: Included a reference to the 26 Sep 2016 upstream\nadvisory.)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20160922.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20160926.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-749.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.1k-15.95.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.1k-15.95.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.1k-15.95.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.1k-15.95.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.1k-15.95.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:25:34", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201612-27\n(VirtualBox: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in VirtualBox. Please\n review the CVE identifiers referenced below for details.\nImpact :\n\n Local attackers could cause a Denial of Service condition, execute\n arbitrary code, or escalate their privileges.\nWorkaround :\n\n There is no known workaround at this time.", "modified": "2018-09-04T00:00:00", "published": "2016-12-12T00:00:00", "id": "GENTOO_GLSA-201612-27.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=95695", "title": "GLSA-201612-27 : VirtualBox: Multiple vulnerabilities (Venom)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201612-27.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95695);\n script_version(\"3.2\");\n script_cvs_date(\"Date: 2018/09/04 13:20:07\");\n\n script_cve_id(\"CVE-2014-0981\", \"CVE-2014-0983\", \"CVE-2014-6588\", \"CVE-2014-6589\", \"CVE-2014-6590\", \"CVE-2014-6595\", \"CVE-2015-0377\", \"CVE-2015-0418\", \"CVE-2015-0427\", \"CVE-2015-3456\", \"CVE-2016-5608\", \"CVE-2016-5610\", \"CVE-2016-5611\", \"CVE-2016-5613\");\n script_xref(name:\"GLSA\", value:\"201612-27\");\n\n script_name(english:\"GLSA-201612-27 : VirtualBox: Multiple vulnerabilities (Venom)\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201612-27\n(VirtualBox: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in VirtualBox. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n Local attackers could cause a Denial of Service condition, execute\n arbitrary code, or escalate their privileges.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201612-27\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All VirtualBox users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-4.3.28'\n All VirtualBox-bin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-emulation/virtualbox-bin-4.3.28'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'VirtualBox 3D Acceleration Virtual Machine Escape');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:virtualbox-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/virtualbox\", unaffected:make_list(\"ge 4.3.28\"), vulnerable:make_list(\"lt 4.3.28\"))) flag++;\nif (qpkg_check(package:\"app-emulation/virtualbox-bin\", unaffected:make_list(\"ge 4.3.28\"), vulnerable:make_list(\"lt 4.3.28\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"VirtualBox\");\n}\n", "cvss": {"score": 7.7, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:25:16", "bulletinFamily": "scanner", "description": "Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2\nbefore 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause\na denial of service (memory consumption) via large OCSP Status Request\nextensions. (CVE-2016-6304)", "modified": "2019-01-04T00:00:00", "published": "2016-11-03T00:00:00", "id": "F5_BIGIP_SOL54211024.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=94479", "title": "F5 Networks BIG-IP : OpenSSL vulnerability (K54211024)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K54211024.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94479);\n script_version(\"2.14\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2016-6304\");\n\n script_name(english:\"F5 Networks BIG-IP : OpenSSL vulnerability (K54211024)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2\nbefore 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause\na denial of service (memory consumption) via large OCSP Status Request\nextensions. (CVE-2016-6304)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K54211024\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K54211024.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K54211024\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\",\"11.2.1\",\"10.2.1-10.2.4\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"111.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\",\"11.2.1\",\"10.2.1-10.2.4\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\",\"11.2.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\",\"11.2.1\",\"10.2.1-10.2.4\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\",\"11.2.1\",\"10.2.1-10.2.4\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\",\"11.2.1\",\"10.2.1-10.2.4\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.5.2-11.5.5\",\"11.6.0-11.6.1\",\"11.5.1HF3-11.5.1HF11\",\"11.5.0HF4-11.5.0HF7\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.6\",\"11.5.1-11.5.1HF2\",\"11.5.0-11.5.0HF3\",\"11.4.0-11.4.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:25:25", "bulletinFamily": "scanner", "description": "An update for openssl is now available for Red Hat Enterprise Linux\n6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced\nUpdate Support, Red Hat Enterprise Linux 6.5 Advanced Update Support,\nRed Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat\nEnterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux\n6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)\nand Transport Layer Security (TLS) protocols, as well as a\nfull-strength general-purpose cryptography library.\n\nSecurity Fix(es) :\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount\nof memory and, possibly, exit unexpectedly after exhausting all\navailable memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\nRed Hat would like to thank the OpenSSL project for reporting this\nissue. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as\nthe original reporter.", "modified": "2018-11-10T00:00:00", "published": "2016-11-17T00:00:00", "id": "REDHAT-RHSA-2016-2802.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=94937", "title": "RHEL 6 : openssl (RHSA-2016:2802)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2802. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94937);\n script_version(\"3.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:55\");\n\n script_cve_id(\"CVE-2016-6304\");\n script_xref(name:\"RHSA\", value:\"2016:2802\");\n\n script_name(english:\"RHEL 6 : openssl (RHSA-2016:2802)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for openssl is now available for Red Hat Enterprise Linux\n6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced\nUpdate Support, Red Hat Enterprise Linux 6.5 Advanced Update Support,\nRed Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat\nEnterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux\n6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)\nand Transport Layer Security (TLS) protocols, as well as a\nfull-strength general-purpose cryptography library.\n\nSecurity Fix(es) :\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount\nof memory and, possibly, exit unexpectedly after exhausting all\navailable memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\nRed Hat would like to thank the OpenSSL project for reporting this\nissue. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as\nthe original reporter.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20160922.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-6304\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6\\.2|6\\.4|6\\.5|6\\.6|6\\.7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.2 / 6.4 / 6.5 / 6.6 / 6.7\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2802\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{ sp = get_kb_item(\"Host/RedHat/minor_release\");\n if (isnull(sp)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\n\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"openssl-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"i686\", reference:\"openssl-1.0.1e-30.el6_6.13\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"openssl-1.0.0-27.el6_4.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"openssl-1.0.0-20.el6_2.9\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"openssl-1.0.1e-16.el6_5.17\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-30.el6_6.13\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1.0.0-27.el6_4.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"openssl-1.0.0-20.el6_2.9\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-16.el6_5.17\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"openssl-debuginfo-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"i686\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.13\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"openssl-debuginfo-1.0.0-27.el6_4.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"openssl-debuginfo-1.0.0-20.el6_2.9\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"openssl-debuginfo-1.0.1e-16.el6_5.17\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.13\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.0-27.el6_4.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.0-20.el6_2.9\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1e-16.el6_5.17\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"openssl-devel-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"i686\", reference:\"openssl-devel-1.0.1e-30.el6_6.13\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"openssl-devel-1.0.0-27.el6_4.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"openssl-devel-1.0.0-20.el6_2.9\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"openssl-devel-1.0.1e-16.el6_5.17\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-30.el6_6.13\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.0-27.el6_4.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.0-20.el6_2.9\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-16.el6_5.17\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"openssl-perl-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-30.el6_6.13\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.0-27.el6_4.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.0-20.el6_2.9\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-16.el6_5.17\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"openssl-static-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"openssl-static-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-30.el6_6.13\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-static-1.0.0-27.el6_4.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el6_7.6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"openssl-static-1.0.0-20.el6_2.9\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-16.el6_5.17\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:25:40", "bulletinFamily": "scanner", "description": "The remote host is running a version of Mac OS X 10.10.5 or 10.11.6\nthat is missing a security update. It is therefore, affected by\nmultiple vulnerabilities :\n\n - A denial of service vulnerability exists in the\n ssl_parse_clienthello_tlsext() function within file\n ssl/t1_lib.c when handling oversize OCSP Status Request\n extensions from clients. An unauthenticated, remote\n attacker can exploit this to cause memory exhaustion in\n a process linked with the library. (CVE-2016-6304)\n\n - A memory corruption issue exists in Bluetooth due to\n improper validation of user-supplied input. A local\n attacker can exploit this, via a specially crafted\n application, to cause a denial of service condition or\n the execution of arbitrary code with kernel level\n privileges. (CVE-2016-7596)\n\n - A NULL pointer dereference flaw exists in the\n CoreCapture component due to improper validation of\n user-supplied input. A local attacker can exploit this\n to cause a denial of service condition. (CVE-2016-7604)", "modified": "2018-07-14T00:00:00", "published": "2016-12-16T00:00:00", "id": "MACOSX_SECUPD2016-007.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=95918", "title": "Mac OS X Multiple Vulnerabilities (Security Updates 2016-003 / 2016-007)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95918);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2016-6304\",\n \"CVE-2016-7596\", \n \"CVE-2016-7604\"\n );\n script_bugtraq_id(\n 93150,\n 94903\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2016-12-13-1\");\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Updates 2016-003 / 2016-007)\");\n script_summary(english:\"Checks for the presence of Security Update 2016-003 and 2016-007.