OpenSSL < 0.9.8h Multiple Vulnerabilities

2011-12-02T00:00:00

Description

Versions of OpenSSL earlier than 0.9.8h are potentially affected by multiple vulnerabilities : - A double-free error exists related to the handling of server name extension data and specially crafted TLS 1.0 'Client Hello' packets. This can cause application crashes. Note that successful exploitation requires that OpenSSL is compiled with the TLS server name extensions. (CVE-2008-0891) - A NULL pointer dereference error exists related to anonymous Diffie-Hellman key exchange and TLS handshakes. This can be exploited by omitting the 'Server Key exchange message' from the handshake and can cause application crashes. (CVE-2008-1672) - On 32-bit builds, an information disclosure vulnerability exists during certain calculations for NIST elliptic curves P-256 or P-384. This error can allow an attacker to recover the private key of the TLS server. The following are required for exploitation : - 32-bit build - Use of elliptic curves P-256 and/or P-384 - Either the use of ECDH family ciphers and/or the use of ECDHE family ciphers without the SSL_OP_SINGLE_ECDH_USE context option. (CVE-2011-4354)

{"id": "801061.PRM", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "OpenSSL < 0.9.8h Multiple Vulnerabilities", "description": "Versions of OpenSSL earlier than 0.9.8h are potentially affected by multiple vulnerabilities :\n\n - A double-free error exists related to the handling of server name extension data and specially crafted TLS 1.0 'Client Hello' packets. This can cause application crashes. Note that successful exploitation requires that OpenSSL is compiled with the TLS server name extensions. (CVE-2008-0891)\n\n - A NULL pointer dereference error exists related to anonymous Diffie-Hellman key exchange and TLS handshakes. This can be exploited by omitting the 'Server Key exchange message' from the handshake and can cause application crashes. (CVE-2008-1672)\n\n - On 32-bit builds, an information disclosure vulnerability exists during certain calculations for NIST elliptic curves P-256 or P-384. This error can allow an attacker to recover the private key of the TLS server.\n\n The following are required for exploitation :\n\n - 32-bit build\n\n - Use of elliptic curves P-256 and/or P-384\n\n - Either the use of ECDH family ciphers and/or the use of ECDHE family ciphers without the SSL_OP_SINGLE_ECDH_USE context option. (CVE-2011-4354)", "published": "2011-12-02T00:00:00", "modified": "2011-12-02T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/lce/801061", "reporter": "Tenable", "references": ["seclists.org/oss-sec/2011/q4/449", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672", "lwn.net/Articles/284108", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4534", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891", "http://.securityfocus.com/advisories/14754", "http://.openssl.org/news/secadv_20080528.txt"], "cvelist": ["CVE-2008-0891", "CVE-2008-1672", "CVE-2011-4354"], "immutableFields": [], "lastseen": "2023-05-18T14:24:21", "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:520586", "VU:661475"]}, {"type": "cve", "idList": ["CVE-2008-0891", "CVE-2008-1672", "CVE-2011-4354"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2390-1:7F77A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2008-0891", "DEBIANCVE:CVE-2008-1672", "DEBIANCVE:CVE-2011-4354"]}, {"type": "f5", "idList": ["F5:K17454", "SOL15350", "SOL15427", "SOL17454"]}, {"type": "fedora", "idList": ["FEDORA:C7B0010F8AD", "FEDORA:CA803208421", "FEDORA:M4V2DWYQ023924"]}, {"type": "gentoo", "idList": ["GLSA-200806-08"]}, {"type": "nessus", "idList": ["4521.PRM", "DEBIAN_DSA-2390.NASL", "FEDORA_2008-4723.NASL", "GENTOO_GLSA-200806-08.NASL", "MANDRIVA_MDVSA-2008-107.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "OPENSSL_0_9_8H.NASL", "SLACKWARE_SSA_2008-210-08.NASL", "UBUNTU_USN-1357-1.NASL", "UBUNTU_USN-620-1.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2008-0891", "OPENSSL:CVE-2008-1672"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231061470", "OPENVAS:136141256231063141", "OPENVAS:136141256231064247", "OPENVAS:136141256231070708", "OPENVAS:1361412562310830697", "OPENVAS:1361412562310840887", "OPENVAS:61182", "OPENVAS:61470", "OPENVAS:63141", "OPENVAS:64247", "OPENVAS:70708", "OPENVAS:830697", "OPENVAS:840205", "OPENVAS:840887", "OPENVAS:860183"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-3022", "ELSA-2019-4581", "ELSA-2019-4747"]}, {"type": "osv", "idList": ["OSV:DSA-2390-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12150"]}, {"type": "seebug", "idList": ["SSV:3348"]}, {"type": "slackware", "idList": ["SSA-2008-210-08"]}, {"type": "suse", "idList": ["SUSE-SU-2014:0768-1"]}, {"type": "ubuntu", "idList": ["USN-1357-1", "USN-620-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-0891", "UB:CVE-2008-1672", "UB:CVE-2011-4354"]}]}, "score": {"value": 0.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "cert", "idList": ["VU:661475"]}, {"type": "cve", "idList": ["CVE-2008-0891", "CVE-2008-1672", "CVE-2008-4534"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2008-1672"]}, {"type": "f5", "idList": ["SOL15350", "SOL17454"]}, {"type": "fedora", "idList": ["FEDORA:M4V2DWYQ023924"]}, {"type": "gentoo", "idList": ["GLSA-200806-08"]}, {"type": "jvn", "idList": ["JVN:81111541"]}, {"type": "nessus", "idList": ["NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2008-0891", "OPENSSL:CVE-2008-1672"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063141"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4747"]}, {"type": "seebug", "idList": ["SSV:3348"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-0891"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2008-0891", "epss": 0.11156, "percentile": 0.94289, "modified": "2023-05-07"}, {"cve": "CVE-2008-1672", "epss": 0.04381, "percentile": 0.91112, "modified": "2023-05-07"}, {"cve": "CVE-2008-4534", "epss": 0.00321, "percentile": 0.66102, "modified": "2023-05-08"}, {"cve": "CVE-2011-4354", "epss": 0.00641, "percentile": 0.76177, "modified": "2023-05-07"}], "vulnersScore": 0.9}, "_state": {"dependencies": 1684449048, "score": 1684451624, "epss": 0}, "_internal": {"score_hash": "76b4a35a8698216caec309cb561eadd9"}, "pluginID": "801061", "sourceData": "Binary data 801061.prm", "naslFamily": "Web Servers", "cpe": [], "solution": "Upgrade to version 0.9.8h or later.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vendor_cvss2": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2008-05-28T00:00:00", "vulnerabilityPublicationDate": "2008-05-28T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2023-05-18T14:24:21", "description": "Versions of OpenSSL earlier than 0.9.8h are potentially affected by multiple vulnerabilities :\n\n - A double-free error exists related to the handling of server name extension data and specially crafted TLS 1.0 'Client Hello' packets. This can cause application crashes. Note that successful exploitation requires that OpenSSL is compiled with the TLS server name extensions. (CVE-2008-0891)\n\n - A NULL pointer dereference error exists related to anonymous Diffie-Hellman key exchange and TLS handshakes. This can be exploited by omitting the 'Server Key exchange message' from the handshake and can cause application crashes. (CVE-2008-1672)\n\n - On 32-bit builds, an information disclosure vulnerability exists during certain calculations for NIST elliptic curves P-256 or P-384. This error can allow an attacker to recover the private key of the TLS server.\n\n The following are required for exploitation :\n\n - 32-bit build\n\n - Use of elliptic curves P-256 and/or P-384\n\n - Either the use of ECDH family ciphers and/or the use of ECDHE family ciphers without the SSL_OP_SINGLE_ECDH_USE context option. (CVE-2011-4354)", "cvss3": {}, "published": "2011-12-02T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8h Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672", "CVE-2011-4354"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "4521.PRM", "href": "https://www.tenable.com/plugins/nnm/4521", "sourceData": "Binary data 4521.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:23", "description": "According to its banner, the remote web server uses a version of OpenSSL older than 0.9.8h. As such, it may be affected by the following vulnerabilities :\n\n - A double-free error exists related to the handling of server name extension data and specially crafted TLS 1.0 'Client Hello' packets. This can cause application crashes. Note that successful exploitation requires that OpenSSL is compiled with the TLS server name extensions.\n (CVE-2008-0891)\n\n - A NULL pointer dereference error exists related to anonymous Diffie-Hellman key exchange and TLS handshakes. This can be exploited by omitting the 'Server Key exchange message' from the handshake and can cause application crashes. (CVE-2008-1672)\n\n - On 32-bit builds, an information disclosure vulnerability exists during certain calculations for NIST elliptic curves P-256 or P-384. This error can allow an attacker to recover the private key of the TLS server. \n\n The following are required for exploitation :\n\n - 32-bit build\n - Use of elliptic curves P-256 and/or P-384\n - Either the use of ECDH family ciphers and/or the use of ECDHE family ciphers without the SSL_OP_SINGLE_ECDH_USE context option \n\n (CVE-2011-4354)\n\nNote that Nessus has not attempted to verify that these issues are actually exploitable or have been patched but instead has relied on the version number found in the Server response header.", "cvss3": {}, "published": "2011-12-02T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8h Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672", "CVE-2011-4354"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_8H.NASL", "href": "https://www.tenable.com/plugins/nessus/56996", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(56996);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\", \"CVE-2011-4354\");\n script_bugtraq_id(29405, 50882);\n script_xref(name:\"CERT\", value:\"520586\");\n script_xref(name:\"CERT\", value:\"661475\");\n\n script_name(english:\"OpenSSL < 0.9.8h Multiple Vulnerabilities\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server has multiple SSL-related vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL older than 0.9.8h. As such, it may be affected by the\nfollowing vulnerabilities :\n\n - A double-free error exists related to the handling of\n server name extension data and specially crafted TLS\n 1.0 'Client Hello' packets. This can cause application\n crashes. Note that successful exploitation requires that\n OpenSSL is compiled with the TLS server name extensions.\n (CVE-2008-0891)\n\n - A NULL pointer dereference error exists related to \n anonymous Diffie-Hellman key exchange and TLS\n handshakes. This can be exploited by omitting the \n 'Server Key exchange message' from the handshake and\n can cause application crashes. (CVE-2008-1672)\n\n - On 32-bit builds, an information disclosure\n vulnerability exists during certain calculations for \n NIST elliptic curves P-256 or P-384. This error can\n allow an attacker to recover the private key of the TLS\n server. \n\n The following are required for exploitation :\n\n - 32-bit build\n - Use of elliptic curves P-256 and/or P-384\n - Either the use of ECDH family ciphers and/or the \n use of ECDHE family ciphers without the\n SSL_OP_SINGLE_ECDH_USE context option \n\n (CVE-2011-4354)\n\nNote that Nessus has not attempted to verify that these issues are\nactually exploitable or have been patched but instead has relied on\nthe version number found in the Server response header.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2011/12/01/6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20080528.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 0.9.8h or later or apply the vendor-supplied\npatches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 287);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'0.9.8h', severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:51", "description": "Testing using the Codenomicon TLS test suite discovered a flaw in the handling of server name extension data in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If OpenSSL has been compiled using the non-default TLS server name extensions, a remote attacker could send a carefully crafted packet to a server application using OpenSSL and cause a crash.\n(CVE-2008-0891)\n\nTesting using the Codenomicon TLS test suite discovered a flaw if the 'Server Key exchange message' is omitted from a TLS handshake in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a malicious server with particular cipher suites, the server could cause the client to crash. (CVE-2008-1672)\n\nThe updated packages have been patched to fix these flaws.\n\nNote that any applications using this library must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : openssl (MDVSA-2008:107)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64openssl0.9.8", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8-devel", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8-static-devel", "p-cpe:/a:mandriva:linux:libopenssl0.9.8", "p-cpe:/a:mandriva:linux:libopenssl0.9.8-devel", "p-cpe:/a:mandriva:linux:libopenssl0.9.8-static-devel", "p-cpe:/a:mandriva:linux:openssl", "cpe:/o:mandriva:linux:2008.1"], "id": "MANDRIVA_MDVSA-2008-107.NASL", "href": "https://www.tenable.com/plugins/nessus/37882", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:107. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37882);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_bugtraq_id(29405);\n script_xref(name:\"MDVSA\", value:\"2008:107\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openssl (MDVSA-2008:107)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Testing using the Codenomicon TLS test suite discovered a flaw in the\nhandling of server name extension data in OpenSSL 0.9.8f and OpenSSL\n0.9.8g. If OpenSSL has been compiled using the non-default TLS server\nname extensions, a remote attacker could send a carefully crafted\npacket to a server application using OpenSSL and cause a crash.\n(CVE-2008-0891)\n\nTesting using the Codenomicon TLS test suite discovered a flaw if the\n'Server Key exchange message' is omitted from a TLS handshake in\nOpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a malicious\nserver with particular cipher suites, the server could cause the\nclient to crash. (CVE-2008-1672)\n\nThe updated packages have been patched to fix these flaws.\n\nNote that any applications using this library must be restarted for\nthe update to take effect.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-0.9.8g-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-devel-0.9.8g-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-static-devel-0.9.8g-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libopenssl0.9.8-0.9.8g-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libopenssl0.9.8-devel-0.9.8g-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libopenssl0.9.8-static-devel-0.9.8g-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"openssl-0.9.8g-4.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:10", "description": "It was discovered that OpenSSL was vulnerable to a double-free when using TLS server extensions. A remote attacker could send a crafted packet and cause a denial of service via application crash in applications linked against OpenSSL. Ubuntu 8.04 LTS does not compile TLS server extensions by default. (CVE-2008-0891)\n\nIt was discovered that OpenSSL could dereference a NULL pointer. If a user or automated system were tricked into connecting to a malicious server with particular cipher suites, a remote attacker could cause a denial of service via application crash. (CVE-2008-1672).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-07-02T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS : openssl vulnerabilities (USN-620-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl-dev", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg", "p-cpe:/a:canonical:ubuntu_linux:openssl", "p-cpe:/a:canonical:ubuntu_linux:openssl-doc", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-620-1.NASL", "href": "https://www.tenable.com/plugins/nessus/33389", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-620-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33389);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_bugtraq_id(29405);\n script_xref(name:\"USN\", value:\"620-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS : openssl vulnerabilities (USN-620-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL was vulnerable to a double-free when\nusing TLS server extensions. A remote attacker could send a crafted\npacket and cause a denial of service via application crash in\napplications linked against OpenSSL. Ubuntu 8.04 LTS does not compile\nTLS server extensions by default. (CVE-2008-0891)\n\nIt was discovered that OpenSSL could dereference a NULL pointer. If a\nuser or automated system were tricked into connecting to a malicious\nserver with particular cipher suites, a remote attacker could cause a\ndenial of service via application crash. (CVE-2008-1672).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/620-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-4ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-4ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-4ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl\", pkgver:\"0.9.8g-4ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-4ubuntu3.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl-dev / libssl0.9.8 / libssl0.9.8-dbg / openssl / openssl-doc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:35", "description": "The remote host is affected by the vulnerability described in GLSA-200806-08 (OpenSSL: Denial of Service)\n\n Ossi Herrala and Jukka Taimisto of Codenomicon discovered two vulnerabilities:\n A double free() call in the TLS server name extension (CVE-2008-0891).\n The OpenSSL client code does not properly handle servers that omit the Server Key Exchange message in the TLS handshake (CVE-2008-1672).\n Impact :\n\n A remote attacker could connect to a vulnerable server, or entice a daemon to connect to a malicious server, causing a Denial of Service of the daemon in both cases.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2008-06-24T00:00:00", "type": "nessus", "title": "GLSA-200806-08 : OpenSSL: Denial of Service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200806-08.NASL", "href": "https://www.tenable.com/plugins/nessus/33244", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200806-08.