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.10.5 or 10.11.6\nthat is missing a security update. It is therefore, affected by\nmultiple vulnerabilities :\n\n - A denial of service vulnerability exists in the\n ssl_parse_clienthello_tlsext() function within file\n ssl/t1_lib.c when handling oversize OCSP Status Request\n extensions from clients. An unauthenticated, remote\n attacker can exploit this to cause memory exhaustion in\n a process linked with the library. (CVE-2016-6304)\n\n - A memory corruption issue exists in Bluetooth due to\n improper validation of user-supplied input. A local\n attacker can exploit this, via a specially crafted\n application, to cause a denial of service condition or\n the execution of arbitrary code with kernel level\n privileges. (CVE-2016-7596)\n\n - A NULL pointer dereference flaw exists in the\n CoreCapture component due to improper validation of\n user-supplied input. A local attacker can exploit this\n to cause a denial of service condition. (CVE-2016-7604)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT207423\");\n # http://lists.apple.com/archives/security-announce/2016/Dec/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?38dabd46\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2016-007 (OS X 10.10.5) / 2016-003 (OS X\n10.11.6) or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Compare 2 patch numbers to determine if patch requirements are satisfied.\n# Return true if this patch or a later patch is applied\n# Return false otherwise\nfunction check_patch(year, number)\n{\n local_var p_split = split(patch, sep:\"-\");\n local_var p_year = int( p_split[0]);\n local_var p_num = int( p_split[1]);\n\n if (year > p_year) return TRUE;\n else if (year < p_year) return FALSE;\n else if (number >= p_num) return TRUE;\n else return FALSE;\n}\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\nif (!ereg(pattern:\"Mac OS X 10\\.(10\\.5|11\\.6)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.10.5 or Mac OS X 10.11.6\");\n\nif ( \"10.10.5\" >< os) patch = \"2016-007\";\nelse if ( \"10.11.6\" >< os ) patch = \"2016-003\";\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nsec_boms_report = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.(security\\.|os\\.SecUpd).*bom$\", string:packages);\nsec_boms = split(sec_boms_report, sep:'\\n');\n\nforeach package (sec_boms)\n{\n # Grab patch year and number\n match = eregmatch(pattern:\"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]\", string:package);\n if (empty_or_null(match[1]) || empty_or_null(match[2]))\n continue;\n\n patch_found = check_patch(year:int(match[1]), number:int(match[2]));\n if (patch_found) exit(0, \"The host has Security Update \" + patch + \" or later installed and is therefore not affected.\");\n}\n\nreport = '\\n Missing security update : ' + patch;\nreport += '\\n Installed security BOMs : ';\nif (sec_boms_report) report += str_replace(find:'\\n', replace:'\\n ', string:sec_boms_report);\nelse report += 'n/a';\nreport += '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:32:48", "bulletinFamily": "scanner", "description": "The version of Arista Networks EOS running on the remote device is\naffected by multiple vulnerabilities in the included OpenSSL library :\n\n - An information disclosure vulnerability exists in the\n dsa_sign_setup() function in dsa_ossl.c due to a failure\n to properly ensure the use of constant-time operations.\n An unauthenticated, remote attacker can exploit this,\n via a timing side-channel attack, to disclose DSA key\n information. (CVE-2016-2178)\n\n - A vulnerability exists, known as SWEET32, in the 3DES\n and Blowfish algorithms due to the use of weak 64-bit\n block ciphers by default. A man-in-the-middle attacker\n who has sufficient resources can exploit this\n vulnerability, via a 'birthday' attack, to detect a\n collision that leaks the XOR between the fixed secret\n and a known plaintext, allowing the disclosure of the\n secret text, such as secure HTTPS cookies, and possibly\n resulting in the hijacking of an authenticated session.\n (CVE-2016-2183)\n\n - A flaw exists in the ssl_parse_clienthello_tlsext()\n function in t1_lib.c due to improper handling of overly\n large OCSP Status Request extensions from clients. An\n unauthenticated, remote attacker can exploit this, via\n large OCSP Status Request extensions, to exhaust memory\n resources, resulting in a denial of service condition.\n (CVE-2016-6304)", "modified": "2018-08-09T00:00:00", "published": "2018-02-28T00:00:00", "id": "ARISTA_EOS_SA0024_4_17.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=107067", "title": "Arista Networks EOS 4.17 Multiple Vulnerabilities (SA0024) (SWEET32)", "type": "nessus", "sourceData": "#TRUSTED 4ebc246e91949e32ea270a020158e4cd3a5a7ccca5412553ab0ac197ea010f0775b3ccb2f26154828fc0801ec376c89a5b57cc1625427cbdb43662c77fe9139b5bf9ca6b2075f2b3c0b8cfa93f6636a9f41bb311e53263c395b3aeed6f8e71b3c459e79afad63432454349373471132cc0693e31f2e58016617e2b798248c0b729c253dba9878abff862671bfceafd9fdc5b4b3f2fd4fca5d62aa2b3bcceeb365727ca603f9dba3dfff99b5170eaeca1dd01377f5e5a716efdbbe45f1740d7613c5b2b6526e261b5cb3d81bf6b112ff9c0092cae9ee0ac24a0985db334e0fec675d4c761bc46b7b5f48ab67369d21336f247285a7c30896e83cfccf5a8c186be67fd0bc79e0842743b70eff387cdfa5b70cb5750b35a2d8f4a8f7bff08b6336ae47f3cd2c8b3b7de329536401c3f893e08e29ad49a334345b7dea28c061a6d7597189b1fc44fa43416386fb8a92927413e5cb92f1f1277d6ec6c8b68b418dab540bbf9286fcfb161287c37e7b698fe17608771a2320325177bff9181cddc25e3bac68aee778e084ecead67ed0acf8700444040dfd04efc465ae908e9df501dac79801614a4f6221699774a96f75c1f0831e8d2f593482a2a248df11dc4a8500ccfec0dd47324c6f26b74e63d16897bee3e04f45711a7995d505cdbfc28bc376237c272a1d9a526b8dbea9585cf4027d2f0ad5396b829d73a21923618c81ec8a4\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(107067);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2018/08/09\");\n\n script_cve_id(\n \"CVE-2016-2178\",\n \"CVE-2016-2183\",\n \"CVE-2016-6304\"\n );\n script_bugtraq_id(\n 91081,\n 92630,\n 93150\n );\n\n script_name(english:\"Arista Networks EOS 4.17 Multiple Vulnerabilities (SA0024) (SWEET32)\");\n script_summary(english:\"Checks the Arista Networks EOS version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Arista Networks EOS running on the remote device is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Arista Networks EOS running on the remote device is\naffected by multiple vulnerabilities in the included OpenSSL library :\n\n - An information disclosure vulnerability exists in the\n dsa_sign_setup() function in dsa_ossl.c due to a failure\n to properly ensure the use of constant-time operations.\n An unauthenticated, remote attacker can exploit this,\n via a timing side-channel attack, to disclose DSA key\n information. (CVE-2016-2178)\n\n - A vulnerability exists, known as SWEET32, in the 3DES\n and Blowfish algorithms due to the use of weak 64-bit\n block ciphers by default. A man-in-the-middle attacker\n who has sufficient resources can exploit this\n vulnerability, via a 'birthday' attack, to detect a\n collision that leaks the XOR between the fixed secret\n and a known plaintext, allowing the disclosure of the\n secret text, such as secure HTTPS cookies, and possibly\n resulting in the hijacking of an authenticated session.\n (CVE-2016-2183)\n\n - A flaw exists in the ssl_parse_clienthello_tlsext()\n function in t1_lib.c due to improper handling of overly\n large OCSP Status Request extensions from clients. An\n unauthenticated, remote attacker can exploit this, via\n large OCSP Status Request extensions, to exhaust memory\n resources, resulting in a denial of service condition.\n (CVE-2016-6304)\");\n # https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24\n script_set_attribute( attribute:\"see_also\", value:\"http://www.nessus.org/u?0310cb92\");\n script_set_attribute( attribute:\"see_also\", value:\"https://sweet32.info\");\n script_set_attribute( attribute:\"see_also\", value:\"https://www.openssl.org/blog/blog/2016/08/24/sweet32/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Contact the vendor for a fixed version. Alternatively, apply the\nrecommended mitigations referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:arista:eos\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"arista_eos_detect.nbin\");\n script_require_keys(\"Host/Arista-EOS/Version\", \"Host/Arista-EOS/eos_shell\");\n\n exit(0);\n}\n\n\ninclude(\"arista_eos_func.inc\");\n\nversion = get_kb_item_or_exit(\"Host/Arista-EOS/Version\");\n\nvmatrix = make_array();\nvmatrix[\"F\"] = make_list(\"4.17.0<=4.17.1.1\");\nvmatrix[\"misc\"] = make_list(\"4.17.1FX-VRRP6LL\");\n\nif (eos_is_affected(vmatrix:vmatrix, version:version))\n{\n security_report_v4(severity:SECURITY_HOLE, port:0, extra:eos_report_get());\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Arista Networks EOS\", version);\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-10-22T16:36:57", "bulletinFamily": "scanner", "description": "This host is installed with Oracle VM\n VirtualBox and is prone to multiple security bypass and denial of service\n vulnerabilities.", "modified": "2018-10-17T00:00:00", "published": "2016-10-21T00:00:00", "id": "OPENVAS:1361412562310809076", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809076", "title": "Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_virtualbox_mult_sec_bypass_n_dos_vuln_lin.nasl 11938 2018-10-17 10:08:39Z asteins $\n#\n# Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809076\");\n script_version(\"$Revision: 11938 $\");\n script_cve_id(\"CVE-2016-5501\", \"CVE-2016-6304\", \"CVE-2016-5610\", \"CVE-2016-5538\",\n \"CVE-2016-5613\", \"CVE-2016-5611\", \"CVE-2016-5608\");\n script_bugtraq_id(93687, 93150, 93711, 93697, 93728, 93744, 93718);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-17 12:08:39 +0200 (Wed, 17 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 14:40:28 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM\n VirtualBox and is prone to multiple security bypass and denial of service\n vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws are due to multiple\n unspecified errors in core and openssl component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to gain elevated privileges, to partially access and modify data\n and cause partial denial of service conditions.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions prior to 5.0.28 and\n prior to 5.1.8 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox version\n 5.0.28 or 5.1.8 or later on Linux.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_sun_virtualbox_detect_lin.nasl\");\n script_mandatory_keys(\"Sun/VirtualBox/Lin/Ver\");\n script_xref(name:\"URL\", value:\"https://www.virtualbox.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!virtualVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(virtualVer =~ \"^5\\.0\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.0.28\"))\n {\n fix = \"5.0.28\";\n VULN = TRUE;\n }\n}\n\nelse if(virtualVer =~ \"^5\\.1\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.1.8\"))\n {\n fix = \"5.1.8\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:virtualVer, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-26T14:40:09", "bulletinFamily": "scanner", "description": "This host is installed with Oracle VM\n VirtualBox and is prone to multiple security bypass and denial of service\n vulnerabilities.", "modified": "2018-10-25T00:00:00", "published": "2016-10-21T00:00:00", "id": "OPENVAS:1361412562310809075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809075", "title": "Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_virtualbox_mult_sec_bypass_n_dos_vuln_win.nasl 12096 2018-10-25 12:26:02Z asteins $\n#\n# Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809075\");\n script_version(\"$Revision: 12096 $\");\n script_cve_id(\"CVE-2016-5501\", \"CVE-2016-6304\", \"CVE-2016-5610\", \"CVE-2016-5538\",\n \"CVE-2016-5613\", \"CVE-2016-5611\", \"CVE-2016-5608\");\n script_bugtraq_id(93687, 93150, 93711, 93697, 93728, 93744, 93718);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-25 14:26:02 +0200 (Thu, 25 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 14:40:28 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM\n VirtualBox and is prone to multiple security bypass and denial of service\n vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws are due to multiple\n unspecified errors in core and openssl component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to gain elevated privileges, to partially access and modify data\n and cause partial denial of service conditions.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions prior to 5.0.28 and\n prior to 5.1.8 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox version\n 5.0.28 or 5.1.8 or later on Windows.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_sun_virtualbox_detect_win.nasl\");\n script_mandatory_keys(\"Oracle/VirtualBox/Win/Ver\");\n script_xref(name:\"URL\", value:\"https://www.virtualbox.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!virtualVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(virtualVer =~ \"^5\\.0\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.0.28\"))\n {\n fix = \"5.0.28\";\n VULN = TRUE;\n }\n}\n\nelse if(virtualVer =~ \"^5\\.1\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.1.8\"))\n {\n fix = \"5.1.8\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:virtualVer, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-24T18:37:59", "bulletinFamily": "scanner", "description": "This host is installed with Oracle VM\n VirtualBox and is prone to multiple security bypass and denial of service\n vulnerabilities.", "modified": "2018-10-24T00:00:00", "published": "2016-10-21T00:00:00", "id": "OPENVAS:1361412562310809077", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809077", "title": "Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_virtualbox_mult_sec_bypass_n_dos_vuln_macosx.nasl 12051 2018-10-24 09:14:54Z asteins $\n#\n# Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809077\");\n script_version(\"$Revision: 12051 $\");\n script_cve_id(\"CVE-2016-5501\", \"CVE-2016-6304\", \"CVE-2016-5610\", \"CVE-2016-5538\",\n \"CVE-2016-5613\", \"CVE-2016-5611\", \"CVE-2016-5608\");\n script_bugtraq_id(93687, 93150, 93711, 93697, 93728, 93744, 93718);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-24 11:14:54 +0200 (Wed, 24 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 14:40:28 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Oracle Virtualbox Multiple Security Bypass And DoS Vulnerabilities (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM\n VirtualBox and is prone to multiple security bypass and denial of service\n vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws are due to multiple\n unspecified errors in core and openssl component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to gain elevated privileges, to partially access and modify data\n and cause partial denial of service conditions.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions prior to 5.0.28 and\n prior to 5.1.8 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox version\n 5.0.28 or 5.1.8 or later on Mac OS X.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_oracle_virtualbox_detect_macosx.nasl\");\n script_mandatory_keys(\"Oracle/VirtualBox/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"https://www.virtualbox.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!virtualVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(virtualVer =~ \"^5\\.0\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.0.28\"))\n {\n fix = \"5.0.28\";\n VULN = TRUE;\n }\n}\n\nelse if(virtualVer =~ \"^5\\.1\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.1.8\"))\n {\n fix = \"5.1.8\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:virtualVer, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-24T18:37:29", "bulletinFamily": "scanner", "description": "Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.", "modified": "2018-10-24T00:00:00", "published": "2016-11-03T00:00:00", "id": "OPENVAS:1361412562310140048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310140048", "title": "F5 BIG-IP - SOL54211024 - OpenSSL vulnerability CVE-2016-6304", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_f5_big_ip_sol54211024.nasl 12051 2018-10-24 09:14:54Z asteins $\n#\n# F5 BIG-IP - SOL54211024 - OpenSSL vulnerability CVE-2016-6304\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.140048\");\n script_cve_id(\"CVE-2016-6304\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"$Revision: 12051 $\");\n\n script_name(\"F5 BIG-IP - SOL54211024 - OpenSSL vulnerability CVE-2016-6304\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/kb/en-us/solutions/public/k/54/sol54211024.html\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n script_tag(name:\"summary\", value:\"Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-24 11:14:54 +0200 (Wed, 24 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-03 10:24:33 +0100 (Thu, 03 Nov 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_require_ports(\"Services/ssh\", 22);\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\ncheck_f5['LTM'] = make_array( 'affected', '12.0.0-12.1.1;11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;11.2.1;10.2.1-10.2.4;');\n\ncheck_f5['AAM'] = make_array( 'affected', '12.0.0-12.1.1;11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;');\n\ncheck_f5['AFM'] = make_array( 'affected', '12.0.0-12.1.1;11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;');\n\ncheck_f5['AVR'] = make_array( 'affected', '12.0.0-12.1.1;11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;11.2.1;');\n\ncheck_f5['APM'] = make_array( 'affected', '12.0.0-12.1.1;11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;11.2.1;10.2.1-10.2.4;');\n\ncheck_f5['ASM'] = make_array( 'affected', '12.0.0-12.1.1;11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;11.2.1;10.2.1-10.2.4;');\n\ncheck_f5['GTM'] = make_array( 'affected', '11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;11.2.1;10.2.1-10.2.4;');\n\ncheck_f5['LC'] = make_array( 'affected', '12.0.0-12.1.1;11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;11.2.1;10.2.1-10.2.4;');\n\ncheck_f5['PEM'] = make_array( 'affected', '12.0.0-12.1.1;11.5.2-11.6.1;11.5.1_HF3-HF11;11.5.0_HF4-HF7;',\n 'unaffected', '11.5.1-11.5.1_HF2;11.5.0-11.5.0_HF3;11.4.0-11.4.1;');\n\nif( report = is_f5_vulnerable( ca:check_f5, version:version ) )\n{\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-24T18:37:44", "bulletinFamily": "scanner", "description": "This host is installed with Oracle VM\n VirtualBox and is prone to a privilege escalation vulnerability.", "modified": "2018-10-24T00:00:00", "published": "2016-10-21T00:00:00", "id": "OPENVAS:1361412562310809080", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809080", "title": "Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_virtualbox_vrde_priv_esc_vuln_macosx.nasl 12051 2018-10-24 09:14:54Z asteins $\n#\n# Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809080\");\n script_version(\"$Revision: 12051 $\");\n script_cve_id(\"CVE-2016-5605\");\n script_bugtraq_id(93685);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-24 11:14:54 +0200 (Wed, 24 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 14:40:28 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM\n VirtualBox and is prone to a privilege escalation vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an unspecified error in\n VirtualBox Remote Desktop Extension (VRDE) sub component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to access and modify data.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions prior to 5.1.4 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox version\n 5.1.4 or later on Mac OS X.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_oracle_virtualbox_detect_macosx.nasl\");\n script_mandatory_keys(\"Oracle/VirtualBox/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"https://www.virtualbox.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!virtualVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(virtualVer =~ \"^5\\.1\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.1.4\"))\n {\n report = report_fixed_ver(installed_version:virtualVer, fixed_version:\"5.1.4\");\n security_message(data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-30T12:37:58", "bulletinFamily": "scanner", "description": "This host is installed with Oracle VM\n VirtualBox and is prone to a privilege escalation vulnerability.", "modified": "2018-10-29T00:00:00", "published": "2016-10-21T00:00:00", "id": "OPENVAS:1361412562310809079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809079", "title": "Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_virtualbox_vrde_priv_esc_vuln_lin.nasl 12149 2018-10-29 10:48:30Z asteins $\n#\n# Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809079\");\n script_version(\"$Revision: 12149 $\");\n script_cve_id(\"CVE-2016-5605\");\n script_bugtraq_id(93685);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-29 11:48:30 +0100 (Mon, 29 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 14:40:28 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM\n VirtualBox and is prone to a privilege escalation vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an unspecified error in\n VirtualBox Remote Desktop Extension (VRDE) sub component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to access and modify data.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions prior to 5.1.4 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox version\n 5.1.4 or later on Linux.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_sun_virtualbox_detect_lin.nasl\");\n script_mandatory_keys(\"Sun/VirtualBox/Lin/Ver\");\n script_xref(name:\"URL\", value:\"https://www.virtualbox.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!virtualVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(virtualVer =~ \"^5\\.1\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.1.4\"))\n {\n report = report_fixed_ver(installed_version:virtualVer, fixed_version:\"5.1.4\");\n security_message(data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-30T12:38:31", "bulletinFamily": "scanner", "description": "This host is installed with Oracle VM\n VirtualBox and is prone to a privilege escalation vulnerability.", "modified": "2018-10-29T00:00:00", "published": "2016-10-21T00:00:00", "id": "OPENVAS:1361412562310809078", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809078", "title": "Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_virtualbox_vrde_priv_esc_vuln_win.nasl 12149 2018-10-29 10:48:30Z asteins $\n#\n# Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809078\");\n script_version(\"$Revision: 12149 $\");\n script_cve_id(\"CVE-2016-5605\");\n script_bugtraq_id(93685);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-29 11:48:30 +0100 (Mon, 29 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-21 14:40:28 +0530 (Fri, 21 Oct 2016)\");\n script_name(\"Oracle Virtualbox VRDE Privilege Escalation Vulnerability (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM\n VirtualBox and is prone to a privilege escalation vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an unspecified error in\n VirtualBox Remote Desktop Extension (VRDE) sub component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to access and modify data.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions prior to 5.1.4 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox version\n 5.1.4 or later on Windows.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_sun_virtualbox_detect_win.nasl\");\n script_mandatory_keys(\"Oracle/VirtualBox/Win/Ver\");\n script_xref(name:\"URL\", value:\"https://www.virtualbox.org\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!virtualVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(virtualVer =~ \"^5\\.1\\.\")\n{\n if(version_is_less(version:virtualVer, test_version:\"5.1.4\"))\n {\n report = report_fixed_ver(installed_version:virtualVer, fixed_version:\"5.1.4\");\n security_message(data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-14T14:50:34", "bulletinFamily": "scanner", "description": "This host is running OpenSSL and prone to denial of service vulnerability.", "modified": "2018-11-13T00:00:00", "published": "2016-09-26T00:00:00", "id": "OPENVAS:1361412562310107051", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107051", "title": "OpenSSL OCSP Status Request extension unbounded memory growth Vulnerability (Windows)", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_oscp_dos_win.nasl 12338 2018-11-13 14:51:17Z asteins $\n# OpenSSL OCSP Status Request extension unbounded memory growth vulnerability (Windows)\n#\n# Authors:\n# Tameem Eissa <tameem.eissa..at..greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107051\");\n script_version(\"$Revision: 12338 $\");\n script_cve_id(\"CVE-2016-6304\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-13 15:51:17 +0100 (Tue, 13 Nov 2018) $\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"creation_date\", value:\"2016-09-26 06:40:16 +0200 (Mon, 26 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_name(\"OpenSSL OCSP Status Request extension unbounded memory growth Vulnerability (Windows)\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20160922.txt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"OpenSSL/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/www\", 80);\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and prone to denial of service vulnerability.