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33244);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_xref(name:\"GLSA\", value:\"200806-08\");\n\n script_name(english:\"GLSA-200806-08 : OpenSSL: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200806-08\n(OpenSSL: Denial of Service)\n\n Ossi Herrala and Jukka Taimisto of Codenomicon discovered two\n vulnerabilities:\n A double free() call in the TLS server name extension (CVE-2008-0891).\n The OpenSSL client code does not properly handle servers that omit the\n Server Key Exchange message in the TLS handshake (CVE-2008-1672).\n \nImpact :\n\n A remote attacker could connect to a vulnerable server, or entice a\n daemon to connect to a malicious server, causing a Denial of Service of\n the daemon in both cases.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200806-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All OpenSSL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8g-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 0.9.8g-r2\", \"lt 0.9.8f\"), vulnerable:make_list(\"lt 0.9.8g-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:15", "description": "New openssl packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues.", "cvss3": {}, "published": "2008-07-29T00:00:00", "type": "nessus", "title": "Slackware 11.0 / 12.0 / 12.1 / current : openssl (SSA:2008-210-08)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssh", "p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1"], "id": "SLACKWARE_SSA_2008-210-08.NASL", "href": "https://www.tenable.com/plugins/nessus/33753", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2008-210-08. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33753);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_bugtraq_id(29405);\n script_xref(name:\"SSA\", value:\"2008-210-08\");\n\n script_name(english:\"Slackware 11.0 / 12.0 / 12.1 / current : openssl (SSA:2008-210-08)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New openssl packages are available for Slackware 11.0, 12.0, 12.1,\nand -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a52e1366\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssh, openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/07/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"11.0\", pkgname:\"openssh\", pkgver:\"5.1p1\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\nif (slackware_check(osver:\"11.0\", pkgname:\"openssl\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\nif (slackware_check(osver:\"11.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"openssh\", pkgver:\"5.1p1\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\nif (slackware_check(osver:\"12.0\", pkgname:\"openssl\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\nif (slackware_check(osver:\"12.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"openssh\", pkgver:\"5.1p1\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\nif (slackware_check(osver:\"12.1\", pkgname:\"openssl\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\nif (slackware_check(osver:\"12.1\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssh\", pkgver:\"5.1p1\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8h\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:28", "description": "Fixes moderate impact security issue CVE-2008-0891 and low impact security issue CVE-2008-1672. See also http://www.openssl.org/news/secadv/20080528.txt All applications and system services which utilize OpenSSL library must be restarted for the updates to take effect.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-06-02T00:00:00", "type": "nessus", "title": "Fedora 9 : openssl-0.9.8g-9.fc9 (2008-4723)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-4723.NASL", "href": "https://www.tenable.com/plugins/nessus/32484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4723.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32484);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_bugtraq_id(29405);\n script_xref(name:\"FEDORA\", value:\"2008-4723\");\n\n script_name(english:\"Fedora 9 : openssl-0.9.8g-9.fc9 (2008-4723)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes moderate impact security issue CVE-2008-0891 and low impact\nsecurity issue CVE-2008-1672. See also\nhttp://www.openssl.org/news/secadv/20080528.txt All applications and\nsystem services which utilize OpenSSL library must be restarted for\nthe updates to take effect.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.openssl.org/news/secadv/20080528.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20080528.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=448492\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=448495\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010681.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f3b9e99a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"openssl-0.9.8g-9.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:42", "description": "Several vulnerabilities were discovered in OpenSSL, an implementation of TLS and related protocols. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities :\n\n - CVE-2011-4108 The DTLS implementation performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.\n\n - CVE-2011-4109 A double free vulnerability when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to cause applications crashes and potentially allow execution of arbitrary code by triggering failure of a policy check.\n\n - CVE-2011-4354 On 32-bit systems, the operations on NIST elliptic curves P-256 and P-384 are not correctly implemented, potentially leaking the private ECC key of a TLS server.\n (Regular RSA-based keys are not affected by this vulnerability.)\n\n - CVE-2011-4576 The SSL 3.0 implementation does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.\n\n - CVE-2011-4619 The Server Gated Cryptography (SGC) implementation in OpenSSL does not properly handle handshake restarts, unnecessarily simplifying CPU exhaustion attacks.", "cvss3": {}, "published": "2012-01-16T00:00:00", "type": "nessus", "title": "Debian DSA-2390-1 : openssl - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4354", "CVE-2011-4576", "CVE-2011-4619"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2390.NASL", "href": "https://www.tenable.com/plugins/nessus/57543", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2390. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57543);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_bugtraq_id(50882, 51281);\n script_xref(name:\"DSA\", value:\"2390\");\n\n script_name(english:\"Debian DSA-2390-1 : openssl - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in OpenSSL, an implementation\nof TLS and related protocols. The Common Vulnerabilities and Exposures\nproject identifies the following vulnerabilities :\n\n - CVE-2011-4108\n The DTLS implementation performs a MAC check only if\n certain padding is valid, which makes it easier for\n remote attackers to recover plaintext via a padding\n oracle attack.\n\n - CVE-2011-4109\n A double free vulnerability when\n X509_V_FLAG_POLICY_CHECK is enabled, allows remote\n attackers to cause applications crashes and potentially\n allow execution of arbitrary code by triggering failure\n of a policy check.\n\n - CVE-2011-4354\n On 32-bit systems, the operations on NIST elliptic\n curves P-256 and P-384 are not correctly implemented,\n potentially leaking the private ECC key of a TLS server.\n (Regular RSA-based keys are not affected by this\n vulnerability.)\n\n - CVE-2011-4576\n The SSL 3.0 implementation does not properly initialize\n data structures for block cipher padding, which might\n allow remote attackers to obtain sensitive information\n by decrypting the padding data sent by an SSL peer.\n\n - CVE-2011-4619\n The Server Gated Cryptography (SGC) implementation in\n OpenSSL does not properly handle handshake restarts,\n unnecessarily simplifying CPU exhaustion attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-4108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-4109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-4354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-4619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2390\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.9.8g-15+lenny15.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"openssl\", reference:\"0.9.8g-15+lenny15\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcrypto0.9.8-udeb\", reference:\"0.9.8o-4squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl-dev\", reference:\"0.9.8o-4squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8o-4squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8o-4squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"openssl\", reference:\"0.9.8o-4squeeze5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:38", "description": "It was discovered that the elliptic curve cryptography (ECC) subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timing attack. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945)\n\nAdam Langley discovered that the ephemeral Elliptic Curve Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread safety while processing handshake messages from clients. This could allow a remote attacker to cause a denial of service via out-of-order messages that violate the TLS protocol. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04.\n(CVE-2011-3210)\n\nNadhem Alfardan and Kenny Paterson discovered that the Datagram Transport Layer Security (DTLS) implementation in OpenSSL performed a MAC check only if certain padding is valid. This could allow a remote attacker to recover plaintext. (CVE-2011-4108)\n\nAntonio Martin discovered that a flaw existed in the fix to address CVE-2011-4108, the DTLS MAC check failure. This could allow a remote attacker to cause a denial of service. (CVE-2012-0050)\n\nBen Laurie discovered a double free vulnerability in OpenSSL that could be triggered when the X509_V_FLAG_POLICY_CHECK flag is enabled.\nThis could allow a remote attacker to cause a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-4109)\n\nIt was discovered that OpenSSL, in certain circumstances involving ECDH or ECDHE cipher suites, used an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves. This could allow a remote attacker to obtain the private key of a TLS server via multiple handshake attempts. This issue only affected Ubuntu 8.04 LTS. (CVE-2011-4354)\n\nAdam Langley discovered that the SSL 3.0 implementation in OpenSSL did not properly initialize data structures for block cipher padding. This could allow a remote attacker to obtain sensitive information.\n(CVE-2011-4576)\n\nAndrew Chi discovered that OpenSSL, when RFC 3779 support is enabled, could trigger an assert when handling an X.509 certificate containing certificate-extension data associated with IP address blocks or Autonomous System (AS) identifiers. This could allow a remote attacker to cause a denial of service. (CVE-2011-4577)\n\nAdam Langley discovered that the Server Gated Cryptography (SGC) implementation in OpenSSL did not properly handle handshake restarts.\nThis could allow a remote attacker to cause a denial of service.\n(CVE-2011-4619)\n\nAndrey Kulikov discovered that the GOST block cipher engine in OpenSSL did not properly handle invalid parameters. This could allow a remote attacker to cause a denial of service via crafted data from a TLS client. This issue only affected Ubuntu 11.10. (CVE-2012-0027).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-02-10T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : openssl vulnerabilities (USN-1357-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1945", "CVE-2011-3210", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4354", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2012-0050"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "p-cpe:/a:canonical:ubuntu_linux:openssl", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1357-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57887", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1357-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57887);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-1945\", \"CVE-2011-3210\", \"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0027\", \"CVE-2012-0050\");\n script_bugtraq_id(47888, 49471, 50882, 51281, 51563);\n script_xref(name:\"USN\", value:\"1357-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : openssl vulnerabilities (USN-1357-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the elliptic curve cryptography (ECC) subsystem\nin OpenSSL, when using the Elliptic Curve Digital Signature Algorithm\n(ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement\ncurves over binary fields. This could allow an attacker to determine\nprivate keys via a timing attack. This issue only affected Ubuntu 8.04\nLTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945)\n\nAdam Langley discovered that the ephemeral Elliptic Curve\nDiffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread\nsafety while processing handshake messages from clients. This could\nallow a remote attacker to cause a denial of service via out-of-order\nmessages that violate the TLS protocol. This issue only affected\nUbuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04.\n(CVE-2011-3210)\n\nNadhem Alfardan and Kenny Paterson discovered that the Datagram\nTransport Layer Security (DTLS) implementation in OpenSSL performed a\nMAC check only if certain padding is valid. This could allow a remote\nattacker to recover plaintext. (CVE-2011-4108)\n\nAntonio Martin discovered that a flaw existed in the fix to address\nCVE-2011-4108, the DTLS MAC check failure. This could allow a remote\nattacker to cause a denial of service. (CVE-2012-0050)\n\nBen Laurie discovered a double free vulnerability in OpenSSL that\ncould be triggered when the X509_V_FLAG_POLICY_CHECK flag is enabled.\nThis could allow a remote attacker to cause a denial of service. This\nissue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\nand Ubuntu 11.04. (CVE-2011-4109)\n\nIt was discovered that OpenSSL, in certain circumstances involving\nECDH or ECDHE cipher suites, used an incorrect modular reduction\nalgorithm in its implementation of the P-256 and P-384 NIST elliptic\ncurves. This could allow a remote attacker to obtain the private key\nof a TLS server via multiple handshake attempts. This issue only\naffected Ubuntu 8.04 LTS. (CVE-2011-4354)\n\nAdam Langley discovered that the SSL 3.0 implementation in OpenSSL did\nnot properly initialize data structures for block cipher padding. This\ncould allow a remote attacker to obtain sensitive information.\n(CVE-2011-4576)\n\nAndrew Chi discovered that OpenSSL, when RFC 3779 support is enabled,\ncould trigger an assert when handling an X.509 certificate containing\ncertificate-extension data associated with IP address blocks or\nAutonomous System (AS) identifiers. This could allow a remote attacker\nto cause a denial of service. (CVE-2011-4577)\n\nAdam Langley discovered that the Server Gated Cryptography (SGC)\nimplementation in OpenSSL did not properly handle handshake restarts.\nThis could allow a remote attacker to cause a denial of service.\n(CVE-2011-4619)\n\nAndrey Kulikov discovered that the GOST block cipher engine in OpenSSL\ndid not properly handle invalid parameters. This could allow a remote\nattacker to cause a denial of service via crafted data from a TLS\nclient. This issue only affected Ubuntu 11.10. (CVE-2012-0027).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1357-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libssl0.9.8, libssl1.0.0 and / or openssl\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|10\\.10|11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 10.10 / 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-4ubuntu3.15\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl\", pkgver:\"0.9.8g-4ubuntu3.15\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8k-7ubuntu8.8\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openssl\", pkgver:\"0.9.8k-7ubuntu8.8\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8o-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openssl\", pkgver:\"0.9.8o-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8o-5ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"openssl\", pkgver:\"0.9.8o-5ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.0e-2ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"openssl\", pkgver:\"1.0.0e-2ubuntu4.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl0.9.8 / libssl1.0.0 / openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:27:45", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities:\n\n - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an error state mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected. (CVE-2017-3737)\n\n - There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation).\n Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected.\n Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.\n (CVE-2017-3738)\n\n - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected.\n Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen. (CVE-2017-3736)\n\n - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. (CVE-2006-2937)\n\n - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) public exponent or (2) public modulus values in X.509 certificates that require extra time to process when using RSA signature verification.\n (CVE-2006-2940)\n\n - Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.\n (CVE-2006-3738)\n\n - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. (CVE-2006-4339)\n\n - The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. (CVE-2006-4343)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys. (CVE-2007-3108)\n\n - Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. (CVE-2007-4995)\n\n - Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.\n (CVE-2007-5135)\n\n - Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.\n (CVE-2008-0891)\n\n - OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses particular cipher suites, which triggers a NULL pointer dereference. (CVE-2008-1672)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. (CVE-2009-1377)\n\n - Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. (CVE-2009-1378)\n\n - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. (CVE-2009-1379)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post- renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue.\n (CVE-2009-3555)\n\n - Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. (CVE-2009-4355)\n\n - The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. (CVE-2010-0742)\n\n - RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information. (CVE-2010-1633)\n\n - Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi- threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap- based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.\n (CVE-2010-3864)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. (CVE-2010-4180)\n\n - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka OCSP stapling vulnerability. (CVE-2011-0014)\n\n - crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. (CVE-2011-3207)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. (CVE-2012-0050)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. (CVE-2012-2110)\n\n - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (CVE-2013-4353)\n\n - The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.\n (CVE-2013-6449)\n\n - The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (CVE-2013-6450)\n\n - An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160)\n\n - A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566)\n\n - A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2008-1678", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-4180", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-4108", "CVE-2012-0050", "CVE-2012-2110", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-3566", "CVE-2015-3193", "CVE-2016-0701", "CVE-2016-2183", "CVE-2017-3732", "CVE-2017-3736", "CVE-2017-3737", "CVE-2017-3738"], "modified": "2023-04-25T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/127201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0033. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127201);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2006-2937\",\n \"CVE-2006-2940\",\n \"CVE-2006-3738\",\n \"CVE-2006-4339\",\n \"CVE-2006-4343\",\n \"CVE-2007-3108\",\n \"CVE-2007-4995\",\n \"CVE-2007-5135\",\n \"CVE-2008-0891\",\n \"CVE-2008-1672\",\n \"CVE-2009-1377\",\n \"CVE-2009-1378\",\n \"CVE-2009-1379\",\n \"CVE-2009-3555\",\n \"CVE-2009-4355\",\n \"CVE-2010-0742\",\n \"CVE-2010-1633\",\n \"CVE-2010-3864\",\n \"CVE-2010-4180\",\n \"CVE-2011-0014\",\n \"CVE-2011-3207\",\n \"CVE-2012-0050\",\n \"CVE-2012-2110\",\n \"CVE-2013-4353\",\n \"CVE-2013-6449\",\n \"CVE-2013-6450\",\n \"CVE-2014-0160\",\n \"CVE-2014-3566\",\n \"CVE-2016-2183\",\n \"CVE-2017-3736\",\n \"CVE-2017-3737\",\n \"CVE-2017-3738\"\n );\n script_bugtraq_id(92630);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected\nby multiple vulnerabilities:\n\n - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced\n an error state mechanism. The intent was that if a\n fatal error occurred during a handshake then OpenSSL\n would move into the error state and would immediately\n fail if you attempted to continue the handshake. This\n works as designed for the explicit handshake functions\n (SSL_do_handshake(), SSL_accept() and SSL_connect()),\n however due to a bug it does not work correctly if\n SSL_read() or SSL_write() is called directly. In that\n scenario, if the handshake fails then a fatal error will\n be returned in the initial function call. If\n SSL_read()/SSL_write() is subsequently called by the\n application for the same SSL object then it will succeed\n and the data is passed without being decrypted/encrypted\n directly from the SSL/TLS record layer. In order to\n exploit this issue an application bug would have to be\n present that resulted in a call to\n SSL_read()/SSL_write() being issued after having already\n received a fatal error. OpenSSL version 1.0.2b-1.0.2m\n are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is\n not affected. (CVE-2017-3737)\n\n - There is an overflow bug in the AVX2 Montgomery\n multiplication procedure used in exponentiation with\n 1024-bit moduli. No EC algorithms are affected. Analysis\n suggests that attacks against RSA and DSA as a result of\n this defect would be very difficult to perform and are\n not believed likely. Attacks against DH1024 are\n considered just feasible, because most of the work\n necessary to deduce information about a private key may\n be performed offline. The amount of resources required\n for such an attack would be significant. However, for an\n attack on TLS to be meaningful, the server would have to\n share the DH1024 private key among multiple clients,\n which is no longer an option since CVE-2016-0701. This\n only affects processors that support the AVX2 but not\n ADX extensions like Intel Haswell (4th generation).\n Note: The impact from this issue is similar to\n CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL\n version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected.\n Fixed in OpenSSL 1.0.2n. Due to the low severity of this\n issue we are not issuing a new release of OpenSSL 1.1.0\n at this time. The fix will be included in OpenSSL 1.1.0h\n when it becomes available. The fix is also available in\n commit e502cc86d in the OpenSSL git repository.\n (CVE-2017-3738)\n\n - There is a carry propagating bug in the x86_64\n Montgomery squaring procedure in OpenSSL before 1.0.2m\n and 1.1.0 before 1.1.0g. No EC algorithms are affected.\n Analysis suggests that attacks against RSA and DSA as a\n result of this defect would be very difficult to perform\n and are not believed likely. Attacks against DH are\n considered just feasible (although very difficult)\n because most of the work necessary to deduce information\n about a private key may be performed offline. The amount\n of resources required for such an attack would be very\n significant and likely only accessible to a limited\n number of attackers. An attacker would additionally need\n online access to an unpatched system using the target\n private key in a scenario with persistent DH parameters\n and a private key that is shared between multiple\n clients. This only affects processors that support the\n BMI1, BMI2 and ADX extensions like Intel Broadwell (5th\n generation) and later or AMD Ryzen. (CVE-2017-3736)\n\n - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service\n (infinite loop and memory consumption) via malformed\n ASN.1 structures that trigger an improperly handled\n error condition. (CVE-2006-2937)\n\n - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows attackers to cause a denial of\n service (CPU consumption) via parasitic public keys with\n large (1) public exponent or (2) public modulus\n values in X.509 certificates that require extra time to\n process when using RSA signature verification.\n (CVE-2006-2940)\n\n - Buffer overflow in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions has unspecified impact and remote\n attack vectors involving a long list of ciphers.\n (CVE-2006-3738)\n\n - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3,\n removes PKCS-1 padding before generating a hash, which\n allows remote attackers to forge a PKCS #1 v1.5\n signature that is signed by that RSA key and prevents\n OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. (CVE-2006-4339)\n\n - The get_server_hello function in the SSLv2 client code\n in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows remote servers to cause a denial\n of service (client crash) via unknown vectors that\n trigger a null pointer dereference. (CVE-2006-4343)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c\n in OpenSSL 0.9.8e and earlier does not properly perform\n Montgomery multiplication, which might allow local users\n to conduct a side-channel attack and retrieve RSA\n private keys. (CVE-2007-3108)\n\n - Off-by-one error in the DTLS implementation in OpenSSL\n 0.9.8 before 0.9.8f allows remote attackers to execute\n arbitrary code via unspecified vectors. (CVE-2007-4995)\n\n - Off-by-one error in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f,\n might allow remote attackers to execute arbitrary code\n via a crafted packet that triggers a one-byte buffer\n underflow. NOTE: this issue was introduced as a result\n of a fix for CVE-2006-3738. As of 20071012, it is\n unknown whether code execution is possible.\n (CVE-2007-5135)\n\n - Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g,\n when the TLS server name extensions are enabled, allows\n remote attackers to cause a denial of service (crash)\n via a malformed Client Hello packet. NOTE: some of these\n details are obtained from third party information.\n (CVE-2008-0891)\n\n - OpenSSL 0.9.8f and 0.9.8g allows remote attackers to\n cause a denial of service (crash) via a TLS handshake\n that omits the Server Key Exchange message and uses\n particular cipher suites, which triggers a NULL\n pointer dereference. (CVE-2008-1672)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in\n OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote\n attackers to cause a denial of service (memory\n consumption) via a large series of future epoch DTLS\n records that are buffered in a queue, aka DTLS record\n buffer limitation bug. (CVE-2009-1377)\n\n - Multiple memory leaks in the\n dtls1_process_out_of_seq_message function in\n ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8\n versions allow remote attackers to cause a denial of\n service (memory consumption) via DTLS records that (1)\n are duplicates or (2) have sequence numbers much greater\n than current sequence numbers, aka DTLS fragment\n handling memory leak. (CVE-2009-1378)\n\n - Use-after-free vulnerability in the\n dtls1_retrieve_buffered_fragment function in\n ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote\n attackers to cause a denial of service (openssl s_client\n crash) and possibly have unspecified other impact via a\n DTLS packet, as demonstrated by a packet from a server\n that uses a crafted server certificate. (CVE-2009-1379)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly\n earlier, as used in Microsoft Internet Information\n Services (IIS) 7.0, mod_ssl in the Apache HTTP Server\n 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5\n and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, multiple Cisco products, and other\n products, does not properly associate renegotiation\n handshakes with an existing connection, which allows\n man-in-the-middle attackers to insert data into HTTPS\n sessions, and possibly other types of sessions protected\n by TLS or SSL, by sending an unauthenticated request\n that is processed retroactively by a server in a post-\n renegotiation context, related to a plaintext\n injection attack, aka the Project Mogul issue.\n (CVE-2009-3555)\n\n - Memory leak in the zlib_stateful_finish function in\n crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and\n 1.0.0 Beta through Beta 4 allows remote attackers to\n cause a denial of service (memory consumption) via\n vectors that trigger incorrect calls to the\n CRYPTO_cleanup_all_ex_data function, as demonstrated by\n use of SSLv3 and PHP with the Apache HTTP Server, a\n related issue to CVE-2008-1678. (CVE-2009-4355)\n\n - The Cryptographic Message Syntax (CMS) implementation in\n crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x\n before 1.0.0a does not properly handle structures that\n contain OriginatorInfo, which allows context-dependent\n attackers to modify invalid memory locations or conduct\n double-free attacks, and possibly execute arbitrary\n code, via unspecified vectors. (CVE-2010-0742)\n\n - RSA verification recovery in the EVP_PKEY_verify_recover\n function in OpenSSL 1.x before 1.0.0a, as used by\n pkeyutl and possibly other applications, returns\n uninitialized memory upon failure, which might allow\n context-dependent attackers to bypass intended key\n requirements or obtain sensitive information via\n unspecified vectors. NOTE: some of these details are\n obtained from third party information. (CVE-2010-1633)\n\n - Multiple race conditions in ssl/t1_lib.c in OpenSSL\n 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-\n threading and internal caching are enabled on a TLS\n server, might allow remote attackers to execute\n arbitrary code via client data that triggers a heap-\n based buffer overflow, related to (1) the TLS server\n name extension and (2) elliptic curve cryptography.\n (CVE-2010-3864)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when\n SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does\n not properly prevent modification of the ciphersuite in\n the session cache, which allows remote attackers to\n force the downgrade to an unintended cipher via vectors\n involving sniffing network traffic to discover a session\n identifier. (CVE-2010-4180)\n\n - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0\n through 1.0.0c allows remote attackers to cause a denial\n of service (crash), and possibly obtain sensitive\n information in applications that use OpenSSL, via a\n malformed ClientHello handshake message that triggers an\n out-of-bounds memory access, aka OCSP stapling\n vulnerability. (CVE-2011-0014)\n\n - crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e\n does not initialize certain structure members, which\n makes it easier for remote attackers to bypass CRL\n validation by using a nextUpdate value corresponding to\n a time in the past. (CVE-2011-3207)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS\n applications, which allows remote attackers to cause a\n denial of service (crash) via unspecified vectors\n related to an out-of-bounds read. NOTE: this\n vulnerability exists because of an incorrect fix for\n CVE-2011-4108. (CVE-2012-0050)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c\n in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1\n before 1.0.1a does not properly interpret integer data,\n which allows remote attackers to conduct buffer overflow\n attacks, and cause a denial of service (memory\n corruption) or possibly have unspecified other impact,\n via crafted DER data, as demonstrated by an X.509\n certificate or an RSA public key. (CVE-2012-2110)\n\n - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL\n 1.0.1 before 1.0.1f allows remote TLS servers to cause a\n denial of service (NULL pointer dereference and\n application crash) via a crafted Next Protocol\n Negotiation record in a TLS handshake. (CVE-2013-4353)\n\n - The ssl_get_algorithm2 function in ssl/s3_lib.c in\n OpenSSL before 1.0.2 obtains a certain version number\n from an incorrect data structure, which allows remote\n attackers to cause a denial of service (daemon crash)\n via crafted traffic from a TLS 1.2 client.\n (CVE-2013-6449)\n\n - The DTLS retransmission implementation in OpenSSL 1.0.0\n before 1.0.0l and 1.0.1 before 1.0.1f does not properly\n maintain data structures for digest and encryption\n contexts, which might allow man-in-the-middle attackers\n to trigger the use of a different context and cause a\n denial of service (application crash) by interfering\n with packet delivery, related to ssl/d1_both.c and\n ssl/t1_enc.c. (CVE-2013-6450)\n\n - An information disclosure flaw was found in the way\n OpenSSL handled TLS and DTLS Heartbeat Extension\n packets. A malicious TLS or DTLS client or server could\n send a specially crafted TLS or DTLS Heartbeat packet to\n disclose a limited portion of memory per request from a\n connected client or server. Note that the disclosed\n portions of memory could potentially include sensitive\n information such as private keys. (CVE-2014-0160)\n\n - A flaw was found in the way SSL 3.0 handled padding\n bytes when decrypting messages encrypted using block\n ciphers in cipher block chaining (CBC) mode. This flaw\n allows a man-in-the-middle (MITM) attacker to decrypt a\n selected byte of a cipher text in as few as 256 tries if\n they are able to force a victim application to\n repeatedly send the same data over newly created SSL 3.0\n connections. (CVE-2014-3566)\n\n - A flaw was found in the way the DES/3DES cipher was used\n as part of the TLS/SSL protocol. A man-in-the-middle\n attacker could use this flaw to recover some plaintext\n data by capturing large amounts of encrypted traffic\n between TLS/SSL server and client if the communication\n used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0033\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2006-3738\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-2183\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 287, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"openssl-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-crypto-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-debuginfo-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-devel-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-libs-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-perl-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-static-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\"\n ],\n \"CGSL MAIN 5.04\": [\n \"openssl-1.0.2k-12.el7.cgslv5\",\n \"openssl-debuginfo-1.0.2k-12.el7.cgslv5\",\n \"openssl-devel-1.0.2k-12.el7.cgslv5\",\n \"openssl-libs-1.0.2k-12.el7.cgslv5\",\n \"openssl-perl-1.0.2k-12.el7.cgslv5\",\n \"openssl-static-1.0.2k-12.el7.cgslv5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2017-07-24T12:50:42", "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-210-08.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2008-210-08 openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:61470", "href": "http://plugins.openvas.org/nasl.php?oid=61470", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_210_08.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New openssl packages are available for Slackware 11.0, 12.0, 12.1, and -current\nto fix security issues.\n\nUpgraded OpenSSH packages have been provided to make sure that ssh is not\nbroken my the update -- especially if your machine is a remote one, be SURE\nto upgrade to the new openssh package as well!\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2008-210-08.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-210-08\";\n \nif(description)\n{\n script_id(61470);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2008-210-08 openssl \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssh\", ver:\"5.1p1-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssh\", ver:\"5.1p1-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssh\", ver:\"5.1p1-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:59", "description": "The remote host is missing updates announced in\nadvisory GLSA 200806-08.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200806-08 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:61182", "href": "http://plugins.openvas.org/nasl.php?oid=61182", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Two vulnerabilities might allow for a Denial of Service of daemons using\nOpenSSL.\";\ntag_solution = \"All OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8g-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200806-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=223429\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200806-08.