\");\n script_tag(name:\"insight\", value:\"OpenSSL suffers from the possibility of DoS attack through sending a large OCSP Status Request extensions which lead to unbounded memory growth on the server which in turn lead to denial of service.\");\n script_tag(name:\"impact\", value:\"Successful exploitation could result in service crash.\");\n script_tag(name:\"affected\", value:\"OpenSSL 1.1.0 and previous versions.\");\n script_tag(name:\"solution\", value:\"OpenSSL 1.1.0 users should upgrade to 1.1.0a. OpenSSL 1.0.2 users should upgrade to 1.0.2i. OpenSSL 1.0.1 users should upgrade to 1.0.1u.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!sslVer = get_app_version(cpe:CPE))\n{\n exit(0);\n}\n\nif(sslVer =~ \"^(1\\.1\\.0)\" && version_is_less(version:sslVer, test_version:\"1.1.0a\"))\n{\n fix = \"1.1.0a\";\n VUL = TRUE;\n}\nelse if (sslVer =~ \"^(1\\.0\\.2)\" && version_is_less( version:sslVer, test_version:\"1.0.2i\"))\n{\n fix = \"1.0.2i\";\n VUL = TRUE;\n}\nelse if (sslVer =~ \"^(1\\.0\\.1)\" && version_is_less( version:sslVer, test_version:\"1.0.1u\"))\n{\n fix = \"1.0.1u\";\n VUL = TRUE;\n}\n\nif (VUL)\n{\n report = report_fixed_ver(installed_version:sslVer, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-25T16:16:06", "bulletinFamily": "scanner", "description": "This host is running OpenSSL and prone to denial of service vulnerability.", "modified": "2018-09-25T00:00:00", "published": "2016-09-26T00:00:00", "id": "OPENVAS:1361412562310107050", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107050", "title": "OpenSSL OCSP Status Request extension unbounded memory growth Vulnerability (Linux)", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_oscp_dos_lin.nasl 11596 2018-09-25 09:49:46Z asteins $\n# OpenSSL OCSP Status Request extension unbounded memory growth Vulnerability (Linux)\n#\n# Authors:\n# Tameem Eissa <tameem.eissa..at..greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107050\");\n script_version(\"$Revision: 11596 $\");\n script_cve_id(\"CVE-2016-6304\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-25 11:49:46 +0200 (Tue, 25 Sep 2018) $\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"creation_date\", value:\"2016-09-26 06:40:16 +0200 (Mon, 26 Sep 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_name(\"OpenSSL OCSP Status Request extension unbounded memory growth Vulnerability (Linux)\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20160922.txt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"OpenSSL/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 80);\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and prone to denial of service vulnerability.\");\n script_tag(name:\"insight\", value:\"OpenSSL suffers from the possibility of DoS attack through sending a large OCSP Status Request extensions which lead to unbounded memory growth on the server which in turn lead to denial of service.\");\n script_tag(name:\"impact\", value:\"Successful exploitation could result in service crash.\");\n script_tag(name:\"affected\", value:\"OpenSSL 1.1.0 and previous versions.\");\n script_tag(name:\"solution\", value:\"OpenSSL 1.1.0 users should upgrade to 1.1.0a. OpenSSL 1.0.2 users should upgrade to 1.0.2i. OpenSSL 1.0.1 users should upgrade to 1.0.1u.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!sslVer = get_app_version(cpe:CPE))\n{\n exit(0);\n}\n\nif(sslVer =~ \"^(1\\.1\\.0)\" && version_is_less(version:sslVer, test_version:\"1.1.0a\"))\n{\n fix = \"1.1.0a\";\n VUL = TRUE;\n}\nelse if (sslVer =~ \"^(1\\.0\\.2)\" && version_is_less( version:sslVer, test_version:\"1.0.2i\"))\n{\n fix = \"1.0.2i\";\n VUL = TRUE;\n}\nelse if (sslVer =~ \"^(1\\.0\\.1)\" && version_is_less( version:sslVer, test_version:\"1.0.1u\"))\n{\n fix = \"1.0.1u\";\n VUL = TRUE;\n}\n\nif (VUL)\n{\n report = report_fixed_ver(installed_version:sslVer, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:36:40", "bulletinFamily": "scanner", "description": "This host is running Oracle MySQL and is\n prone to an unspecified vulnerability.", "modified": "2018-10-19T00:00:00", "published": "2016-10-19T00:00:00", "id": "OPENVAS:1361412562310809376", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809376", "title": "Oracle MySQL Security Updates (oct2016-2881722) 04 - Windows", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mysql_oct2016-2881722_04_win.nasl 11989 2018-10-19 11:25:26Z cfischer $\n#\n# Oracle MySQL Security Updates (oct2016-2881722) 04 - Windows\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809376\");\n script_version(\"$Revision: 11989 $\");\n script_cve_id(\"CVE-2016-6304\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-19 13:25:26 +0200 (Fri, 19 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-19 15:49:26 +0530 (Wed, 19 Oct 2016)\");\n script_name(\"Oracle MySQL Security Updates (oct2016-2881722) 04 - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is running Oracle MySQL and is\n prone to an unspecified vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to improper validation of\n large OCSP Status Request extensions.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to cause a denial of service\n (memory consumption).\");\n\n script_tag(name:\"affected\", value:\"Oracle Mysql version 5.6.33 and earlier,\n 5.7.15 and earlier on Windows\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/mysql\", 3306);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!sqlPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!mysqlVer = get_app_version(cpe:CPE, port:sqlPort)){\n exit(0);\n}\n\nif(version_in_range(version:mysqlVer, test_version:\"5.6\", test_version2:\"5.6.33\") ||\n version_in_range(version:mysqlVer, test_version:\"5.7\", test_version2:\"5.7.15\"))\n{\n report = report_fixed_ver(installed_version:mysqlVer, fixed_version: \"Apply the patch\");\n security_message(data:report, port:sqlPort);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cve": [{"lastseen": "2017-07-29T10:54:43", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501.", "modified": "2017-07-28T21:34:10", "published": "2016-10-25T10:30:14", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5538", "id": "CVE-2016-5538", "type": "cve", "title": "CVE-2016-5538", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-29T10:54:44", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core.", "modified": "2017-07-28T21:34:13", "published": "2016-10-25T10:31:23", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5610", "id": "CVE-2016-5610", "type": "cve", "title": "CVE-2016-5610", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-29T10:54:43", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5613.", "modified": "2017-07-28T21:34:13", "published": "2016-10-25T10:31:21", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5608", "id": "CVE-2016-5608", "type": "cve", "title": "CVE-2016-5608", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-29T10:54:44", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5608.", "modified": "2017-07-28T21:34:14", "published": "2016-10-25T10:31:28", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5613", "id": "CVE-2016-5613", "type": "cve", "title": "CVE-2016-5613", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-29T10:54:44", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core.", "modified": "2017-07-28T21:34:13", "published": "2016-10-25T10:31:25", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5611", "id": "CVE-2016-5611", "type": "cve", "title": "CVE-2016-5611", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-29T10:54:43", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE.", "modified": "2017-07-28T21:34:13", "published": "2016-10-25T10:31:17", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5605", "id": "CVE-2016-5605", "type": "cve", "title": "CVE-2016-5605", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-29T10:54:43", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5538.", "modified": "2017-07-28T21:34:10", "published": "2016-10-25T10:29:36", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5501", "id": "CVE-2016-5501", "type": "cve", "title": "CVE-2016-5501", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T11:10:29", "bulletinFamily": "NVD", "description": "Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.", "modified": "2018-04-19T21:29:16", "published": "2016-09-26T15:59:00", "id": "CVE-2016-6304", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6304", "type": "cve", "title": "CVE-2016-6304", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "f5": [{"lastseen": "2019-02-16T04:37:23", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned IDs 621935 (BIG-IP) and ID 621413 (BIG-IQ and F5 iWorkflow) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H54211024 on the **Diagnostics** &gt; **Identified** &gt; **High** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 - 12.1.2 \n11.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 \n11.2.1 \n10.2.1 - 10.2.4 | High | The **big3d **data collection agent \nBIG-IP AAM | 12.0.0 - 12.1.2 \n11.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 | High | The **big3d **data collection agent \nBIG-IP AFM | 12.0.0 - 12.1.2 \n11.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 | High | The **big3d **data collection agent \nBIG-IP Analytics | 12.0.0 - 12.1.2 \n11.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 \n11.2.1 | High | The **big3d **data collection agent \nBIG-IP APM | 12.0.0 - 12.1.2 \n11.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 \n11.2.1 \n10.2.1 - 10.2.4 | High | The **big3d **data collection agent \nBIG-IP ASM | 12.0.0 - 12.1.2 \n111.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 \n11.2.1 \n10.2.1 - 10.2.4 | High | The **big3d **data collection agent \nBIG-IP DNS | 12.0.0 - 12.1.2 | 13.0.0 \n12.1.2 HF1 | High | The **big3d **data collection agent \nBIG-IP Edge Gateway | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP GTM | 11.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 \n11.2.1 \n10.2.1 - 10.2.4 | High | The **big3d **data collection agent \nBIG-IP Link Controller | 12.0.0 - 12.1.2 \n11.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 \n11.2.1 \n10.2.1 - 10.2.4 | High | The **big3d **data collection agent \nBIG-IP PEM | 12.0.0 - 12.1.2 \n11.5.2 - 11.5.5 \n11.6.0 - 11.6.1 \n11.5.1 HF3 - HF11 \n11.5.0 HF4 - HF7 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 \n11.5.1 - 11.5.1 HF2 \n11.5.0 - 11.5.0 HF3 \n11.4.0 - 11.4.1 | High | The **big3d **data collection agent \nBIG-IP PSM | None | 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP WebSafe | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | 13.0.0 \n12.1.2 HF1 \n11.6.2 | High | The **big3d **data collection agent \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable | None \nBIG-IQ Cloud | 4.4.0 - 4.5.0 | 4.2.0 - 4.3.0 | High | The **webd** process \nBIG-IQ Device | 4.4.0 - 4.5.0 | 4.2.0 - 4.3.0 | High | The **webd** process \nBIG-IQ Security | 4.4.0 - 4.5.0 | 4.2.0 - 4.3.0 | High | The **webd** process \nBIG-IQ ADC | 4.5.0 | None | High | The **webd** process \nBIG-IQ Centralized Management | 5.0.0 - 5.1.0 \n4.6.0 | 5.2.0 - 5.4.0 | High | The **webd** process \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | High | The **webd** process \nF5 iWorkflow | 2.0.0 - 2.3.0 | None | Medium | The **webd** process \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nTo mitigate this vulnerability, you can restrict network access to the **big3d** network port, TCP 4353.\n\n**Impact of action:** TCP port 4353 is used to transfer sync-group data between BIG-IP devices. You should test any changes to ensure compatibility in your environment.