\";\n\n \n\nif(description)\n{\n script_id(61182);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200806-08 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 0.9.8g-r2\", \"lt 0.9.8f\"), vulnerable: make_list(\"lt 0.9.8g-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:00", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2008-4723", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860183", "href": "http://plugins.openvas.org/nasl.php?oid=860183", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2008-4723\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 9\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg01029.html\");\n script_id(860183);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-4723\");\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_name( \"Fedora Update for openssl FEDORA-2008-4723\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~9.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:55", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2008:107 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830697", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830697", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2008:107 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Testing using the Codenomicon TLS test suite discovered a flaw in\n the handling of server name extension data in OpenSSL 0.9.8f and\n OpenSSL 0.9.8g. If OpenSSL has been compiled using the non-default\n TLS server name extensions, a remote attacker could send a carefully\n crafted packet to a server application using OpenSSL and cause a\n crash. (CVE-2008-0891)\n\n Testing using the Codenomicon TLS test suite discovered a flaw if\n the 'Server Key exchange message' is omitted from a TLS handshake\n in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a\n malicious server with particular cipher suites, the server could\n cause the client to crash. (CVE-2008-1672)\n \n The updated packages have been patched to fix these flaws.\n \n Note that any applications using this library must be restarted for\n the update to take effect.\";\n\ntag_affected = \"openssl on Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-05/msg00032.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830697\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:107\");\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_name( \"Mandriva Update for openssl MDVSA-2008:107 (openssl)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~4.1mdv2008.0\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:55", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2008:107 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830697", "href": "http://plugins.openvas.org/nasl.php?oid=830697", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2008:107 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Testing using the Codenomicon TLS test suite discovered a flaw in\n the handling of server name extension data in OpenSSL 0.9.8f and\n OpenSSL 0.9.8g. If OpenSSL has been compiled using the non-default\n TLS server name extensions, a remote attacker could send a carefully\n crafted packet to a server application using OpenSSL and cause a\n crash. (CVE-2008-0891)\n\n Testing using the Codenomicon TLS test suite discovered a flaw if\n the 'Server Key exchange message' is omitted from a TLS handshake\n in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a\n malicious server with particular cipher suites, the server could\n cause the client to crash. (CVE-2008-1672)\n \n The updated packages have been patched to fix these flaws.\n \n Note that any applications using this library must be restarted for\n the update to take effect.\";\n\ntag_affected = \"openssl on Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-05/msg00032.php\");\n script_id(830697);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:107\");\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_name( \"Mandriva Update for openssl MDVSA-2008:107 (openssl)\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~4.1mdv2008.0\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8g~4.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:29:38", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-620-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl vulnerabilities USN-620-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840205", "href": "http://plugins.openvas.org/nasl.php?oid=840205", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_620_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for openssl vulnerabilities USN-620-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that OpenSSL was vulnerable to a double-free\n when using TLS server extensions. A remote attacker could send a\n crafted packet and cause a denial of service via application crash\n in applications linked against OpenSSL. Ubuntu 8.04 LTS does not\n compile TLS server extensions by default. (CVE-2008-0891)\n\n It was discovered that OpenSSL could dereference a NULL pointer.\n If a user or automated system were tricked into connecting to a\n malicious server with particular cipher suites, a remote attacker\n could cause a denial of service via application crash.\n (CVE-2008-1672)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-620-1\";\ntag_affected = \"openssl vulnerabilities on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-620-1/\");\n script_id(840205);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"620-1\");\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_name( \"Ubuntu Update for openssl vulnerabilities USN-620-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-4ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-4ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-4ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:31", "description": "The remote host is missing an update as announced\nvia advisory SSA:2008-210-08.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2008-210-08 openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231061470", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231061470", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2008_210_08.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.61470\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2008-0891\", \"CVE-2008-1672\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2008-210-08 openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(11\\.0|12\\.0|12\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-210-08\");\n\n script_tag(name:\"insight\", value:\"New openssl packages are available for Slackware 11.0, 12.0, 12.1, and -current\nto fix security issues.\n\nUpgraded OpenSSH packages have been provided to make sure that ssh is not\nbroken my the update -- especially if your machine is a remote one, be SURE\nto upgrade to the new openssh package as well!\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2008-210-08.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssh\", ver:\"5.1p1-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssh\", ver:\"5.1p1-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8h-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8h-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssh\", ver:\"5.1p1-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:56:14", "description": "The remote host is missing an update to openssl\nannounced via advisory FEDORA-2009-0325.", "cvss3": {}, "published": "2009-01-13T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-0325 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-5077", "CVE-2008-1672"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63141", "href": "http://plugins.openvas.org/nasl.php?oid=63141", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_0325.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-0325 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nOnly one important security fix and two very simple bugfixes.\n\nChangeLog:\n\n* Wed Jan 7 2009 Tomas Mraz 0.9.8g-9.12\n- fix CVE-2008-5077 - incorrect checks for malformed signatures (#476671)\n- add -no_ign_eof option (#462393)\n- do not add tls extensions to server hello for SSLv3 either\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update openssl' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0325\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory FEDORA-2009-0325.\";\n\n\n\nif(description)\n{\n script_id(63141);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2008-5077\", \"CVE-2008-0891\", \"CVE-2008-1672\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-0325 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=476671\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:47", "description": "The remote host is missing an update to openssl\nannounced via advisory FEDORA-2009-0325.", "cvss3": {}, "published": "2009-01-13T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-0325 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-5077", "CVE-2008-1672"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063141", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063141", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_0325.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-0325 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nOnly one important security fix and two very simple bugfixes.\n\nChangeLog:\n\n* Wed Jan 7 2009 Tomas Mraz 0.9.8g-9.12\n- fix CVE-2008-5077 - incorrect checks for malformed signatures (#476671)\n- add -no_ign_eof option (#462393)\n- do not add tls extensions to server hello for SSLv3 either\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update openssl' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0325\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory FEDORA-2009-0325.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63141\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2008-5077\", \"CVE-2008-0891\", \"CVE-2008-1672\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-0325 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=476671\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8g~9.12.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:04", "description": "The remote host is missing an update to openssl\nannounced via advisory FEDORA-2009-5423.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-5423 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2008-0891", "CVE-2008-5077", "CVE-2009-1378", "CVE-2008-1672"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64247", "href": "http://plugins.openvas.org/nasl.php?oid=64247", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5423.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5423 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\n\nUpdate Information:\n\nSecurity update fixing DoS bugs in DTLS code. CVE-2009-1377 CVE-2009-1378\nCVE-2009-1379\n\nChangeLog:\n\n* Thu May 21 2009 Tomas Mraz 0.9.8g-9.14\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n(DTLS DoS problems) (#501253, #501254, #501572)\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n- fix crash when parsing malformed mime headers in the smime app\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update openssl' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5423\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory FEDORA-2009-5423.\";\n\n\n\nif(description)\n{\n script_id(64247);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2008-5077\", \"CVE-2008-0891\", \"CVE-2008-1672\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-5423 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=501253\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=501254\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=501572\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~9.14.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8g~9.14.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8g~9.14.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8g~9.14.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:21", "description": "The remote host is missing an update to openssl\nannounced via advisory FEDORA-2009-5423.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-5423 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1379", "CVE-2009-1377", "CVE-2008-0891", "CVE-2008-5077", "CVE-2009-1378", "CVE-2008-1672"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064247", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064247", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5423.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5423 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\n\nUpdate Information:\n\nSecurity update fixing DoS bugs in DTLS code. CVE-2009-1377 CVE-2009-1378\nCVE-2009-1379\n\nChangeLog:\n\n* Thu May 21 2009 Tomas Mraz 0.9.8g-9.14\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n(DTLS DoS problems) (#501253, #501254, #501572)\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n- fix crash when parsing malformed mime headers in the smime app\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update openssl' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5423\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory FEDORA-2009-5423.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64247\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2008-5077\", \"CVE-2008-0891\", \"CVE-2008-1672\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-5423 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=501253\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=501254\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=501572\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~9.14.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8g~9.14.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8g~9.14.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8g~9.14.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:55", "description": "The remote host is missing an update to openssl\nannounced via advisory DSA 2390-1.", "cvss3": {}, "published": "2012-02-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2390-1 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4354", "CVE-2011-4109"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70708", "href": "http://plugins.openvas.org/nasl.php?oid=70708", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2390_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2390-1 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities were discovered in OpenSSL, an implementation\nof TLS and related protocols. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\nCVE-2011-4108\nThe DTLS implementation performs a MAC check only if certain\npadding is valid, which makes it easier for remote attackers\nto recover plaintext via a padding oracle attack.\n\nCVE-2011-4109\nA double free vulnerability when X509_V_FLAG_POLICY_CHECK is\nenabled, allows remote attackers to cause applications crashes\nand potentially allow execution of arbitrary code by\ntriggering failure of a policy check.\n\nCVE-2011-4354\nOn 32-bit systems, the operations on NIST elliptic curves\nP-256 and P-384 are not correctly implemented, potentially\nleaking the private ECC key of a TLS server. (Regular\nRSA-based keys are not affected by this vulnerability.)\n\nCVE-2011-4576\nThe SSL 3.0 implementation does not properly initialize data\nstructures for block cipher padding, which might allow remote\nattackers to obtain sensitive information by decrypting the\npadding data sent by an SSL peer.\n\nCVE-2011-4619\nThe Server Gated Cryptography (SGC) implementation in OpenSSL\ndoes not properly handle handshake restarts, unnecessarily\nsimplifying CPU exhaustion attacks.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.9.8g-15+lenny15.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze5.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 1.0.0f-1.\n\nWe recommend that you upgrade your openssl packages.\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory DSA 2390-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202390-1\";\n\nif(description)\n{\n script_id(70708);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-11 03:28:14 -0500 (Sat, 11 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2390-1 (openssl)\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-15+lenny13\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.0g-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:15", "description": "The remote host is missing an update to openssl\nannounced via advisory DSA 2390-1.", "cvss3": {}, "published": "2012-02-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2390-1 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4354", "CVE-2011-4109"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070708", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070708", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2390_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2390-1 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70708\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-4108\", \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4619\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-11 03:28:14 -0500 (Sat, 11 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2390-1 (openssl)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202390-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in OpenSSL, an implementation\nof TLS and related protocols. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\nCVE-2011-4108\nThe DTLS implementation performs a MAC check only if certain\npadding is valid, which makes it easier for remote attackers\nto recover plaintext via a padding oracle attack.\n\nCVE-2011-4109\nA double free vulnerability when X509_V_FLAG_POLICY_CHECK is\nenabled, allows remote attackers to cause applications crashes\nand potentially allow execution of arbitrary code by\ntriggering failure of a policy check.\n\nCVE-2011-4354\nOn 32-bit systems, the operations on NIST elliptic curves\nP-256 and P-384 are not correctly implemented, potentially\nleaking the private ECC key of a TLS server. (Regular\nRSA-based keys are not affected by this vulnerability.)\n\nCVE-2011-4576\nThe SSL 3.0 implementation does not properly initialize data\nstructures for block cipher padding, which might allow remote\nattackers to obtain sensitive information by decrypting the\npadding data sent by an SSL peer.\n\nCVE-2011-4619\nThe Server Gated Cryptography (SGC) implementation in OpenSSL\ndoes not properly handle handshake restarts, unnecessarily\nsimplifying CPU exhaustion attacks.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.9.8g-15+lenny15.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze5.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 1.0.0f-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to openssl\nannounced via advisory DSA 2390-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-15+lenny13\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-4squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.0g-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:21:15", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1357-1", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-1357-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3210", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2011-4354", "CVE-2012-0027", "CVE-2012-0050", "CVE-2011-4109", "CVE-2011-1945"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840887", "href": "http://plugins.openvas.org/nasl.php?oid=840887", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1357_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for openssl USN-1357-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the elliptic curve cryptography (ECC) subsystem\n in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm\n (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement\n curves over binary fields. This could allow an attacker to determine\n private keys via a timing attack. This issue only affected Ubuntu 8.04\n LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945)\n\n Adam Langley discovered that the ephemeral Elliptic Curve\n Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread\n safety while processing handshake messages from clients. This\n could allow a remote attacker to cause a denial of service via\n out-of-order messages that violate the TLS protocol. This issue only\n affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu\n 11.04. (CVE-2011-3210)\n\n Nadhem Alfardan and Kenny Paterson discovered that the Datagram\n Transport Layer Security (DTLS) implementation in OpenSSL performed a\n MAC check only if certain padding is valid. This could allow a remote\n attacker to recover plaintext. (CVE-2011-4108)\n\n Antonio Martin discovered that a flaw existed in the fix to address\n CVE-2011-4108, the DTLS MAC check failure. This could allow a remote\n attacker to cause a denial of service. (CVE-2012-0050)\n\n Ben Laurie discovered a double free vulnerability in OpenSSL that could\n be triggered when the X509_V_FLAG_POLICY_CHECK flag is enabled. This\n could allow a remote attacker to cause a denial of service. This\n issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\n and Ubuntu 11.04. (CVE-2011-4109)\n\n It was discovered that OpenSSL, in certain circumstances involving\n ECDH or ECDHE cipher suites, used an incorrect modular reduction\n algorithm in its implementation of the P-256 and P-384 NIST elliptic\n curves. This could allow a remote attacker to obtain the private\n key of a TLS server via multiple handshake attempts. This issue only\n affected Ubuntu 8.04 LTS. (CVE-2011-4354)\n\n Adam Langley discovered that the SSL 3.0 implementation in OpenSSL\n did not properly initialize data structures for block cipher\n padding. This could allow a remote attacker to obtain sensitive\n information. (CVE-2011-4576)\n\n Andrew Chi discovered that OpenSSL, when RFC 3779 support is enabled,\n could trigger an assert when handling an X.509 certificate containing\n certificate-extension data associated with IP address blocks or\n Autonomous System (AS) identifiers. This could allow a remote attacker\n to cause a denial of servi ...\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1357-1\";\ntag_affected = \"openssl on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1357-1/\");\n script_id(840887);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 16:29:45 +0530 (Mon, 13 Feb 2012)\");\n script_cve_id(\"CVE-2011-1945\", \"CVE-2011-3210\", \"CVE-2011-4108\", \"CVE-2012-0050\",\n \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4577\",\n \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1357-1\");\n script_name(\"Ubuntu Update for openssl USN-1357-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-1ubuntu4.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-1ubuntu4.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-7ubuntu8.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-5ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-5ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.15\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.15\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1357-1", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-1357-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3210", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2011-4354", "CVE-2012-0027", "CVE-2012-0050", "CVE-2011-4109", "CVE-2011-1945"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840887", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840887", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1357_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for openssl USN-1357-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1357-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840887\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 16:29:45 +0530 (Mon, 13 Feb 2012)\");\n script_cve_id(\"CVE-2011-1945\", \"CVE-2011-3210\", \"CVE-2011-4108\", \"CVE-2012-0050\",\n \"CVE-2011-4109\", \"CVE-2011-4354\", \"CVE-2011-4576\", \"CVE-2011-4577\",\n \"CVE-2011-4619\", \"CVE-2012-0027\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1357-1\");\n script_name(\"Ubuntu Update for openssl USN-1357-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1357-1\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that the elliptic curve cryptography (ECC) subsystem\n in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm\n (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement\n curves over binary fields. This could allow an attacker to determine\n private keys via a timing attack. This issue only affected Ubuntu 8.04\n LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945)\n\n Adam Langley discovered that the ephemeral Elliptic Curve\n Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread\n safety while processing handshake messages from clients. This\n could allow a remote attacker to cause a denial of service via\n out-of-order messages that violate the TLS protocol. This issue only\n affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu\n 11.04. (CVE-2011-3210)\n\n Nadhem Alfardan and Kenny Paterson discovered that the Datagram\n Transport Layer Security (DTLS) implementation in OpenSSL performed a\n MAC check only if certain padding is valid. This could allow a remote\n attacker to recover plaintext. (CVE-2011-4108)\n\n Antonio Martin discovered that a flaw existed in the fix to address\n CVE-2011-4108, the DTLS MAC check failure. This could allow a remote\n attacker to cause a denial of service. (CVE-2012-0050)\n\n Ben Laurie discovered a double free vulnerability in OpenSSL that could\n be triggered when the X509_V_FLAG_POLICY_CHECK flag is enabled. This\n could allow a remote attacker to cause a denial of service. This\n issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\n and Ubuntu 11.04. (CVE-2011-4109)\n\n It was discovered that OpenSSL, in certain circumstances involving\n ECDH or ECDHE cipher suites, used an incorrect modular reduction\n algorithm in its implementation of the P-256 and P-384 NIST elliptic\n curves. This could allow a remote attacker to obtain the private\n key of a TLS server via multiple handshake attempts. This issue only\n affected Ubuntu 8.04 LTS. (CVE-2011-4354)\n\n Adam Langley discovered that the SSL 3.0 implementation in OpenSSL\n did not properly initialize data structures for block cipher\n padding. This could allow a remote attacker to obtain sensitive\n information. (CVE-2011-4576)\n\n Andrew Chi discovered that OpenSSL, when RFC 3779 support is enabled,\n could trigger an assert when handling an X.509 certificate containing\n certificate-extension data associated with IP address blocks or\n Autonomous System (AS) identifiers. This could allow a remote attacker\n to cause a denial of servi ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-1ubuntu4.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-1ubuntu4.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-7ubuntu8.8\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-5ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-5ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.15\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.15\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T21:40:46", "description": "BUGTRAQ ID: 29405\r\nCVE(CAN) ID: CVE-2008-0891,CVE-2008-1672\r\n\r\nOpenSSL\u662f\u4e00\u79cd\u5f00\u653e\u6e90\u7801\u7684SSL\u5b9e\u73b0\uff0c\u7528\u6765\u5b9e\u73b0\u7f51\u7edc\u901a\u4fe1\u7684\u9ad8\u5f3a\u5ea6\u52a0\u5bc6\uff0c\u73b0\u5728\u88ab\u5e7f\u6cdb\u5730\u7528\u4e8e\u5404\u79cd\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u4e2d\u3002\r\n\r\nOpenSSL\u5728\u5904\u7406\u7578\u5f62\u7684\u8fde\u63a5\u65f6\u5b58\u5728\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u670d\u52a1\u5668\u7a0b\u5e8f\u5d29\u6e83\u3002\r\n\r\n\u5f53\u7528\u4ee5\u4e0b\u547d\u4ee4\u884c\u8fd0\u884cOpenSSL\u65f6\uff1a \r\n\r\nopenssl s_server -key path_to_key \\\r\n-cert path_to_certificate \\\r\n-www `openssl ciphers 'ALL:COMPLEMENTOFALL'`\r\n\r\n\u5982\u679c\u63a5\u6536\u5230\u7684Client Hello\u62a5\u6587\u4e2d\u670d\u52a1\u5668\u540d\u79f0\u6269\u5c55\u5c06server_name\u8bbe\u7f6e\u4e3a0x00\u4e14\u540d\u79f0\u957f\u5ea6\u4e3a1\uff0c\u5219\u7a0b\u5e8f\u5728325\u884c\u7684ssl/t1_lib.c\u6587\u4ef6\u68c0\u6d4b\u5230\u9519\u8bef\u7684\u4e3b\u673a\u540d\u5e76\u7ed3\u675f\u63e1\u624b\uff0c\u4e4b\u540e\u8bd5\u56fe\u91ca\u653e\u5df2\u7ecf\u91ca\u653e\u7684\u6307\u9488\uff0c\u5bfc\u81f4OpenSSL\u51fa\u73b0\u5206\u6bb5\u9519\u8bef\u5d29\u6e83\u3002openssl\u7a0b\u5e8f\u9ed8\u8ba4\u4e0d\u5141\u8bb8\u5904\u7406TLS\u6269\u5c55\uff0c\u5fc5\u987b\u5728\u7f16\u8bd1\u65f6\u660e\u786e\u5730\u542f\u7528\u3002\r\n\r\n\u5728\u7528\u4ee5\u4e0b\u547d\u4ee4\u884c\u8fd0\u884copenssl\u65f6\uff1a\r\n\r\nopenssl s_client -connect localhost:4433 -cipher \\ \r\n`openssl ciphers 'ALL:COMPLEMENTOFALL'` -debug -msg\r\n\r\nopenssl\u5411\u670d\u52a1\u5668\u53d1\u9001Client Hello\u6d88\u606f\uff0c\u670d\u52a1\u5668\u7528Server Hello\u6d88\u606f\u54cd\u5e94\uff08\u9009\u62e9\u4e86TLS_DH_ANON_WITH_RC4_128_MD5\u5bc6\u7801\u7ec4\uff09\uff0c\u7136\u540e\u662fServer Hello Done\u6d88\u606f\uff08\u5ffd\u7565Server Key Exchange\u6d88\u606f\uff09\u3002ssl3_get_key_exchange()\u5141\u8bb8\u5ffd\u7565Server Key Exchange\u6d88\u606f\uff0c\u4f46s->session->sess_cert\u4e3a\u7a7a\u4e14ssl3_get_server_done()\u6ca1\u6709\u6267\u884c\u4efb\u4f55\u68c0\u67e5\uff0c\u5ba2\u6237\u7aef\u72b6\u6001\u673a\u5668\u7ee7\u7eed\u6267\u884c\u5230ssl3_send_client_key_exchange()\u4e14\u6ca1\u6709\u68c0\u67e5s->session->sess_cert\u7684\u6709\u6548\u6027\u4fbf\u8bd5\u56fe\u5f15\u7528\uff08s3_clntl.c:1970\uff09\u3002\u5982\u679c\u5ba2\u6237\u7aef\u4f7f\u7528\u7279\u6b8a\u7684\u5bc6\u7801\u7ec4\u8fde\u63a5\u5230\u4e86\u6076\u610f\u7684\u670d\u52a1\u5668\uff0c\u670d\u52a1\u5668\u5c31\u4f1a\u5bfc\u81f4\u5ba2\u6237\u7aef\u5d29\u6e83\u3002\r\n\r\n\n\nOpenSSL Project OpenSSL 0.9.8g\r\nOpenSSL Project OpenSSL 0.9.8f\n OpenSSL Project\r\n---------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://www.openssl.org/source/openssl-0.9.8h.tar.gz target=_blank>http://www.openssl.org/source/openssl-0.9.8h.tar.gz</a>", "cvss3": {}, "published": "2008-05-29T00:00:00", "type": "seebug", "title": "OpenSSL\u591a\u4e2a\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2008-05-29T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-3348", "id": "SSV:3348", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2008-05-31T02:14:16", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: openssl-0.9.8g-9.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2008-05-31T02:14:16", "id": "FEDORA:M4V2DWYQ023924", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FCG324JKE4LZR5ZXM6UM4IBNLS2FGKFA/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2009-01-08T04:19:17", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: openssl-0.9.8g-9.12.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672", "CVE-2008-5077"], "modified": "2009-01-08T04:19:17", "id": "FEDORA:CA803208421", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3EYJP6MZ52OZXSI6SQM4IPBDLWQ5OKUJ/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2009-06-19T13:40:57", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: openssl-0.9.8g-9.14.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672", "CVE-2008-5077", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379"], "modified": "2009-06-19T13:40:57", "id": "FEDORA:C7B0010F8AD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HJYR7XPXK7VLL5KOO7EOZXGJGA3OEGGS/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-05-26T15:57:17", "description": "## Releases\n\n * Ubuntu 8.04 \n\n## Packages\n\n * openssl \\- \n\nIt was discovered that OpenSSL was vulnerable to a double-free \nwhen using TLS server extensions. A remote attacker could send a \ncrafted packet and cause a denial of service via application crash \nin applications linked against OpenSSL. Ubuntu 8.04 LTS does not \ncompile TLS server extensions by default. (CVE-2008-0891)\n\nIt was discovered that OpenSSL could dereference a NULL pointer. \nIf a user or automated system were tricked into connecting to a \nmalicious server with particular cipher suites, a remote attacker \ncould cause a denial of service via application crash. \n(CVE-2008-1672)\n", "cvss3": {}, "published": "2008-06-26T00:00:00", "type": "ubuntu", "title": "OpenSSL vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2008-06-26T00:00:00", "id": "USN-620-1", "href": "https://ubuntu.com/security/notices/USN-620-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-27T15:41:13", "description": "## Releases\n\n * Ubuntu 11.10 \n * Ubuntu 11.04 \n * Ubuntu 10.10 \n * Ubuntu 10.04 \n * Ubuntu 8.04 \n\n## Packages\n\n * openssl \\- Secure Socket Layer (SSL) binary and related cryptographic tools\n\nIt was discovered that the elliptic curve cryptography (ECC) subsystem \nin OpenSSL, when using the Elliptic Curve Digital Signature Algorithm \n(ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement \ncurves over binary fields. This could allow an attacker to determine \nprivate keys via a timing attack. This issue only affected Ubuntu 8.04 \nLTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945)\n\nAdam Langley discovered that the ephemeral Elliptic Curve \nDiffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread \nsafety while processing handshake messages from clients. This \ncould allow a remote attacker to cause a denial of service via \nout-of-order messages that violate the TLS protocol. This issue only \naffected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu \n11.04. (CVE-2011-3210)\n\nNadhem Alfardan and Kenny Paterson discovered that the Datagram \nTransport Layer Security (DTLS) implementation in OpenSSL performed a \nMAC check only if certain padding is valid. This could allow a remote \nattacker to recover plaintext. (CVE-2011-4108)\n\nAntonio Martin discovered that a flaw existed in the fix to address \nCVE-2011-4108, the DTLS MAC check failure. This could allow a remote \nattacker to cause a denial of service. (CVE-2012-0050)\n\nBen Laurie discovered a double free vulnerability in OpenSSL that could \nbe triggered when the X509_V_FLAG_POLICY_CHECK flag is enabled. This \ncould allow a remote attacker to cause a denial of service. This \nissue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 \nand Ubuntu 11.04. (CVE-2011-4109)\n\nIt was discovered that OpenSSL, in certain circumstances involving \nECDH or ECDHE cipher suites, used an incorrect modular reduction \nalgorithm in its implementation of the P-256 and P-384 NIST elliptic \ncurves. This could allow a remote attacker to obtain the private \nkey of a TLS server via multiple handshake attempts. This issue only \naffected Ubuntu 8.04 LTS. (CVE-2011-4354)\n\nAdam Langley discovered that the SSL 3.0 implementation in OpenSSL \ndid not properly initialize data structures for block cipher \npadding. This could allow a remote attacker to obtain sensitive \ninformation. (CVE-2011-4576)\n\nAndrew Chi discovered that OpenSSL, when RFC 3779 support is enabled, \ncould trigger an assert when handling an X.509 certificate containing \ncertificate-extension data associated with IP address blocks or \nAutonomous System (AS) identifiers. This could allow a remote attacker \nto cause a denial of service. (CVE-2011-4577)\n\nAdam Langley discovered that the Server Gated Cryptography (SGC) \nimplementation in OpenSSL did not properly handle handshake \nrestarts. This could allow a remote attacker to cause a denial of \nservice. (CVE-2011-4619)\n\nAndrey Kulikov discovered that the GOST block cipher engine in OpenSSL \ndid not properly handle invalid parameters. This could allow a remote \nattacker to cause a denial of service via crafted data from a TLS \nclient. This issue only affected Ubuntu 11.10. (CVE-2012-0027)\n", "cvss3": {}, "published": "2012-02-09T00:00:00", "type": "ubuntu", "title": "OpenSSL vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1945", "CVE-2011-3210", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4354", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2012-0050"], "modified": "2012-02-09T00:00:00", "id": "USN-1357-1", "href": "https://ubuntu.com/security/notices/USN-1357-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2023-05-26T15:08:32", "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. \n\n### Description\n\nOssi Herrala and Jukka Taimisto of Codenomicon discovered two vulnerabilities: \n\n * A double free() call in the TLS server name extension (CVE-2008-0891). \n * The OpenSSL client code does not properly handle servers that omit the Server Key Exchange message in the TLS handshake (CVE-2008-1672). \n\n### Impact\n\nA remote attacker could connect to a vulnerable server, or entice a daemon to connect to a malicious server, causing a Denial of Service of the daemon in both cases. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll OpenSSL users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-0.9.8g-r2\"", "cvss3": {}, "published": "2008-06-23T00:00:00", "type": "gentoo", "title": "OpenSSL: Denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2008-06-23T00:00:00", "id": "GLSA-200806-08", "href": "https://security.gentoo.org/glsa/200806-08", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "slackware": [{"lastseen": "2023-05-26T14:54:22", "description": "New openssl packages are available for Slackware 11.0, 12.0, 12.1, and -current\nto fix security issues.