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K13703: Overview of big3d version management](<https://support.f5.com/csp/article/K13703>)\n * [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>)\n", "modified": "2018-04-16T19:10:00", "published": "2016-11-02T22:07:00", "id": "F5:K54211024", "href": "https://support.f5.com/csp/article/K54211024", "title": "OpenSSL vulnerability CVE-2016-6304", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-12-03T01:27:33", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to SOL21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems.\n\nMitigation\n\nTo mitigate this vulnerability, you can restrict network access to the **big3d** network port, TCP 4353.\n\n**Impact of action:** TCP port 4353 is used to transfer sync-group data between BIG-IP devices. Any changes should be tested to ensure compatibility in your environment.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL13703: Overview of big3d version management\n * SOL13092: Overview of securing access to the BIG-IP system\u00c2 \n", "modified": "2016-11-11T00:00:00", "published": "2016-11-02T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/54/sol54211024.html", "id": "SOL54211024", "type": "f5", "title": "SOL54211024 - OpenSSL vulnerability CVE-2016-6304", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openssl": [{"lastseen": "2016-10-10T13:22:34", "bulletinFamily": "software", "description": "A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the \"no-ocsp\" build time option are not affected. Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support. Reported by Shi Lei (Gear Team, Qihoo 360 Inc.) on 29th August 2016.", "modified": "2016-09-22T00:00:00", "published": "2016-09-22T00:00:00", "id": "OPENSSL:CVE-2016-6304", "href": "https://www.openssl.org/news/vulnerabilities.html", "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2016-6304)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "zdt": [{"lastseen": "2018-04-04T17:29:11", "bulletinFamily": "exploit", "description": "Multiple memory leaks in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.The exploit allows to take advantage of this vulnerability. When successfully exploited, the vulnerability causes the server to crash or slow down.#### Usage Info\nSee description inserted into the exploit code or http://www.dailymotion.com/video/x4yewbs_cve-2016-6304_tech\n\nThis is private exploit. You can buy it at https://0day.today", "modified": "2016-10-21T00:00:00", "published": "2016-10-21T00:00:00", "href": "https://0day.today/exploit/description/25942", "id": "1337DAY-ID-25942", "title": "OpenSSL OCSP Status Request Extension Unbounded Memory Growth Vulnerability", "type": "zdt", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}], "gentoo": [{"lastseen": "2016-12-12T05:58:32", "bulletinFamily": "unix", "description": "### Background\n\nVirtualBox is a powerful virtualization product from Oracle.\n\n### Description\n\nMultiple vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nLocal attackers could cause a Denial of Service condition, execute arbitrary code, or escalate their privileges. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll VirtualBox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/virtualbox-4.3.28\"\n \n\nAll VirtualBox-bin users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-emulation/virtualbox-bin-4.3.28\"", "modified": "2016-12-11T00:00:00", "published": "2016-12-11T00:00:00", "href": "https://security.gentoo.org/glsa/201612-27", "id": "GLSA-201612-27", "title": "VirtualBox: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 7.7, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:41:00", "bulletinFamily": "unix", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\nRed Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter.", "modified": "2016-11-17T17:58:19", "published": "2016-11-17T17:52:35", "id": "RHSA-2016:2802", "href": "https://access.redhat.com/errata/RHSA-2016:2802", "type": "redhat", "title": "(RHSA-2016:2802) Important: openssl security update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:42:53", "bulletinFamily": "unix", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release includes bug fixes as well as a new release of OpenSSL. For further information, see the knowledge base article linked to in the References section. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system. (CVE-2016-2178)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients. (CVE-2016-8610)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.", "modified": "2018-06-07T02:39:08", "published": "2017-06-28T23:58:57", "id": "RHSA-2017:1658", "href": "https://access.redhat.com/errata/RHSA-2017:1658", "type": "redhat", "title": "(RHSA-2017:1658) Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:43:06", "bulletinFamily": "unix", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2.1.2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat's handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.", "modified": "2018-06-07T02:42:47", "published": "2017-08-21T19:21:19", "id": "RHSA-2017:2493", "href": "https://access.redhat.com/errata/RHSA-2017:2493", "type": "redhat", "title": "(RHSA-2017:2493) Important: Red Hat JBoss Web Server 2 security update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:41:06", "bulletinFamily": "unix", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat's handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)", "modified": "2018-06-07T02:42:54", "published": "2017-07-25T20:31:15", "id": "RHSA-2017:1801", "href": "https://access.redhat.com/errata/RHSA-2017:1801", "type": "redhat", "title": "(RHSA-2017:1801) Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-08-21T16:13:27", "bulletinFamily": "unix", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2.1.2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat's handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.", "modified": "2017-08-21T19:22:08", "published": "2017-08-21T19:21:48", "id": "RHSA-2017:2494", "href": "https://access.redhat.com/errata/RHSA-2017:2494", "type": "redhat", "title": "(RHSA-2017:2494) Important: Red Hat JBoss Web Server 2 security update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T22:57:51", "bulletinFamily": "unix", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release includes bug fixes as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system. (CVE-2016-2178)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients. (CVE-2016-8610)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.", "modified": "2017-07-25T00:07:41", "published": "2017-06-28T23:59:12", "id": "RHSA-2017:1659", "href": "https://access.redhat.com/errata/RHSA-2017:1659", "type": "redhat", "title": "(RHSA-2017:1659) Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:45:01", "bulletinFamily": "unix", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat's handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)", "modified": "2017-12-19T18:18:19", "published": "2017-07-25T21:45:08", "id": "RHSA-2017:1802", "href": "https://access.redhat.com/errata/RHSA-2017:1802", "type": "redhat", "title": "(RHSA-2017:1802) Important: Red Hat JBoss Web Server Service Pack 1 security update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:42:46", "bulletinFamily": "unix", "description": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. (CVE-2016-0736)\n\n* It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication. (CVE-2016-2161)\n\n* A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys. (CVE-2016-7056)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\n* It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)\n\n* A vulnerability was found in httpd's handling of the LimitRequestFields directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash. (CVE-2016-8740)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.", "modified": "2017-06-07T21:36:42", "published": "2017-06-07T21:33:56", "id": "RHSA-2017:1414", "href": "https://access.redhat.com/errata/RHSA-2017:1414", "type": "redhat", "title": "(RHSA-2017:1414) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 6", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:28", "bulletinFamily": "unix", "description": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. (CVE-2016-0736)\n\n* It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication. (CVE-2016-2161)\n\n* A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys. (CVE-2016-7056)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\n* It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)\n\n* A vulnerability was found in httpd's handling of the LimitRequestFields directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash. (CVE-2016-8740)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.", "modified": "2017-06-07T21:35:54", "published": "2017-06-07T21:33:35", "id": "RHSA-2017:1413", "href": "https://access.redhat.com/errata/RHSA-2017:1413", "type": "redhat", "title": "(RHSA-2017:1413) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 7", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T22:57:59", "bulletinFamily": "unix", "description": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. (CVE-2016-0736)\n\n* It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication. (CVE-2016-2161)\n\n* A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys. (CVE-2016-7056)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\n* It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)\n\n* A vulnerability was found in httpd's handling of the LimitRequestFields directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash. (CVE-2016-8740)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.", "modified": "2017-07-25T00:12:41", "published": "2017-06-07T21:34:13", "id": "RHSA-2017:1415", "href": "https://access.redhat.com/errata/RHSA-2017:1415", "type": "redhat", "title": "(RHSA-2017:1415) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "thn": [{"lastseen": "2018-01-27T10:06:46", "bulletinFamily": "info", "description": "[](<https://2.bp.blogspot.com/-k4kHqiyGsHg/V-UZe_s8gWI/AAAAAAAApkk/cQFDUlYt1NEs1XcY9LAGlzAZk1qhfGvrgCLcB/s1600/openssl-ddos-attack.png>)\n\nThe OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks. \n \nOpenSSL is a widely used open-source cryptographic library that provides encrypted Internet connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the majority of websites, as well as other secure services. \n \nThe vulnerabilities exist in OpenSSL versions 1.0.1, 1.0.2 and 1.1.0 and patched in OpenSSL versions 1.1.0a, 1.0.2i and 1.0.1u. \n \nThe Critical-rated bug ([CVE-2016-6304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304>)) can be exploited by sending a large OCSP Status Request extension on the targeted server during connection negotiations, which causes memory exhaustion to launch DoS attacks, the OpenSSL Project [said](<https://www.openssl.org/news/secadv/20160922.txt>). \n \n\n\n### What is OCSP Protocol?\n\n \n**OCSP**(Online Certificate Status Protocol), supported by all modern web browsers, is a protocol designed to perform verification and obtain the revocation status of a digital certificate attached to a website. \n \nOCSP divided into client and server components. When an application or a web browser attempts to verify an SSL certificate, the client component sends a request to an online responder via HTTP protocol, which in turn, returns the status of the certificate, valid or not. \n \nReported by Shi Lei, a researcher at Chinese security firm Qihoo 360, the vulnerability affects servers in their default configuration even if they do not support OCSP. \n\n\n> \"An attacker could use the TLS extension \"_TLSEXT_TYPE_status_request_\" and fill the OCSP ids with continually renegotiation,\" the researcher explained in a [blog post](<http://security.360.cn/cve/CVE-2016-6304/>). \n \n\"Theoretically, an attacker could continually renegotiation with the server thus causing unbounded memory growth on the server up to 64k each time.\" \n\n### **How to Prevent OpenSSL DoS Attack**\n\n** \n** Administrators can mitigate damage by running '_no-ocsp_.' Furthermore, servers using older versions of OpenSSL prior to 1.0.1g are not vulnerable in their default configuration. \n \nAnother moderate severity vulnerability ([CVE-2016-6305](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6305>)) that can be exploited to launch denial of service attacks is fixed in the patch release, affecting OpenSSL 1.1.0 that was launched less than one month ago. \n \nThe team has also resolved a total of 12 low severity vulnerabilities in the latest versions of OpenSSL, but most of them do not affect the 1.1.0 branch. \n \nIt is worth noting that the OpenSSL Project will end support for OpenSSL version 1.0.1 on 31st December 2016, so users will not receive any security update from the beginning of 2017. Therefore users are advised to upgrade in order to avoid any security issues.