\n\nMore details about this issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n https://vulners.com/cve/CVE-2008-0891\n https://vulners.com/cve/CVE-2008-1672\n\nUpgraded OpenSSH packages have been provided to make sure that ssh is not\nbroken my the update -- especially if your machine is a remote one, be SURE\nto upgrade to the new openssh package as well!\n\n\nHere are the details from the Slackware 12.1 ChangeLog:\n\npatches/packages/openssl-0.9.8h-i486-1_slack12.1.tgz:\n Upgraded to OpenSSL 0.9.8h.\n The Codenomicon TLS test suite uncovered security bugs in OpenSSL.\n If OpenSSL was compiled using non-default options (Slackware's package\n is not), then a malicious packet could cause a crash. Also, a malformed\n TLS handshake could also lead to a crash.\n For more information, see:\n https://vulners.com/cve/CVE-2008-0891\n https://vulners.com/cve/CVE-2008-1672\n When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or\n it is possible to be unable to log back into sshd!\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-solibs-0.9.8h-i486-1_slack11.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-0.9.8h-i486-1_slack11.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssh-5.1p1-i486-1_slack11.0.tgz\n\nUpdated packages for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-solibs-0.9.8h-i486-1_slack12.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-0.9.8h-i486-1_slack12.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssh-5.1p1-i486-1_slack12.0.tgz\n\nUpdated packages for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-solibs-0.9.8h-i486-1_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-0.9.8h-i486-1_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssh-5.1p1-i486-1_slack12.1.tgz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-0.9.8h-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-0.9.8h-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-5.1p1-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 11.0 packages:\n8ee9a3b3366a29a84b7314fb40a7c808 openssl-0.9.8h-i486-1_slack11.0.tgz\n863b5deeffd7eb58ef41b1b49759bff5 openssl-solibs-0.9.8h-i486-1_slack11.0.tgz\n617456c059e8d7761de7e3c92ee5e473 openssh-5.1p1-i486-1_slack11.0.tgz\n\nSlackware 12.0 packages:\nae721f8dd900c930d6c2e27581f577a9 openssl-0.9.8h-i486-1_slack12.0.tgz\n30271692b6253c5dc733c80a986d13d1 openssl-solibs-0.9.8h-i486-1_slack12.0.tgz\n5fd2eae44bf0d311bdfebb930790ab88 openssh-5.1p1-i486-1_slack12.0.tgz\n\nSlackware 12.1 packages:\ncb3674edf80bfabe23a1901f9eecea09 openssl-0.9.8h-i486-1_slack12.1.tgz\ndc0df15982723244c920417d5fa9c15a openssl-solibs-0.9.8h-i486-1_slack12.1.tgz\n0684a119d56721053e1f57b06692642d openssh-5.1p1-i486-1_slack12.1.tgz\n\nSlackware -current packages:\nb72f7a417b524f06f8443ea9a13b58ca openssl-0.9.8h-i486-1.tgz\nfa6658aabc7ab02736a01e511b9cc9ec openssl-solibs-0.9.8h-i486-1.tgz\n97d4828d0b5d88b16d83d7265a54f9de openssh-5.1p1-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-0.9.8h-i486-1_slack12.1.tgz openssl-solibs-0.9.8h-i486-1_slack12.1.tgz openssh-5.1p1-i486-1_slack12.1.tgz\n\nThen, restart sshd if you use it:\nsh /etc/rc.d/rc.sshd restart", "cvss3": {}, "published": "2008-07-29T05:33:50", "type": "slackware", "title": "[slackware-security] openssl", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891", "CVE-2008-1672"], "modified": "2008-07-29T05:33:50", "id": "SSA-2008-210-08", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562004", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2016-09-26T17:23:05", "description": "Recommended action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "cvss3": {}, "published": "2014-07-17T00:00:00", "type": "f5", "title": "SOL15427 - OpenSSL vulnerability CVE-2011-4354", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4354"], "modified": "2014-07-17T00:00:00", "id": "SOL15427", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15427.html", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-26T17:22:58", "description": "Recommended action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {}, "published": "2014-06-23T00:00:00", "type": "f5", "title": "SOL15350 - OpenSSL vulnerability CVE-2008-1672", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1672"], "modified": "2014-06-23T00:00:00", "id": "SOL15350", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15350.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-11-09T00:09:28", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "f5", "title": "SOL17454 - OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2131", "CVE-2005-2946", "CVE-2008-0891", "CVE-2012-2110"], "modified": "2016-07-25T00:00:00", "id": "SOL17454", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/400/sol17454.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T08:16:40", "description": "\nF5 Product Development has assigned ID 552900 to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| \nNone| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 \n11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| Non\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {}, "published": "2015-10-17T01:26:00", "type": "f5", "title": "OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2131", "CVE-2005-2946", "CVE-2008-0891", "CVE-2012-2110"], "modified": "2017-03-14T22:05:00", "id": "F5:K17454", "href": "https://support.f5.com/csp/article/K17454", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debiancve": [{"lastseen": "2023-05-26T14:33:14", "description": "crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.", "cvss3": {}, "published": "2012-01-27T00:55:00", "type": "debiancve", "title": "CVE-2011-4354", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4354"], "modified": "2012-01-27T00:55:00", "id": "DEBIANCVE:CVE-2011-4354", "href": "https://security-tracker.debian.org/tracker/CVE-2011-4354", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-26T14:33:14", "description": "OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses \"particular cipher suites,\" which triggers a NULL pointer dereference.", "cvss3": {}, "published": "2008-05-29T16:32:00", "type": "debiancve", "title": "CVE-2008-1672", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1672"], "modified": "2008-05-29T16:32:00", "id": "DEBIANCVE:CVE-2008-1672", "href": "https://security-tracker.debian.org/tracker/CVE-2008-1672", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-26T14:33:14", "description": "Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.", "cvss3": {}, "published": "2008-05-29T16:32:00", "type": "debiancve", "title": "CVE-2008-0891", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891"], "modified": "2008-05-29T16:32:00", "id": "DEBIANCVE:CVE-2008-0891", "href": "https://security-tracker.debian.org/tracker/CVE-2008-0891", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2023-05-26T14:45:36", "description": "crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used\nin stunnel and other products, in certain circumstances involving ECDH or\nECDHE cipher suites, uses an incorrect modular reduction algorithm in its\nimplementation of the P-256 and P-384 NIST elliptic curves, which allows\nremote attackers to obtain the private key of a TLS server via multiple\nhandshake attempts.", "cvss3": {}, "published": "2012-01-26T00:00:00", "type": "ubuntucve", "title": "CVE-2011-4354", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4354"], "modified": "2012-01-26T00:00:00", "id": "UB:CVE-2011-4354", "href": "https://ubuntu.com/security/CVE-2011-4354", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-26T14:56:36", "description": "OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of\nservice (crash) via a TLS handshake that omits the Server Key Exchange\nmessage and uses \"particular cipher suites,\" which triggers a NULL pointer\ndereference.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/bugs/235913>\n", "cvss3": {}, "published": "2008-05-29T00:00:00", "type": "ubuntucve", "title": "CVE-2008-1672", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1672"], "modified": "2008-05-29T00:00:00", "id": "UB:CVE-2008-1672", "href": "https://ubuntu.com/security/CVE-2008-1672", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-26T14:56:36", "description": "Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server\nname extensions are enabled, allows remote attackers to cause a denial of\nservice (crash) via a malformed Client Hello packet. NOTE: some of these\ndetails are obtained from third party information.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/bugs/235913>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[kees](<https://launchpad.net/~kees>) | I don't think we're compile with this option at all? \n[jdstrand](<https://launchpad.net/~jdstrand>) | tlsext not enabled until 0.9.8g-5, so this is negligible on hardy\n", "cvss3": {}, "published": "2008-05-29T00:00:00", "type": "ubuntucve", "title": "CVE-2008-0891", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891"], "modified": "2008-05-29T00:00:00", "id": "UB:CVE-2008-0891", "href": "https://ubuntu.com/security/CVE-2008-0891", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-05-26T14:10:19", "description": "crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.", "cvss3": {}, "published": "2012-01-27T00:55:00", "type": "cve", "title": "CVE-2011-4354", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4354"], "modified": "2012-11-06T05:03:00", "cpe": ["cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.8c"], "id": "CVE-2011-4354", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4354", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:x86:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-05-26T14:02:30", "description": "OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses \"particular cipher suites,\" which triggers a NULL pointer dereference.", "cvss3": {}, "published": "2008-05-29T16:32:00", "type": "cve", "title": "CVE-2008-1672", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1672"], "modified": "2022-02-02T15:03:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:8.04", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8f"], "id": "CVE-2008-1672", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1672", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-26T14:00:28", "description": "Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.", "cvss3": {}, "published": "2008-05-29T16:32:00", "type": "cve", "title": "CVE-2008-0891", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891"], "modified": "2023-02-13T02:18:00", "cpe": ["cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8f"], "id": "CVE-2008-0891", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0891", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*"]}], "cert": [{"lastseen": "2023-05-26T14:38:29", "description": "### Overview\n\nA vulnerability exists in OpenSSL that may allow a remote attacker to cause a denial of service.\n\n### Description\n\nOpenSSL contains a vulnerability in the way specially crafted TLS handshake packets are handled that may result in a denial of service. According to [OpenSSL Security Advisory [28-Mar-2008]](<http://www.openssl.org/news/secadv_20080528.txt>):\n\n... if the 'Server Key exchange message' is omitted from a TLS handshake in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a malicious server with particular cipher suites, the server could cause the client to crash. \n \nNote that this issue may affect OpenSSL versions prior to 0.9.8h. \n \n--- \n \n### Impact\n\nA remote, unauthorized attacker may be able to cause a denial of service. \n \n--- \n \n### Solution\n\n**Upgrade or Apply Patch** \nOpenSSL has issued an upgrade and a patch to address this issue. See [OpenSSL Security Advisory [28-Mar-2008]](<http://www.openssl.org/news/secadv_20080528.txt>) for more information. OpenSSL is included in various Linux and UNIX distributions. Please consult the relevant documentation of your distribution to obtain the appropriate updates. \n \n--- \n \n### Vendor Information\n\n520586\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### OpenSSL __ Affected\n\nUpdated: May 30, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nOpenSSL has issued an upgrade and a patch to address this issue. See [OpenSSL Security Advisory [28-Mar-2008]](<http://www.openssl.org/news/secadv_20080528.txt>) for more information.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23520586 Feedback>).\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n * <http://www.securityfocus.com/bid/29405>\n * <http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html>\n * <http://secunia.com/advisories/30405/>\n * <http://www.openssl.org/news/secadv_20080528.txt>\n\n### Acknowledgements\n\nThis issue was reported in OpenSSL Security Advisory [28-Mar-2008]. OpenSSL credits Codenomicon for reporting these issues.\n\nThis document was written by Chris Taschner.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2008-1672](<http://web.nvd.nist.gov/vuln/detail/CVE-2008-1672>) \n---|--- \n**Severity Metric:** | 14.70 \n**Date Public:** | 2008-05-28 \n**Date First Published:** | 2008-05-30 \n**Date Last Updated: ** | 2008-05-30 17:37 UTC \n**Document Revision: ** | 10 \n", "cvss3": {}, "published": "2008-05-30T00:00:00", "type": "cert", "title": "OpenSSL TLS handshake Denial of Service", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1672"], "modified": "2008-05-30T17:37:00", "id": "VU:520586", "href": "https://www.kb.cert.org/vuls/id/520586", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-26T14:38:29", "description": "### Overview\n\nA vulnerability exists in OpenSSL that may allow a remote attacker to cause a denial of service.\n\n### Description\n\nOpenSSL contains a vulnerability in the way server name extension data is handled that may result in a denial of service. According to [OpenSSL Security Advisory [28-Mar-2008]](<http://www.openssl.org/news/secadv_20080528.txt>):\n\n_If OpenSSL has been compiled using the non-default TLS server name extensions, a remote attacker could send a carefully crafted packet to a server application using OpenSSL and cause it to crash._ \n \nNote that this issue may affect OpenSSL versions prior to 0.9.8h. \n \n--- \n \n### Impact\n\nA remote, unauthorized attacker may be able to cause a denial of service. \n \n--- \n \n### Solution\n\n**Upgrade or Apply Patch** \nOpenSSL has issued an upgrade and a patch to address this issue. See [OpenSSL Security Advisory [28-Mar-2008]](<http://www.openssl.org/news/secadv_20080528.txt>) for more information. OpenSSL is included in various Linux and UNIX distributions. Please consult the relevant documentation of your distribution to obtain the appropriate updates.. \n \n--- \n \n### Vendor Information\n\n661475\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### OpenSSL __ Affected\n\nUpdated: May 30, 2008 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to [OpenSSL Security Advisory [28-Mar-2008]](<http://www.openssl.org/news/secadv_20080528.txt>) for more information.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23661475 Feedback>).\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 0 | AV:--/AC:--/Au:--/C:--/I:--/A:-- \nTemporal | 0 | E:ND/RL:ND/RC:ND \nEnvironmental | 0 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * <http://www.securityfocus.com/bid/29405>\n * <http://cert.fi/haavoittuvuudet/2008/advisory-openssl.html>\n * <http://secunia.com/advisories/30405/>\n * <http://www.openssl.org/news/secadv_20080528.txt>\n\n### Acknowledgements\n\nThis issue was reported in OpenSSL Security Advisory [28-Mar-2008]. OpenSSL credits Codenomicon for reporting these issues.\n\nThis document was written by Chris Taschner.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2008-0891](<http://web.nvd.nist.gov/vuln/detail/CVE-2008-0891>) \n---|--- \n**Severity Metric:** | 14.88 \n**Date Public:** | 2008-05-28 \n**Date First Published:** | 2008-05-30 \n**Date Last Updated: ** | 2008-05-30 15:35 UTC \n**Document Revision: ** | 9 \n", "cvss3": {}, "published": "2008-05-30T00:00:00", "type": "cert", "title": "OpenSSL Server Name extension Denial of Service", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891"], "modified": "2008-05-30T15:35:00", "id": "VU:661475", "href": "https://www.kb.cert.org/vuls/id/661475", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "openssl": [{"lastseen": "2023-05-26T15:01:13", "description": " Testing using the Codenomicon TLS test suite discovered a flaw if the 'Server Key exchange message' is omitted from a TLS handshake in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a malicious server with particular cipher suites, the server could cause the client to crash.\n", "cvss3": {}, "published": "2008-05-28T00:00:00", "type": "openssl", "title": "Vulnerability in OpenSSL CVE-2008-1672", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1672"], "modified": "2008-05-28T00:00:00", "id": "OPENSSL:CVE-2008-1672", "href": "https://www.openssl.org/news/secadv/20080528.txt", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-26T15:01:13", "description": " Testing using the Codenomicon TLS test suite discovered a flaw in the handling of server name extension data in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If OpenSSL has been compiled using the non-default TLS server name extensions, a remote attacker could send a carefully crafted packet to a server application using OpenSSL and cause it to crash.\n", "cvss3": {}, "published": "2008-05-28T00:00:00", "type": "openssl", "title": "Vulnerability in OpenSSL CVE-2008-0891", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0891"], "modified": "2008-05-28T00:00:00", "id": "OPENSSL:CVE-2008-0891", "href": "https://www.openssl.org/news/secadv/20080528.txt", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:35:28", "description": "OpenSSL was updated to fix the following security vulnerabilities:\n\n * SSL/TLS MITM vulnerability. (CVE-2014-0224)\n * ECC private key can leak on 32 bit platforms. (CVE-2011-4354)\n\n Further information can be found at\n <a rel=\"nofollow\" href=\"http://www.openssl.org/news/secadv_20140605.txt\">http://www.openssl.org/news/secadv_20140605.txt</a>\n <<a rel=\"nofollow\" href=\"http://www.openssl.org/news/secadv_20140605.txt\">http://www.openssl.org/news/secadv_20140605.txt</a>> .\n\n Security Issues references:\n\n * CVE-2014-0224\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224</a>>\n * CVE-2011-4354\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4354\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4354</a>>\n\n\n", "cvss3": {}, "published": "2014-06-07T00:04:15", "type": "suse", "title": "Security update for OpenSSL (critical)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-0224", "CVE-2011-4354"], "modified": "2014-06-07T00:04:15", "id": "SUSE-SU-2014:0768-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00011.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osv": [{"lastseen": "2022-08-10T07:08:54", "description": "\nSeveral vulnerabilities were discovered in OpenSSL, an implementation\nof TLS and related protocols. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\n\n* [CVE-2011-4108](https://security-tracker.debian.org/tracker/CVE-2011-4108)\nThe DTLS implementation performs a MAC check only if certain\n padding is valid, which makes it easier for remote attackers\n to recover plaintext via a padding oracle attack.\n* [CVE-2011-4109](https://security-tracker.debian.org/tracker/CVE-2011-4109)\nA double free vulnerability when X509\\_V\\_FLAG\\_POLICY\\_CHECK is\n enabled, allows remote attackers to cause applications crashes\n and potentially allow execution of arbitrary code by\n triggering failure of a policy check.\n* [CVE-2011-4354](https://security-tracker.debian.org/tracker/CVE-2011-4354)\nOn 32-bit systems, the operations on NIST elliptic curves\n P-256 and P-384 are not correctly implemented, potentially\n leaking the private ECC key of a TLS server. (Regular\n RSA-based keys are not affected by this vulnerability.)\n* [CVE-2011-4576](https://security-tracker.debian.org/tracker/CVE-2011-4576)\nThe SSL 3.0 implementation does not properly initialize data\n structures for block cipher padding, which might allow remote\n attackers to obtain sensitive information by decrypting the\n padding data sent by an SSL peer.\n* [CVE-2011-4619](https://security-tracker.debian.org/tracker/CVE-2011-4619)\nThe Server Gated Cryptography (SGC) implementation in OpenSSL\n does not properly handle handshake restarts, unnecessarily\n simplifying CPU exhaustion attacks.\n\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.9.8g-15+lenny15.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze5.\n\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 1.0.0f-1.\n\n\nWe recommend that you upgrade your openssl packages.\n\n\n", "cvss3": {}, "published": "2012-01-15T00:00:00", "type": "osv", "title": "openssl - several", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4354", "CVE-2011-4109"], "modified": "2022-08-10T07:08:50", "id": "OSV:DSA-2390-1", "href": "https://osv.dev/vulnerability/DSA-2390-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2023-04-29T16:53:55", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2390-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 15, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-4108 CVE-2011-4109 CVE-2011-4354\n CVE-2011-4576 CVE-2011-4619\n\nSeveral vulnerabilities were discovered in OpenSSL, an implementation\nof TLS and related protocols. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\nCVE-2011-4108\n\tThe DTLS implementation performs a MAC check only if certain\n\tpadding is valid, which makes it easier for remote attackers\n\tto recover plaintext via a padding oracle attack.\n\nCVE-2011-4109 \n\tA double free vulnerability when X509_V_FLAG_POLICY_CHECK is\n\tenabled, allows remote attackers to cause applications crashes\n\tand potentially allow execution of arbitrary code by\n\ttriggering failure of a policy check.\n\nCVE-2011-4354\n\tOn 32-bit systems, the operations on NIST elliptic curves\n\tP-256 and P-384 are not correctly implemented, potentially\n\tleaking the private ECC key of a TLS server. (Regular\n\tRSA-based keys are not affected by this vulnerability.)\n\nCVE-2011-4576\n\tThe SSL 3.0 implementation does not properly initialize data\n\tstructures for block cipher padding, which might allow remote\n\tattackers to obtain sensitive information by decrypting the\n\tpadding data sent by an SSL peer.\n\nCVE-2011-4619\n\tThe Server Gated Cryptography (SGC) implementation in OpenSSL\n\tdoes not properly handle handshake restarts, unnecessarily\n\tsimplifying CPU exhaustion attacks.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 0.9.8g-15+lenny15.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze5.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 1.0.0f-1.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-01-15T20:23:09", "type": "debian", "title": "[SECURITY] [DSA 2390-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4354", "CVE-2011-4576", "CVE-2011-4619"], "modified": "2012-01-15T20:23:09", "id": "DEBIAN:DSA-2390-1:7F77A", "href": "https://lists.debian.org/debian-security-announce/2012/msg00012.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:08:11", "description": "Double free(), protection bypass, information leakages, DoS conditions.", "cvss3": {}, "published": "2012-01-20T00:00:00", "type": "securityvulns", "title": "OpenSSL library multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4619", "CVE-2011-4354", "CVE-2012-0027", "CVE-2012-0050", "CVE-2011-4109"], "modified": "2012-01-20T00:00:00", "id": "SECURITYVULNS:VULN:12150", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12150", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2021-05-13T09:23:28", "description": "[1.0.1m-2.0.1]\n- update to upstream 1.0.1m\n- update to fips canister 2.0.9\n- regenerated below patches\n openssl-1.0.1-beta2-rpmbuild.patch\n openssl-1.0.1m-rhcompat.patch\n openssl-1.0.1m-ecc-suiteb.patch\n openssl-1.0.1m-fips-mode.patch\n openssl-1.0.1m-version.patch\n openssl-1.0.1m-evp-devel.patch\n[1.0.1j-2.0.4]\n- [Orabug 20182267] The openssl-fips-devel package should Provide:\n openssl-devel and openssl-devel(x86-64) like the standard -devel\n package\n- The openssl-fips-devel package should include fips.h and fips_rand.h\n for apps that want to build against FIPS* APIs\n[1.0.1j-2.0.3]\n- [Orabug 20086847] reintroduce patch openssl-1.0.1e-ecc-suiteb.patch,\n update ec_curve.c which gets copied into build tree to match the patch\n (ie only have curves which are advertised). The change items from the\n orignal patch are as follows:\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1j-2.0.2]\n- update README.FIPS with step-by-step install instructions\n[1.0.1j-2.0.1]\n- update to upstream 1.0.1j\n- change name to openssl-fips\n- change Obsoletes: openssl to Conflicts: openssl\n- add Provides: openssl\n[1.0.1i-2.0.3.fips]\n- update to fips canister 2.0.8 to remove Dual EC DRBG\n- run gcc -v so the gcc build version is captured in the build log\n[1.0.1i-2.0.2.fips]\n- flip EVP_CIPH_* flag bits for compatibility with original RH patched pkg\n[1.0.1i-2.0.1.fips]\n- build against upstream 1.0.1i\n- build against fips validated canister 2.0.7\n- add patch to support fips=1\n- rename pkg to openssl-fips and Obsolete openssl\n[1.0.1e-16.14]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-16.7]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-16.4]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-16.3]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-16.2]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-16.1]\n- add back some no-op symbols that were inadvertently dropped\n[1.0.1e-16]\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1e-15]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n[1.0.1e-14]\n- installation of dracut-fips marks that the FIPS module is installed\n[1.0.1e-13]\n- avoid dlopening libssl.so from libcrypto\n[1.0.1e-12]\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-11]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n[1.0.1e-9]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-8]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-7]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-6]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-5]\n- use _prefix macro\n[1.0.1e-4]\n- add relro linking flag\n[1.0.1e-2]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-1]\n- rebase to the 1.0.1e upstream version\n[1.0.0-28]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)\n[1.0.0-27]\n- fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645)\n- drop superfluous lib64 fixup in pkgconfig .pc files (#770872)\n- force BIO_accept_new(*:\n) to listen on IPv4\n[1.0.0-26]\n- use PKCS#8 when writing private keys in FIPS mode as the old\n PEM encryption mode is not FIPS compatible (#812348)\n[1.0.0-25]\n- fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n- properly initialize tkeylen in the CVE-2012-0884 fix\n[1.0.0-24]\n- fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)\n[1.0.0-23]\n- fix problem with the SGC restart patch that might terminate handshake\n incorrectly\n- fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n- fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n[1.0.0-22]\n- fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes\n[1.0.0-21]\n- fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery\n vulnerability and additional DTLS fixes (#771770)\n- fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n- fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778)\n- fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n[1.0.0-20]\n- fix x86cpuid.pl - patch by Paolo Bonzini\n[1.0.0-19]\n- add known answer test for SHA2 algorithms\n[1.0.0-18]\n- fix missing initialization of a variable in the CHIL engine (#740188)\n[1.0.0-17]\n- initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207\n (#736087)\n[1.0.0-16]\n- merge the optimizations for AES-NI, SHA1, and RC4 from the intelx\n engine to the internal implementations\n[1.0.0-15]\n- better documentation of the available digests in apps (#693858)\n- backported CHIL engine fixes (#693863)\n- allow testing build without downstream patches (#708511)\n- enable partial RELRO when linking (#723994)\n- add intelx engine with improved performance on new Intel CPUs\n- add OPENSSL_DISABLE_AES_NI environment variable which disables\n the AES-NI support (does not affect the intelx engine)\n[1.0.0-14]\n- use the AES-NI engine in the FIPS mode\n[1.0.0-11]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document\n[1.0.0-8]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0-7]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers (#619762)\n[1.0.0-6]\n- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864\n (#649304)\n[1.0.0-5]\n- fix race in extension parsing code - CVE-2010-3864 (#649304)\n[1.0.0-4]\n- openssl man page fix (#609484)\n[1.0.0-3]\n- fix wrong ASN.1 definition of OriginatorInfo - CVE-2010-0742 (#598738)\n- fix information leak in rsa_verify_recover - CVE-2010-1633 (#598732)\n[1.0.0-2]\n- make CA dir readable - the private keys are in private subdir (#584810)\n- a few fixes from upstream CVS\n- make X509_NAME_hash_old work in FIPS mode (#568395)\n[1.0.0-1]\n- update to final 1.0.0 upstream release\n[1.0.0-0.22.beta5]\n- make TLS work in the FIPS mode\n[1.0.0-0.21.beta5]\n- gracefully handle zero length in assembler implementations of\n OPENSSL_cleanse (#564029)\n- do not fail in s_server if client hostname not resolvable (#561260)\n[1.0.0-0.20.beta5]\n- new upstream release\n[1.0.0-0.19.beta4]\n- fix CVE-2009-4355 - leak in applications incorrectly calling\n CRYPTO_free_all_ex_data() before application exit (#546707)\n- upstream fix for future TLS protocol version handling\n[1.0.0-0.18.beta4]\n- add support for Intel AES-NI\n[1.0.0-0.17.beta4]\n- upstream fix compression handling on session resumption\n- various null checks and other small fixes from upstream\n- upstream changes for the renegotiation info according to the latest draft\n[1.0.0-0.16.beta4]\n- fix non-fips mingw build (patch by Kalev Lember)\n- add IPV6 fix for DTLS\n[1.0.0-0.15.beta4]\n- add better error reporting for the unsafe renegotiation\n[1.0.0-0.14.beta4]\n- fix build on s390x\n[1.0.0-0.13.beta4]\n- disable enforcement of the renegotiation extension on the client (#537962)\n- add fixes from the current upstream snapshot\n[1.0.0-0.12.beta4]\n- keep the beta status in version number at 3 so we do not have to rebuild\n openssh and possibly other dependencies with too strict version check\n[1.0.0-0.11.beta4]\n- update to new upstream version, no soname bump needed\n- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used\n so the compatibility with unfixed clients is not broken. The\n protocol extension is also not final.\n[1.0.0-0.10.beta3]\n- fix use of freed memory if SSL_CTX_free() is called before\n SSL_free() (#521342)\n[1.0.0-0.9.beta3]\n- fix typo in DTLS1 code (#527015)\n- fix leak in error handling of d2i_SSL_SESSION()\n[1.0.0-0.8.beta3]\n- fix RSA and DSA FIPS selftests\n- reenable fixed x86_64 camellia assembler code (#521127)\n[1.0.0-0.7.beta3]\n- temporarily disable x86_64 camellia assembler code (#521127)\n[1.0.0-0.6.beta3]\n- fix openssl dgst -dss1 (#520152)\n[1.0.0-0.5.beta3]\n- drop the compat symlink hacks\n[1.0.0-0.4.beta3]\n- constify SSL_CIPHER_description()\n[1.0.0-0.3.beta3]\n- fix WWW:Curl:Easy reference in tsget\n[1.0.0-0.2.beta3]\n- enable MD-2\n[1.0.0-0.1.beta3]\n- update to new major upstream release\n[0.9.8k-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Wed Jul 22 2009 Bill Nottingham \n- do not build special 'optimized' versions for i686, as that's the base\n arch in Fedora now\n[0.9.8k-6]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n- make CA dir absolute path (#445344)\n- change default length for RSA key generation to 2048 (#484101)\n[0.9.8k-5]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8k-4]\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n[0.9.8k-3]\n- correct the SHLIB_VERSION define\n[0.9.8k-2]\n- add support for multiple CRLs with same subject\n- load only dynamic engine support in FIPS mode\n[0.9.8k-1]\n- update to new upstream release (minor bug fixes, security\n fixes and machine code optimizations only)\n[0.9.8j-10]\n- move libraries to /usr/lib (#239375)\n[0.9.8j-9]\n- add a static subpackage\n[0.9.8j-8]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n[0.9.8j-7]\n- must also verify checksum of libssl.so in the FIPS mode\n- obtain the seed for FIPS rng directly from the kernel device\n- drop the temporary symlinks\n[0.9.8j-6]\n- drop the temporary triggerpostun and symlinking in post\n- fix the pkgconfig files and drop the unnecessary buildrequires\n on pkgconfig as it is a rpmbuild dependency (#481419)\n[0.9.8j-5]\n- add temporary triggerpostun to reinstate the symlinks\n[0.9.8j-4]\n- no pairwise key tests in non-fips mode (#479817)\n[0.9.8j-3]\n- even more robust test for the temporary symlinks\n[0.9.8j-2]\n- try to ensure the temporary symlinks exist\n[0.9.8j-1]\n- new upstream version with necessary soname bump (#455753)\n- temporarily provide symlink to old soname to make it possible to rebuild\n the dependent packages in rawhide\n- add eap-fast support (#428181)\n- add possibility to disable zlib by setting\n- add fips mode support for testing purposes\n- do not null dereference on some invalid smime files\n- add buildrequires pkgconfig (#479493)\n[0.9.8g-11]\n- do not add tls extensions to server hello for SSLv3 either\n[0.9.8g-10]\n- move root CA bundle to ca-certificates package\n[0.9.8g-9]\n- fix CVE-2008-0891 - server name extension crash (#448492)\n- fix CVE-2008-1672 - server key exchange message omit crash (#448495)\n[0.9.8g-8]\n- super-H arch support\n- drop workaround for bug 199604 as it should be fixed in gcc-4.3\n[0.9.8g-7]\n- sparc handling\n[0.9.8g-6]\n- update to new root CA bundle from mozilla.org (r1.45)\n[0.9.8g-5]\n- Autorebuild for GCC 4.3\n[0.9.8g-4]\n- merge review fixes (#226220)\n- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846)\n[0.9.8g-3]\n- set default paths when no explicit paths are set (#418771)\n- do not add tls extensions to client hello for SSLv3 (#422081)\n[0.9.8g-2]\n- enable some new crypto algorithms and features\n- add some more important bug fixes from openssl CVS\n[0.9.8g-1]\n- update to latest upstream release, SONAME bumped to 7\n[0.9.8b-17]\n- update to new CA bundle from mozilla.org\n[0.9.8b-16]\n- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)\n- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)\n- add alpha sub-archs (#296031)\n[0.9.8b-15]\n- rebuild\n[0.9.8b-14]\n- use localhost in testsuite, hopefully fixes slow build in koji\n- CVE-2007-3108 - fix side channel attack on private keys (#250577)\n- make ssl session cache id matching strict (#233599)\n[0.9.8b-13]\n- allow building on ARM architectures (#245417)\n- use reference timestamps to prevent multilib conflicts (#218064)\n- -devel package must require pkgconfig (#241031)\n[0.9.8b-12]\n- detect duplicates in add_dir properly (#206346)\n[0.9.8b-11]\n- the previous change still didn't make X509_NAME_cmp transitive\n[0.9.8b-10]\n- make X509_NAME_cmp transitive otherwise certificate lookup\n is broken (#216050)\n[0.9.8b-9]\n- aliasing bug in engine loading, patch by IBM (#213216)\n[0.9.8b-8]\n- CVE-2006-2940 fix was incorrect (#208744)\n[0.9.8b-7]\n- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n- fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n- fix CVE-2006-4343 - sslv2 client DoS (#206940)\n[0.9.8b-6]\n- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n[0.9.8b-5]\n- set buffering to none on stdio/stdout FILE when bufsize is set (#200580)\n patch by IBM\n[0.9.8b-4.1]\n- rebuild with new binutils (#200330)\n[0.9.8b-4]\n- add a temporary workaround for sha512 test failure on s390 (#199604)\n* Thu Jul 20 2006 Tomas Mraz \n- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737)\n- add patches for BN threadsafety, AES cache collision attack hazard fix and\n pkcs7 code memleak fix from upstream CVS\n[0.9.8b-3.1]\n- rebuild\n[0.9.8b-3]\n- dropped libica and ica engine from build\n* Wed Jun 21 2006 Joe Orton \n- update to new CA bundle from mozilla.org; adds CA certificates\n from netlock.hu and startcom.org\n[0.9.8b-2]\n- fixed a few rpmlint warnings\n- better fix for #173399 from upstream\n- upstream fix for pkcs12\n[0.9.8b-1]\n- upgrade to new version, stays ABI compatible\n- there is no more linux/config.h (it was empty anyway)\n[0.9.8a-6]\n- fix stale open handles in libica (#177155)\n- fix build if 'rand' or 'passwd' in buildroot path (#178782)\n- initialize VIA Padlock engine (#186857)\n[0.9.8a-5.2]\n- bump again for double-long bug on ppc(64)\n[0.9.8a-5.1]\n- rebuilt for new gcc4.1 snapshot and glibc changes\n[0.9.8a-5]\n- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n in SSL_OP_ALL (#175779)\n* Fri Dec 09 2005 Jesse Keating \n- rebuilt\n[0.9.8a-4]\n- fix build (-lcrypto was erroneusly dropped) of the updated libica\n- updated ICA engine to 1.3.6-rc3\n[0.9.8a-3]\n- disable builtin compression methods for now until they work\n properly (#173399)\n[0.9.8a-2]\n- don't set -rpath for openssl binary\n[0.9.8a-1]\n- new upstream version\n- patches partially renumbered\n[0.9.7f-11]\n- updated IBM ICA engine library and patch to latest upstream version\n[0.9.7f-10]\n- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which\n disables the countermeasure against man in the middle attack in SSLv2\n (#169863)\n- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)\n[0.9.7f-9]\n- add *.so.soversion as symlinks in /lib (#165264)\n- remove unpackaged symlinks (#159595)\n- fixes from upstream (constant time fixes for DSA,\n bn assembler div on ppc arch, initialize memory on realloc)\n[0.9.7f-8]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7f-7]\n- fix CAN-2005-0109 - use constant time/memory access mod_exp\n so bits of private key aren't leaked by cache eviction (#157631)\n- a few more fixes from upstream 0.9.7g\n[0.9.7f-6]\n- use poll instead of select in rand (#128285)\n- fix Makefile.certificate to point to /etc/pki/tls\n- change the default string mask in ASN1 to PrintableString+UTF8String\n[0.9.7f-5]\n- update to revision 1.37 of Mozilla CA bundle\n[0.9.7f-4]\n- move certificates to _sysconfdir/pki/tls (#143392)\n- move CA directories to _sysconfdir/pki/CA\n- patch the CA script and the default config so it points to the\n CA directories\n[0.9.7f-3]\n- uninitialized variable mustn't be used as input in inline\n assembly\n- reenable the x86_64 assembly again\n[0.9.7f-2]\n- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken\n- disable broken bignum assembly on x86_64\n[0.9.7f-1]\n- reenable optimizations on ppc64 and assembly code on ia64\n- upgrade to new upstream version (no soname bump needed)\n- disable thread test - it was testing the backport of the\n RSA blinding - no longer needed\n- added support for changing serial number to\n Makefile.certificate (#151188)\n- make ca-bundle.crt a config file (#118903)\n[0.9.7e-3]\n- libcrypto shouldn't depend on libkrb5 (#135961)\n[0.9.7e-2]\n- rebuild\n[0.9.7e-1]\n- new upstream source, updated patches\n- added patch so we are hopefully ABI compatible with upcoming\n 0.9.7f\n* Thu Feb 10 2005 Tomas Mraz \n- Support UTF-8 charset in the Makefile.certificate (#134944)\n- Added cmp to BuildPrereq\n[0.9.7a-46]\n- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32)\n[0.9.7a-45]\n- Fixed and updated libica-1.3.4-urandom.patch patch (#122967)\n[0.9.7a-44]\n- rebuild\n[0.9.7a-43]\n- rebuild\n[0.9.7a-42]\n- rebuild\n[0.9.7a-41]\n- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040)\n[0.9.7a-40]\n- Include latest libica version with important bugfixes\n* Tue Jun 15 2004 Elliot Lee \n- rebuilt\n[0.9.7a-38]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7a-37]\n- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik)\n[0.9.7a-36]\n- handle %{_arch}=i486/i586/i686/athlon cases in the intermediate\n header (#124303)\n[0.9.7a-35]\n- add security fixes for CAN-2004-0079, CAN-2004-0112\n* Tue Mar 16 2004 Phil Knirsch \n- Fixed libica filespec.