\n", "modified": "2016-09-23T12:13:37", "published": "2016-09-23T01:10:00", "id": "THN:35CF2D56C908025E96F8E8ADF33384DB", "href": "https://thehackernews.com/2016/09/openssl-dos-attack.html", "type": "thn", "title": "Critical DoS Flaw found in OpenSSL \u2014 How It Works", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "threatpost": [{"lastseen": "2018-10-06T22:54:41", "bulletinFamily": "info", "description": "A vulnerability in the OpenSSL implementation of the Online Certificate Status Protocol (OCSP) was patched this week, closing a denial-of-service weakness in affected servers.\n\nThe patch was the most severe of 14 released yesterday by OpenSSL.\n\nOCSP is an alternative in many cases to Certificate Revocation Lists where a client can use the protocol to ping a server requesting the status of a digital certificate.\n\nThe vulnerability, CVE-2016-6304, can be exploited by a malicious client by sending a large OCSP Status Request extension.\n\n\u201cIf that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server,\u201d OpenSSL said in its [advisory](<https://www.openssl.org/news/secadv/20160922.txt>). \u201cThis will eventually lead to a denial of service attack through memory exhaustion.\u201d\n\nResearchers from Qihoo 360 of China privately disclosed the vulnerability.\n\n\u201cA server with default configuration would allow unbounded memory allocation of the OCSP ids every time a renegotiation occurs even if the server is not configured with OCSP,\u201d Qihoo 360 said in its [report](<http://security.360.cn/cve/CVE-2016-6304/>) on the bug. \u201cThe OCSP id can, according to the spec, consume up to 65,535 bytes of memory. Theoretically, an attacker could continually reneg with the server thus causing unbounded memory growth on the server up to 64k each time.\u201d\n\nThe vulnerability affects default configurations of OpenSSL 1.1.0 and later; versions prior to 1.0.1g are not affected, OpenSSL said. OpenSSL 1.1.0 should be upgraded to 1.1.0a, 1.0.2 to 1.0.2i, and 1.0.1 to 1.0.1u.\n\n\u201cIn 1.0.2 an attacker could grow the memory usage on the server by approx 16k per reneg as the maximum overall ClientHello size is set to 16,384 bytes,\u201d Qihoo 360 said. \u201cIn version 1.1.0, along with the maximum size of a ClientHello increased to 131,396 bytes, the memory growth would be near 64k per reneg.\u201d\n\nLinux and BSD distributors Debian, Ubuntu, RedHat/CentOS and FreeBSD have also updated their respective software.\n\nOf the remaining 13 vulnerabilities, patched, 12 were rated low severity by OpenSSL. The other was rated moderate severity and could lead to a denial-of-service condition where SSL or TLS would hang during a SSL_peek() call if an empty record is sent. The bug affected OpenSSL 1.1.0 and users are urged to upgrade to 1.1.0a.\n\nOpenSSL also mitigated the [SWEET32 vulnerability](<https://threatpost.com/new-collision-attacks-against-3des-blowfish-allow-for-cookie-decryption/120087/>), CVE-2016-2183. Sweet32 was disclosed in August and affected 64-bit ciphers such as Triple-DES (3DES) and Blowfish and could allow an attacker to recover authentication cookie data from 3DES traffic, and usernames and passwords from OpenVPN traffic, which is secured by Blowfish.\n\nAs expected, OpenSSL moved 64-bit ciphers from the high cipherstring group to medium in OpenSSL 1.0.1 and 1.0.2. OpenSSL 1.1.0 disables these ciphersuites by default.\n\nThe attack is a collision attack against these ciphers in CBC mode, or cipher block chaining; 64-bit ciphers are still supported in TLS, IPsec, SSH and other protocols. The researchers said that 3DES support for HTTPS servers that show in Alexa\u2019s top website list hovers between 1 percent and 2 percent of traffic on Firefox, Internet Explorer, Chrome and Android 5.0 integrated browser.\n\nSWEET32 is one of the first relatively practical attacks against 64-bit suites, and can be executed with the resources at the disposal of a nation-state or well stocked criminal enterprise.\n", "modified": "2016-09-23T19:47:13", "published": "2016-09-23T15:47:13", "id": "THREATPOST:92734AB0515417387ACE7EE44D1D5100", "href": "https://threatpost.com/openssl-patches-high-severity-ocsp-bug-mitigates-sweet32-attack/120845/", "type": "threatpost", "title": "OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T22:54:34", "bulletinFamily": "info", "description": "Oracle fixed 253 vulnerabilities across 76 product lines on Tuesday as part of its quarterly [Critical Patch Update](<http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html>). Many of the fixes addressed by Oracle tackled vulnerabilities tied to securing critical enterprise data.\n\nVulnerabilities in Oracle Fusion Middleware, a family of infrastructure products the company develops, are some of the most pressing. The update addresses 29 vulnerabilities in the software, 19 of which can be exploited remotely without authentication. Five of those vulnerabilities fetch a CVSS score of 9.8, the highest rating any vulnerabilities fixed this time around garnered.\n\nEach of the vulnerabilities could lead to the takeover of components in the affected software, in this case Oracle Big Data Discovery and Oracle WebLogic Server.\n\nIn addition to Fusion Middleware, three other vulnerabilities, in Oracle\u2019s Commerce Platform, and two retail apps \u2013 its Retail Customer Insights, and Retail Merchandising Insights \u2013 also contained critical, remotely exploitable vulnerabilities.\n\nWhile Fusion Middleware may have had the most critical vulnerabilities it didn\u2019t have the most overall. Oracle\u2019s Communications Applications, which had 36 vulnerabilities, 31 of which were remotely exploitable, and Oracle\u2019s MySQL, which had 31 vulnerabilities, two which were remotely exploitable, were the most patched pieces of software on Tuesday.\n\nJava, Oracle\u2019s perennial whipping boy, didn\u2019t emerge this quarter unscathed either. Tuesday\u2019s update fixed seven vulnerabilities in Java SE, all which can be remotely exploited without authentication, three of which carry a CVSS of 9.6.\n\nThe oldest bug, CVE-2010-5312, dates back to 2010 and exists in Application Express, a component in Oracle\u2019s Database Server. That vulnerability, along with the 11 others fixed in Database Server, should also be on an end users\u2019 CPU docket, an expert warned.\n\n\u201cAdministrators should plan on patching for CVE-2016-6304, CVE-2016-5598 and CVE-2010-5312 as they are remotely exploitable and attackers can use them after compromising another system on the network,\u201d Amol Sarwarte, the director of Vulnerability Labs at Qualys, [wrote on the company\u2019s blog Tuesday](<https://blog.qualys.com/laws-of-vulnerabilities/2016/10/18/oracle-october-2016-critical-patch-update>).\n\nElsewhere, analysts with ERPScan, a firm that conducts audits on Oracle systems, are encouraging end users to pay attention to vulnerabilities patched in Oracle\u2019s E-Business Suite, especially one that stems from the way OpenSSL is implemented in Oracle HTTP Server.\n\n\u201cThe vulnerability is assessed as critical and, according to Oracle\u2019s advisory, allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server, which can result in complete DoS of the component,\u201d Darya Maenkova, an analyst at the firm told Threatpost Tuesday.\n\n\u201cERPScan researchers conducted a Shodan scan and revealed that approximately 15,000 Oracle HTTP servers are exposed to the Internet,\u201d Maenkova said.\n\nPer usual, noted Oracle bug hunter David Litchfield uncovered a handful of the vulnerabilities fixed this week.\n\nFour of the vulnerabilities he found were of the SQL injection variety and existed in e-Business Suite 12.x and 11.x. The bugs, in utilities owned by both SYS and SYSTEM users, could lead to SQL execution, Litchfield warned in [a .PDF document](<http://www.davidlitchfield.com/oracle-oct-2016-cpu.pdf>) around the bugs published Wednesday.\n\nE-Business Suite, the main business software made by the company, is usually flush with sensitive processes and key data, meaning a compromise could lead to the theft of business critical information.\n\nLitchfield, a security engineer at Google, described earlier this summer how he found a litany of vulnerabilities, 50 in a week \u2013 including cross-site scripting bugs and SQL injections, in the platform at Black Hat.\n\n\u201cIt\u2019s a rich source of vulnerabilities,\u201d Litchfield [said during his talk](<https://threatpost.com/oracle-ebusiness-suite-massive-attack-surface-assessed/119638/>), \u201cThere\u2019s a lot of juicy stuff an attacker would look at and like to break in.\u201d\n\nOracle\u2019s products figure into almost countless business implementations worldwide. When Bangladesh Bank\u2019s SWIFT payment system was [compromised in February](<https://threatpost.com/bangladesh-bank-hackers-accessed-swift-system-to-steal-cover-tracks/117637/>), researchers at Bae Systems said malware was operating in an Oracle-powered environment running SWIFT\u2019s software. Litchfield said at DEFCON in 2011 that an Oracle database hack was to blame for the Sony Playstation Network outage that April.\n\nWith this week\u2019s update, the last of 2016, Oracle has fixed almost 1,000 vulnerabilities, 913 in total, in its products this year. Almost every update contained more than 200 fixes, almost twice the average number of fixes, 110, pushed out by the company from 2011 to 2015.\n\nTuesday\u2019s update is the second largest issued by the company. Oracle set the record when it released its last CPU, fixing 276 vulnerabilities, [in July](<https://threatpost.com/oracle-patches-record-276-vulnerabilities-with-july-critical-patch-update/119373/>) this past summer.\n", "modified": "2016-10-19T17:39:40", "published": "2016-10-19T13:39:40", "id": "THREATPOST:D4706357F1ED015BC0C89123865AF61A", "href": "https://threatpost.com/oracle-fixes-253-vulnerabilities-in-last-cpu-of-2016/121375/", "type": "threatpost", "title": "Oracle Fixes 253 Vulnerabilities in Last CPU of 2016", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:07", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.\n\nThe [OpenSSL Security Advisory [22 Sep 2016]](<https://www.openssl.org/news/secadv/20160922.txt>) refers to additional CVEs. [CVE-2016-6305 __](<https://access.redhat.com/security/cve/CVE-2016-6305>) does not affect OpenSSL 1.0.1. The remaining CVEs listed will be fixed in a later update.\n\nThe [OpenSSL Security Advisory [26 Sep 2016]](<https://www.openssl.org/news/secadv/20160926.txt>) refers to two additional CVEs which do not affect OpenSSL 1.0.1.\n\n(Updated 2016-09-26: Included a reference to the 26 Sep 2016 upstream advisory.)\n\n \n**Affected Packages:** \n\n\nopenssl\n\n \n**Issue Correction:** \nRun _yum update openssl_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n openssl-devel-1.0.1k-15.95.amzn1.i686 \n openssl-debuginfo-1.0.1k-15.95.amzn1.i686 \n openssl-perl-1.0.1k-15.95.amzn1.i686 \n openssl-static-1.0.1k-15.95.amzn1.i686 \n openssl-1.0.1k-15.95.amzn1.i686 \n \n src: \n openssl-1.0.1k-15.95.amzn1.src \n \n x86_64: \n openssl-static-1.0.1k-15.95.amzn1.x86_64 \n openssl-perl-1.0.1k-15.95.amzn1.x86_64 \n openssl-debuginfo-1.0.1k-15.95.amzn1.x86_64 \n openssl-devel-1.0.1k-15.95.amzn1.x86_64 \n openssl-1.0.1k-15.95.amzn1.x86_64 \n \n \n", "modified": "2016-09-26T12:00:00", "published": "2016-09-26T12:00:00", "id": "ALAS-2016-749", "href": "https://alas.aws.amazon.com/ALAS-2016-749.html", "title": "Important: openssl", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "hackerone": [{"lastseen": "2018-04-19T17:34:08", "bulletinFamily": "bugbounty", "bounty": 2500.0, "description": "A malicious client can send an excessively large OCSP Status Request extension.\nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected.", "modified": "2017-04-12T00:58:54", "published": "2017-03-29T01:24:57", "href": "https://hackerone.com/reports/216840", "id": "H1:216840", "type": "hackerone", "title": "OpenSSL (IBB): OCSP Status Request extension unbounded memory growth (CVE-2016-6304)", "cvss": {"score": 0.0, "vector": "NONE"}}], "suse": [{"lastseen": "2016-10-06T21:27:36", "bulletinFamily": "unix", "description": "This update brings the new upstream nodejs LTS version 4.6.0, fixing bugs\n and security issues:\n\n * Nodejs embedded openssl version update\n + upgrade to 1.0.2j (CVE-2016-6304, CVE-2016-2183, CVE-2016-2178,\n CVE-2016-6306, CVE-2016-7052)\n + remove support for dynamic 3rd party engine modules\n * http: Properly validate for allowable characters in input user data.\n This introduces a new case where throw may occur when configuring HTTP\n responses, users should already be adopting try/catch here.\n (CVE-2016-5325, bsc#985201)\n * tls: properly validate wildcard certificates (CVE-2016-7099, bsc#1001652)\n * buffer: Zero-fill excess bytes in new Buffer objects created with\n Buffer.concat()\n\n", "modified": "2016-10-06T20:14:21", "published": "2016-10-06T20:14:21", "id": "SUSE-SU-2016:2470-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html", "type": "suse", "title": "Security update for nodejs4 (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-10-11T17:26:45", "bulletinFamily": "unix", "description": "This update brings the new upstream nodejs LTS version 4.6.0, fixing bugs\n and security issues:\n\n * Nodejs embedded openssl version update\n + upgrade to 1.0.2j (CVE-2016-6304, CVE-2016-2183, CVE-2016-2178,\n CVE-2016-6306, CVE-2016-7052)\n + remove support for dynamic 3rd party engine modules\n * http: Properly validate for allowable characters in input user data.\n This introduces a new case where throw may occur when configuring HTTP\n responses, users should already be adopting try/catch here.\n (CVE-2016-5325, bsc#985201)\n * tls: properly validate wildcard certificates (CVE-2016-7099, bsc#1001652)\n * buffer: Zero-fill excess bytes in new Buffer objects created with\n Buffer.concat()\n\n", "modified": "2016-10-11T19:20:03", "published": "2016-10-11T19:20:03", "id": "OPENSUSE-SU-2016:2496-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html", "type": "suse", "title": "Security update for nodejs (important)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-11-01T17:27:52", "bulletinFamily": "unix", "description": "This update brings the new upstream nodejs LTS version 4.6.0, fixing bugs\n and security issues:\n\n * Nodejs embedded openssl version update\n + upgrade to 1.0.2j (CVE-2016-6304, CVE-2016-2183, CVE-2016-2178,\n CVE-2016-6306, CVE-2016-7052)\n + remove support for dynamic 3rd party engine modules\n * http: Properly validate for allowable characters in input user data.\n This introduces a new case where throw may occur when configuring HTTP\n responses, users should already be adopting try/catch here.\n (CVE-2016-5325, bsc#985201)\n * tls: properly validate wildcard certificates (CVE-2016-7099, bsc#1001652)\n * buffer: Zero-fill excess bytes in new Buffer objects created with\n Buffer.concat()\n\n", "modified": "2016-11-01T16:19:35", "published": "2016-11-01T16:19:35", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00001.html", "id": "SUSE-SU-2016:2470-2", "type": "suse", "title": "Security update for nodejs4 (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-10-05T17:27:35", "bulletinFamily": "unix", "description": "This update for openssl fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behavior (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Bugs fixed:\n * Update expired S/MIME certs (bsc#979475)\n * Fix crash in print_notice (bsc#998190)\n * Resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n", "modified": "2016-10-05T18:09:41", "published": "2016-10-05T18:09:41", "id": "SUSE-SU-2016:2458-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html", "type": "suse", "title": "Security update for openssl (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-27T12:38:56", "bulletinFamily": "unix", "description": "This update for openssl fixes the following issues:\n\n\n OpenSSL Security Advisory [22 Sep 2016] (boo#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (boo#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (boo#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (boo#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (boo#994844)\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (boo#990419)\n * DTLS replay protection DoS (CVE-2016-2181) (boo#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (boo#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (boo#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (boo#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (boo#995377)\n * Certificate message OOB reads (CVE-2016-6306) (boo#999668)\n\n More information can be found on\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n * update expired S/MIME certs (boo#979475)\n * allow &gt;= 64GB AESGCM transfers (boo#988591)\n * fix crash in print_notice (boo#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (boo#995075)\n\n", "modified": "2016-09-27T11:09:12", "published": "2016-09-27T11:09:12", "id": "OPENSUSE-SU-2016:2391-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html", "type": "suse", "title": "Security update for openssl (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-10-06T21:27:36", "bulletinFamily": "unix", "description": "This update for openssl1 fixes the following issues:\n\n penSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Also following bugs were fixed:\n * update expired S/MIME certs (bsc#979475)\n * improve s390x performance (bsc#982745)\n * fix crash in print_notice (bsc#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n", "modified": "2016-10-06T20:11:44", "published": "2016-10-06T20:11:44", "id": "SUSE-SU-2016:2469-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html", "type": "suse", "title": "Security update for openssl1 (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T20:38:56", "bulletinFamily": "unix", "description": "This update for openssl fixes the following issues:\n\n OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)\n\n Severity: High\n * OCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n (bsc#999666)\n\n Severity: Low\n * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)\n * Constant time flag not preserved in DSA signing (CVE-2016-2178)\n (bsc#983249)\n * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)\n * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)\n * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)\n * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)\n * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n (bsc#995359)\n * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)\n * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)\n * Certificate message OOB reads (CVE-2016-6306) (bsc#999668)\n\n More information can be found on:\n <a rel=\"nofollow\" href=\"https://www.openssl.org/news/secadv/20160922.txt\">https://www.openssl.org/news/secadv/20160922.txt</a>\n\n Also following bugs were fixed:\n * update expired S/MIME certs (bsc#979475)\n * improve s390x performance (bsc#982745)\n * allow &gt;= 64GB AESGCM transfers (bsc#988591)\n * fix crash in print_notice (bsc#998190)\n * resume reading from /dev/urandom when interrupted by a signal\n (bsc#995075)\n\n", "modified": "2016-09-26T19:10:10", "published": "2016-09-26T19:10:10", "id": "SUSE-SU-2016:2387-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html", "type": "suse", "title": "Security update for openssl (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:29", "bulletinFamily": "unix", "description": "USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nShi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. (CVE-2016-6304)\n\nGuido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2177)\n\nC\u251c\u0119sar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL did not properly use constant-time operations when performing DSA signing. A remote attacker could possibly use this issue to perform a cache-timing attack and recover private DSA keys. (CVE-2016-2178)\n\nQuan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. (CVE-2016-2179)\n\nShi Lei discovered that OpenSSL incorrectly handled memory in the TS_OBJ_print_bio() function. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2180)\n\nIt was discovered that the OpenSSL incorrectly handled the DTLS anti-replay feature. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2181)\n\nShi Lei discovered that OpenSSL incorrectly validated division results. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2182)\n\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves DES from the HIGH cipher list to MEDIUM. (CVE-2016-2183)\n\nShi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. A remote attacker could use this issue to cause a denial of service. (CVE-2016-6302)\n\nShi Lei discovered that OpenSSL incorrectly handled memory in the MDC2_Update() function. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6303)\n\nShi Lei discovered that OpenSSL incorrectly performed certain message length checks. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6306)", "modified": "2016-09-23T00:00:00", "published": "2016-09-23T00:00:00", "id": "USN-3087-2", "href": "https://usn.ubuntu.com/3087-2/", "title": "OpenSSL regression", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:57", "bulletinFamily": "unix", "description": "Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. (CVE-2016-6304)\n\nGuido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2177)\n\nC\u251c\u0119sar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL did not properly use constant-time operations when performing DSA signing. A remote attacker could possibly use this issue to perform a cache-timing attack and recover private DSA keys. (CVE-2016-2178)\n\nQuan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. (CVE-2016-2179)\n\nShi Lei discovered that OpenSSL incorrectly handled memory in the TS_OBJ_print_bio() function. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2180)\n\nIt was discovered that the OpenSSL incorrectly handled the DTLS anti-replay feature. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2181)\n\nShi Lei discovered that OpenSSL incorrectly validated division results. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2182)\n\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves DES from the HIGH cipher list to MEDIUM. (CVE-2016-2183)\n\nShi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. A remote attacker could use this issue to cause a denial of service. (CVE-2016-6302)\n\nShi Lei discovered that OpenSSL incorrectly handled memory in the MDC2_Update() function. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6303)\n\nShi Lei discovered that OpenSSL incorrectly performed certain message length checks. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6306)", "modified": "2016-09-22T00:00:00", "published": "2016-09-22T00:00:00", "id": "USN-3087-1", "href": "https://usn.ubuntu.com/3087-1/", "title": "OpenSSL vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "archlinux": [{"lastseen": "2016-09-26T21:22:45", "bulletinFamily": "unix", "description": "- CVE-2016-6304 (denial of service)\n\nA malicious client can send an excessively large OCSP Status Request\nextension. If that client continually requests renegotiation, sending a\nlarge OCSP Status Request extension each time, then there will be\nunbounded memory growth on the server. This will eventually lead to a\nDenial Of Service attack through memory exhaustion. Servers with a\ndefault configuration are vulnerable even if they do not support OCSP.\nBuilds using the &quot;no-ocsp&quot; build time option are not affected.\n\n- CVE-2016-2178 (private key recovery)\n\nOperations in the DSA signing algorithm should run in constant time in\norder to avoid side channel attacks. A flaw in the OpenSSL DSA\nimplementation means that a non-constant time codepath is followed for\ncertain operations. This has been demonstrated through a cache-timing\nattack to be sufficient for an attacker to recover the private DSA key.\n\n- CVE-2016-2177 (denial of service)\n\nOpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-\nbuffer boundary checks, which might allow remote attackers to cause a\ndenial of service (integer overflow and application crash) or possibly\nhave unspecified other impact by leveraging unexpected malloc behavior,\nrelated to s3_srvr.c, ssl_sess.c, and t1_lib.c.\n\n- CVE-2016-2183 (information disclosure)\n\nSWEET32 (<A HREF=\"https://sweet32.info\">https://sweet32.info</A>) is an attack on older block cipher\nalgorithms that use a block size of 64 bits. In mitigation for the\nSWEET32 attack DES based ciphersuites have been moved from the HIGH\ncipherstring group to MEDIUM.\n\n- CVE-2016-2182 (arbitrary code execution)\n\nThe function BN_bn2dec() does not check the return value of\nBN_div_word(). This can cause an OOB write if an application uses this\nfunction with an overly large BIGNUM. This could be a problem if an\noverly large certificate or CRL is printed out from an untrusted\nsource. TLS is not affected because record limits will reject an\noversized certificate before it is parsed.\n\n- CVE-2016-6303 (arbitrary code execution)\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker is\nable to supply very large amounts of input data after a previous call t\nMVP_EncryptUpdate() with a partial block then a length check can\noverflow resulting in a heap corruption.\nThe amount of data needed is comparable to SIZE_MAX which is\nimpractical on most platforms.\n\n- CVE-2016-2179 (denial of service)\n\nIn a DTLS connection where handshake messages are delivered out-of-\norder those messages that OpenSSL is not yet ready to process will be\nbuffered for later use. Under certain circumstances, a flaw in the\nlogic means that those messages do not get removed from the buffer even\nthough the handshake has been completed.\nAn attacker could force up to approx. 15 messages to remain in the\nbuffer when they are no longer required. These messages will be cleared\nwhen the DTLS connection is closed. The default maximum size for a\nmessage is 100k. Therefore the attacker could force an additional 1500k\nto be consumed per connection. By opening many simultaneous\nconnections an attacker could cause a DoS attack through memory\nexhaustion.\n\n- CVE-2016-2180 (denial of service)\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value\nis the total length the OID text representation would use and not the\namount of data written. This will result in OOB reads when large OIDs\nare presented.\n\n- CVE-2016-2181 (denial of service)\n\nA flaw in the DTLS replay attack protection mechanism means that\nrecords that arrive for future epochs update the replay protection\n&quot;window&quot; before the MAC for the record has been validated. This could\nbe exploited by an attacker by sending a record for the next epoch\n(which does not have to decrypt or have a valid MAC), with a very large\nsequence number. This means that all subsequent legitimate packets are\ndropped causing a denial of service for a specific DTLS connection.\n\n- CVE-2016-6302 (denial of service)\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to\na DoS attack where a malformed ticket will result in an OOB read which\nwill ultimately crash.\nThe use of SHA512 in TLS session tickets is comparatively rare as it\nrequires a custom server callback and ticket lookup mechanism.\n\n- CVE-2016-6306 (denial of service)\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can\nresult in OOB reads of up to 2 bytes beyond an allocated buffer. There\nis a theoretical DoS risk but this has not been observed in practice on\ncommon platforms.\nThe messages affected are client certificate, client certificate\nrequest and server certificate. As a result the attack can only be\nperformed against a client or a server which enables client\nauthentication.", "modified": "2016-09-26T00:00:00", "published": "2016-09-26T00:00:00", "id": "ASA-201609-24", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-September/000720.html", "type": "archlinux", "title": "lib32-openssl: multiple issues", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T21:22:45", "bulletinFamily": "unix", "description": "- CVE-2016-6304 (denial of service)\n\nA malicious client can send an excessively large OCSP Status Request\nextension. If that client continually requests renegotiation, sending a\nlarge OCSP Status Request extension each time, then there will be\nunbounded memory growth on the server. This will eventually lead to a\nDenial Of Service attack through memory exhaustion. Servers with a\ndefault configuration are vulnerable even if they do not support OCSP.\nBuilds using the &quot;no-ocsp&quot; build time option are not affected.\n\n- CVE-2016-2178 (private key recovery)\n\nOperations in the DSA signing algorithm should run in constant time in\norder to avoid side channel attacks. A flaw in the OpenSSL DSA\nimplementation means that a non-constant time codepath is followed for\ncertain operations. This has been demonstrated through a cache-timing\nattack to be sufficient for an attacker to recover the private DSA key.\n\n- CVE-2016-2177 (denial of service)\n\nOpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-\nbuffer boundary checks, which might allow remote attackers to cause a\ndenial of service (integer overflow and application crash) or possibly\nhave unspecified other impact by leveraging unexpected malloc behavior,\nrelated to s3_srvr.c, ssl_sess.c, and t1_lib.c.\n\n- CVE-2016-2183 (information disclosure)\n\nSWEET32 (<A HREF=\"https://sweet32.info\">https://sweet32.info</A>) is an attack on older block cipher\nalgorithms that use a block size of 64 bits. In mitigation for the\nSWEET32 attack DES based ciphersuites have been moved from the HIGH\ncipherstring group to MEDIUM.\n\n- CVE-2016-2182 (arbitrary code execution)\n\nThe function BN_bn2dec() does not check the return value of\nBN_div_word(). This can cause an OOB write if an application uses this\nfunction with an overly large BIGNUM. This could be a problem if an\noverly large certificate or CRL is printed out from an untrusted\nsource. TLS is not affected because record limits will reject an\noversized certificate before it is parsed.\n\n- CVE-2016-6303 (arbitrary code execution)\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker is\nable to supply very large amounts of input data after a previous call t\nMVP_EncryptUpdate() with a partial block then a length check can\noverflow resulting in a heap corruption.\nThe amount of data needed is comparable to SIZE_MAX which is\nimpractical on most platforms.\n\n- CVE-2016-2179 (denial of service)\n\nIn a DTLS connection where handshake messages are delivered out-of-\norder those messages that OpenSSL is not yet ready to process will be\nbuffered for later use. Under certain circumstances, a flaw in the\nlogic means that those messages do not get removed from the buffer even\nthough the handshake has been completed.\nAn attacker could force up to approx. 15 messages to remain in the\nbuffer when they are no longer required. These messages will be cleared\nwhen the DTLS connection is closed. The default maximum size for a\nmessage is 100k. Therefore the attacker could force an additional 1500k\nto be consumed per connection. By opening many simultaneous\nconnections an attacker could cause a DoS attack through memory\nexhaustion.\n\n- CVE-2016-2180 (denial of service)\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value\nis the total length the OID text representation would use and not the\namount of data written. This will result in OOB reads when large OIDs\nare presented.\n\n- CVE-2016-2181 (denial of service)\n\nA flaw in the DTLS replay attack protection mechanism means that\nrecords that arrive for future epochs update the replay protection\n&quot;window&quot; before the MAC for the record has been validated. This could\nbe exploited by an attacker by sending a record for the next epoch\n(which does not have to decrypt or have a valid MAC), with a very large\nsequence number. This means that all subsequent legitimate packets are\ndropped causing a denial of service for a specific DTLS connection.\n\n- CVE-2016-6302 (denial of service)\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to\na DoS attack where a malformed ticket will result in an OOB read which\nwill ultimately crash.\nThe use of SHA512 in TLS session tickets is comparatively rare as it\nrequires a custom server callback and ticket lookup mechanism.\n\n- CVE-2016-6306 (denial of service)\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can\nresult in OOB reads of up to 2 bytes beyond an allocated buffer. There\nis a theoretical DoS risk but this has not been observed in practice on\ncommon platforms.\nThe messages affected are client certificate, client certificate\nrequest and server certificate. As a result the attack can only be\nperformed against a client or a server which enables client\nauthentication.", "modified": "2016-09-26T00:00:00", "published": "2016-09-26T00:00:00", "id": "ASA-201609-23", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-September/000719.html", "type": "archlinux", "title": "openssl: multiple issues", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:25:25", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2016:1940\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system. (CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. (CVE-2016-2179)\n\n* A flaw was found in the Datagram TLS (DTLS) replay protection implementation in OpenSSL. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\n* An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. (CVE-2016-2180)\n\n* Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304 and CVE-2016-6306; and Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-September/022096.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-September/022098.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-libs\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-1940.html", "modified": "2016-09-29T15:15:39", "published": "2016-09-28T14:48:04", "href": "http://lists.centos.org/pipermail/centos-announce/2016-September/022096.html", "id": "CESA-2016:1940", "title": "openssl security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:46:55", "bulletinFamily": "unix", "description": "[1.0.1e-48.3]\n- fix CVE-2016-2177 - possible integer overflow\n- fix CVE-2016-2178 - non-constant time DSA operations\n- fix CVE-2016-2179 - further DoS issues in DTLS\n- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()\n- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue\n- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()\n- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check\n- fix CVE-2016-6304 - unbound memory growth with OCSP status request\n- fix CVE-2016-6306 - certificate message OOB reads\n- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to\n 112 bit effective strength\n- replace expired testing certificates", "modified": "2016-09-27T00:00:00", "published": "2016-09-27T00:00:00", "id": "ELSA-2016-1940", "href": "http://linux.oracle.com/errata/ELSA-2016-1940.html", "title": "openssl security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-18T13:48:30", "bulletinFamily": "unix", "description": "Package : openssl\nVersion : 1.0.1t-1+deb7u1\nCVE ID : CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 \n CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6303\n CVE-2016-6304 CVE-2016-6306\n\nSeveral vulnerabilities were discovered in OpenSSL:\n\nCVE-2016-2177\n\n Guido Vranken discovered that OpenSSL uses undefined pointer\n arithmetic. Additional information can be found at\n https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/\n\nCVE-2016-2178\n\n Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n leak in the DSA code.\n\nCVE-2016-2179 / CVE-2016-2181\n\n Quan Luo and the OCAP audit team discovered denial of service\n vulnerabilities in DTLS.\n\nCVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303\n\n Shi Lei discovered an out-of-bounds memory read in\n TS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec()\n and MDC2_Update().\n\nCVE-2016-2183\n\n DES-based cipher suites are demoted from the HIGH group to MEDIUM\n as a mitigation for the SWEET32 attack.\n\nCVE-2016-6302\n\n Shi Lei discovered that the use of SHA512 in TLS session tickets\n is susceptible to denial of service.\n\nCVE-2016-6304\n\n Shi Lei discovered that excessively large OCSP status request may\n result in denial of service via memory exhaustion.\n\nCVE-2016-6306\n\n Shi Lei discovered that missing message length validation when parsing\n certificates may potentially result in denial of service.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n1.0.1t-1+deb7u1.\n\nWe recommend that you upgrade your openssl and libssl1.0.0 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2016-09-25T11:55:21", "published": "2016-09-25T11:55:21", "id": "DEBIAN:DLA-637-1:F8314", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201609/msg00029.html", "title": "[SECURITY] [DLA 637-1] openssl security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}