\n[0.9.7a-34]\n- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix\n the intermediate header\n[0.9.7a-33]\n- add an intermediate \n which points to the right\n arch-specific opensslconf.h on multilib arches\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[0.9.7a-32]\n- Updated libica to latest upstream version 1.3.5.\n[0.9.7a-31]\n- Update ICA crypto engine patch from IBM to latest version.\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[0.9.7a-29]\n- rebuilt\n[0.9.7a-28]\n- Fixed libica build.\n* Wed Feb 04 2004 Nalin Dahyabhai \n- add '-ldl' to link flags added for Linux-on-ARM (#99313)\n[0.9.7a-27]\n- updated ca-bundle.crt: removed expired GeoTrust roots, added\n freessl.com root, removed trustcenter.de Class 0 root\n[0.9.7a-26]\n- Fix link line for libssl (bug #111154).\n[0.9.7a-25]\n- add dependency on zlib-devel for the -devel package, which depends on zlib\n symbols because we enable zlib for libssl (#102962)\n[0.9.7a-24]\n- Use /dev/urandom instead of PRNG for libica.\n- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c\n- Use latest ICA engine patch from IBM.\n[0.9.7a-22.1]\n- rebuild\n[0.9.7a-22]\n- rebuild (22 wasn't actually built, fun eh?)\n[0.9.7a-23]\n- re-disable optimizations on ppc64\n* Tue Sep 30 2003 Joe Orton \n- add a_mbstr.c fix for 64-bit platforms from CVS\n[0.9.7a-22]\n- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged\n as not needing executable stacks\n[0.9.7a-21]\n- rebuild\n* Thu Sep 25 2003 Nalin Dahyabhai \n- re-enable optimizations on ppc64\n* Thu Sep 25 2003 Nalin Dahyabhai \n- remove exclusivearch\n[0.9.7a-20]\n- only parse a client cert if one was requested\n- temporarily exclusivearch for %{ix86}\n* Tue Sep 23 2003 Nalin Dahyabhai \n- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544)\n and heap corruption (CAN-2003-0545)\n- update RHNS-CA-CERT files\n- ease back on the number of threads used in the threading test\n[0.9.7a-19]\n- rebuild to fix gzipped file md5sums (#91211)\n[0.9.7a-18]\n- Updated libica to version 1.3.4.\n[0.9.7a-17]\n- rebuild\n[0.9.7a-10.9]\n- free the kssl_ctx structure when we free an SSL structure (#99066)\n[0.9.7a-16]\n- rebuild\n[0.9.7a-15]\n- lower thread test count on s390x\n[0.9.7a-14]\n- rebuild\n[0.9.7a-13]\n- disable assembly on arches where it seems to conflict with threading\n[0.9.7a-12]\n- Updated libica to latest upstream version 1.3.0\n[0.9.7a-9.9]\n- rebuild\n[0.9.7a-11]\n- rebuild\n[0.9.7a-10]\n- ubsec: don't stomp on output data which might also be input data\n[0.9.7a-9]\n- temporarily disable optimizations on ppc64\n* Mon Jun 09 2003 Nalin Dahyabhai \n- backport fix for engine-used-for-everything from 0.9.7b\n- backport fix for prng not being seeded causing problems, also from 0.9.7b\n- add a check at build-time to ensure that RSA is thread-safe\n- keep perlpath from stomping on the libica configure scripts\n* Fri Jun 06 2003 Nalin Dahyabhai \n- thread-safety fix for RSA blinding\n[0.9.7a-8]\n- rebuilt\n[0.9.7a-7]\n- Added libica-1.2 to openssl (featurerequest).\n[0.9.7a-6]\n- fix building with incorrect flags on ppc64\n[0.9.7a-5]\n- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's\n attack (CAN-2003-0131)\n[ 0.9.7a-4]\n- add patch to enable RSA blinding by default, closing a timing attack\n (CAN-2003-0147)\n[0.9.7a-3]\n- disable use of BN assembly module on x86_64, but continue to allow inline\n assembly (#83403)\n[0.9.7a-2]\n- disable EC algorithms\n[0.9.7a-1]\n- update to 0.9.7a\n[0.9.7-8]\n- add fix to guard against attempts to allocate negative amounts of memory\n- add patch for CAN-2003-0078, fixing a timing attack\n[0.9.7-7]\n- Add openssl-ppc64.patch\n[0.9.7-6]\n- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(),\n to get the right behavior when passed uninitialized context structures\n (#83766)\n- build with -mcpu=ev5 on alpha family (#83828)\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[0.9.7-4]\n- Added IBM hw crypto support patch.\n* Wed Jan 15 2003 Nalin Dahyabhai \n- add missing builddep on sed\n[0.9.7-3]\n- debloat\n- fix broken manpage symlinks\n[0.9.7-2]\n- fix double-free in 'openssl ca'\n[0.9.7-1]\n- update to 0.9.7 final\n[0.9.7-0]\n- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n* Wed Dec 11 2002 Nalin Dahyabhai \n- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n[0.9.6b-30]\n- add configuration stanza for x86_64 and use it on x86_64\n- build for linux-ppc on ppc\n- start running the self-tests again\n[0.9.6b-29hammer.3]\n- Merge fixes from previous hammer packages, including general x86-64 and\n multilib\n[0.9.6b-29]\n- rebuild\n[0.9.6b-28]\n- update asn patch to fix accidental reversal of a logic check\n[0.9.6b-27]\n- update asn patch to reduce chance that compiler optimization will remove\n one of the added tests\n[0.9.6b-26]\n- rebuild\n[0.9.6b-25]\n- add patch to fix ASN.1 vulnerabilities\n[0.9.6b-24]\n- add backport of Ben Laurie's patches for OpenSSL 0.9.6d\n[0.9.6b-23]\n- own {_datadir}/ssl/misc\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[0.9.6b-20]\n- free ride through the build system (whee!)\n[0.9.6b-19]\n- rebuild in new environment\n[0.9.6b-17, 0.9.6b-18]\n- merge RHL-specific bits into stronghold package, rename\n[stronghold-0.9.6c-2]\n- add support for Chrysalis Luna token\n* Tue Mar 26 2002 Gary Benson \n- disable AEP random number generation, other AEP fixes\n[0.9.6b-15]\n- only build subpackages on primary arches\n[0.9.6b-13]\n- on ia32, only disable use of assembler on i386\n- enable assembly on ia64\n[0.9.6b-11]\n- fix sparcv9 entry\n[stronghold-0.9.6c-1]\n- upgrade to 0.9.6c\n- bump BuildArch to i686 and enable assembler on all platforms\n- synchronise with shrimpy and rawhide\n- bump soversion to 3\n* Wed Oct 10 2001 Florian La Roche \n- delete BN_LLONG for s390x, patch from Oliver Paukstadt\n[0.9.6b-9]\n- update AEP driver patch\n* Mon Sep 10 2001 Nalin Dahyabhai \n- adjust RNG disabling patch to match version of patch from Broadcom\n[0.9.6b-8]\n- disable the RNG in the ubsec engine driver\n[0.9.6b-7]\n- tweaks to the ubsec engine driver\n[0.9.6b-6]\n- tweaks to the ubsec engine driver\n[0.9.6b-5]\n- update ubsec engine driver from Broadcom\n[0.9.6b-4]\n- move man pages back to %{_mandir}/man?/foo.?ssl from\n %{_mandir}/man?ssl/foo.?\n- add an [ engine ] section to the default configuration file\n* Thu Aug 09 2001 Nalin Dahyabhai \n- add a patch for selecting a default engine in SSL_library_init()\n[0.9.6b-3]\n- add patches for AEP hardware support\n- add patch to keep trying when we fail to load a cert from a file and\n there are more in the file\n- add missing prototype for ENGINE_ubsec() in engine_int.h\n[0.9.6b-2]\n- actually add hw_ubsec to the engine list\n* Tue Jul 17 2001 Nalin Dahyabhai \n- add in the hw_ubsec driver from CVS\n[0.9.6b-1]\n- update to 0.9.6b\n* Thu Jul 05 2001 Nalin Dahyabhai \n- move .so symlinks back to %{_libdir}\n* Tue Jul 03 2001 Nalin Dahyabhai \n- move shared libraries to /lib (#38410)\n* Mon Jun 25 2001 Nalin Dahyabhai \n- switch to engine code base\n* Mon Jun 18 2001 Nalin Dahyabhai \n- add a script for creating dummy certificates\n- move man pages from %{_mandir}/man?/foo.?ssl to %{_mandir}/man?ssl/foo.?\n* Thu Jun 07 2001 Florian La Roche \n- add s390x support\n* Fri Jun 01 2001 Nalin Dahyabhai \n- change two memcpy() calls to memmove()\n- don't define L_ENDIAN on alpha\n[stronghold-0.9.6a-1]\n- Add 'stronghold-' prefix to package names.\n- Obsolete standard openssl packages.\n* Wed May 16 2001 Joe Orton \n- Add BuildArch: i586 as per Nalin's advice.\n* Tue May 15 2001 Joe Orton \n- Enable assembler on ix86 (using new .tar.bz2 which does\n include the asm directories).\n* Tue May 15 2001 Nalin Dahyabhai \n- make subpackages depend on the main package\n* Tue May 01 2001 Nalin Dahyabhai \n- adjust the hobble script to not disturb symlinks in include/ (fix from\n Joe Orton)\n* Fri Apr 27 2001 Nalin Dahyabhai \n- drop the m2crypo patch we weren't using\n* Tue Apr 24 2001 Nalin Dahyabhai \n- configure using 'shared' as well\n* Sun Apr 08 2001 Nalin Dahyabhai \n- update to 0.9.6a\n- use the build-shared target to build shared libraries\n- bump the soversion to 2 because we're no longer compatible with\n our 0.9.5a packages or our 0.9.6 packages\n- drop the patch for making rsatest a no-op when rsa null support is used\n- put all man pages into \nssl instead of \n- break the m2crypto modules into a separate package\n* Tue Mar 13 2001 Nalin Dahyabhai \n- use BN_LLONG on s390\n* Mon Mar 12 2001 Nalin Dahyabhai \n- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)\n* Sat Mar 03 2001 Nalin Dahyabhai \n- move c_rehash to the perl subpackage, because it's a perl script now\n* Fri Mar 02 2001 Nalin Dahyabhai \n- update to 0.9.6\n- enable MD2\n- use the libcrypto.so and libssl.so targets to build shared libs with\n- bump the soversion to 1 because we're no longer compatible with any of\n the various 0.9.5a packages circulating around, which provide lib*.so.0\n* Wed Feb 28 2001 Florian La Roche \n- change hobble-openssl for disabling MD2 again\n* Tue Feb 27 2001 Nalin Dahyabhai \n- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152\n bytes or so, causing EVP_DigestInit() to zero out stack variables in\n apps built against a version of the library without it\n* Mon Feb 26 2001 Nalin Dahyabhai \n- disable some inline assembly, which on x86 is Pentium-specific\n- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)\n* Thu Feb 08 2001 Florian La Roche \n- fix s390 patch\n* Fri Dec 08 2000 Than Ngo \n- added support s390\n* Mon Nov 20 2000 Nalin Dahyabhai \n- remove -Wa,* and -m* compiler flags from the default Configure file (#20656)\n- add the CA.pl man page to the perl subpackage\n* Thu Nov 02 2000 Nalin Dahyabhai \n- always build with -mcpu=ev5 on alpha\n* Tue Oct 31 2000 Nalin Dahyabhai \n- add a symlink from cert.pem to ca-bundle.crt\n* Wed Oct 25 2000 Nalin Dahyabhai \n- add a ca-bundle file for packages like Samba to reference for CA certificates\n* Tue Oct 24 2000 Nalin Dahyabhai \n- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)\n* Mon Oct 02 2000 Nalin Dahyabhai \n- add unzip as a buildprereq (#17662)\n- update m2crypto to 0.05-snap4\n* Tue Sep 26 2000 Bill Nottingham \n- fix some issues in building when it's not installed\n* Wed Sep 06 2000 Nalin Dahyabhai \n- make sure the headers we include are the ones we built with (aaaaarrgh!)\n* Fri Sep 01 2000 Nalin Dahyabhai \n- add Richard Henderson's patch for BN on ia64\n- clean up the changelog\n* Tue Aug 29 2000 Nalin Dahyabhai \n- fix the building of python modules without openssl-devel already installed\n* Wed Aug 23 2000 Nalin Dahyabhai \n- byte-compile python extensions without the build-root\n- adjust the makefile to not remove temporary files (like .key files when\n building .csr files) by marking them as .PRECIOUS\n* Sat Aug 19 2000 Nalin Dahyabhai \n- break out python extensions into a subpackage\n* Mon Jul 17 2000 Nalin Dahyabhai \n- tweak the makefile some more\n* Tue Jul 11 2000 Nalin Dahyabhai \n- disable MD2 support\n* Thu Jul 06 2000 Nalin Dahyabhai \n- disable MDC2 support\n* Sun Jul 02 2000 Nalin Dahyabhai \n- tweak the disabling of RC5, IDEA support\n- tweak the makefile\n* Thu Jun 29 2000 Nalin Dahyabhai \n- strip binaries and libraries\n- rework certificate makefile to have the right parts for Apache\n* Wed Jun 28 2000 Nalin Dahyabhai \n- use %{_perl} instead of /usr/bin/perl\n- disable alpha until it passes its own test suite\n* Fri Jun 09 2000 Nalin Dahyabhai \n- move the passwd.1 man page out of the passwd package's way\n* Fri Jun 02 2000 Nalin Dahyabhai \n- update to 0.9.5a, modified for U.S.\n- add perl as a build-time requirement\n- move certificate makefile to another package\n- disable RC5, IDEA, RSA support\n- remove optimizations for now\n* Wed Mar 01 2000 Florian La Roche \n- Bero told me to move the Makefile into this package\n* Wed Mar 01 2000 Florian La Roche \n- add lib*.so symlinks to link dynamically against shared libs\n* Tue Feb 29 2000 Florian La Roche \n- update to 0.9.5\n- run ldconfig directly in post/postun\n- add FAQ\n* Sat Dec 18 1999 Bernhard Rosenkrdnzer \n- Fix build on non-x86 platforms\n* Fri Nov 12 1999 Bernhard Rosenkrdnzer \n- move /usr/share/ssl/* from -devel to main package\n* Tue Oct 26 1999 Bernhard Rosenkrdnzer \n- inital packaging\n- changes from base:\n - Move /usr/local/ssl to /usr/share/ssl for FHS compliance\n - handle RPM_OPT_FLAGS\nopenssl-1.0.1-beta2-rpmbuild.patch\nopenssl-0.9.8a-no-rpath.patch", "cvss3": {}, "published": "2015-04-02T00:00:00", "type": "oraclelinux", "title": "openssl-fips security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2003-0078", "CVE-2003-0131", "CVE-2003-0147", "CVE-2003-0543", "CVE-2003-0544", "CVE-2003-0545", "CVE-2004-0079", "CVE-2004-0112", "CVE-2004-0975", "CVE-2005-0109", "CVE-2005-2946", "CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-5298", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2333", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2015-04-02T00:00:00", "id": "ELSA-2015-3022", "href": "http://linux.oracle.com/errata/ELSA-2015-3022.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-30T06:24:33", "description": "[1.0.2k-16.0.1.el7_6.1]\n- Bump release for rebuild.\n[1.0.2k-16.1]\n- use SHA-256 in FIPS RSA pairwise key check\n- fix CVE-2018-5407 - EC signature local timing side-channel key extraction\n[1.0.2k-16]\n- fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA\n- fix incorrect error message on FIPS DSA parameter generation (#1603597)\n[1.0.2k-14]\n- ppc64le is not multilib architecture (#1585004)\n[1.0.2k-13]\n- add S390x assembler updates\n- make CA name list comparison function case sensitive (#1548401)\n- fix CVE-2017-3735 - possible one byte overread with X.509 IPAdressFamily\n- fix CVE-2018-0732 - large prime DH DoS of TLS client\n- fix CVE-2018-0737 - RSA key generation cache timing vulnerability\n- fix CVE-2018-0739 - stack overflow parsing recursive ASN.1 structure\n[1.0.2k-12]\n- fix CVE-2017-3737 - incorrect handling of fatal error state\n- fix CVE-2017-3738 - AVX2 Montgomery multiplication bug with 1024 bit modulus\n[1.0.2k-11]\n- fix deadlock in RNG in the FIPS mode in mariadb\n[1.0.2k-9]\n- fix CVE-2017-3736 - carry propagation bug in Montgomery multiplication\n[1.0.2k-8]\n- fix regression in openssl req -x509 command (#1450015)\n[1.0.2k-7]\n- handle incorrect size gracefully in aes_p8_cbc_encrypt()\n[1.0.2k-6]\n- allow long client hellos to be received by server\n[1.0.2k-5]\n- fix CPU features detection on new AMD processors\n[1.0.2k-4]\n- add support for additional STARTTLS protocols to s_client\n original backported patch by Robert Scheck (#1396209)\n[1.0.2k-3]\n- properly document the SSLv2 support removal\n[1.0.2k-2]\n- add PPC assembler updates\n[1.0.2k-1]\n- minor upstream release 1.0.2k fixing security issues\n[1.0.2j-2]\n- deprecate and disable verification of insecure hash algorithms\n- add support for /etc/pki/tls/legacy-settings also for minimum DH length\n accepted by SSL client\n- compare the encrypt and tweak key in XTS as required by FIPS\n[1.0.2j-1]\n- rebase to latest upstream release from the 1.0.2 branch, ABI compatible\n[1.0.1e-60]\n- fix CVE-2016-2177 - possible integer overflow\n- fix CVE-2016-2178 - non-constant time DSA operations\n- fix CVE-2016-2179 - further DoS issues in DTLS\n- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()\n- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue\n- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()\n- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check\n- fix CVE-2016-6304 - unbound memory growth with OCSP status request\n- fix CVE-2016-6306 - certificate message OOB reads\n- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to\n 112 bit effective strength\n[1.0.1e-58]\n- replace expired testing certificates\n[1.0.1e-57]\n- fix CVE-2016-2105 - possible overflow in base64 encoding\n- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()\n- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC\n- fix CVE-2016-2108 - memory corruption in ASN.1 encoder\n- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO\n[1.0.1e-56]\n- fix 1-byte memory leak in pkcs12 parse (#1312112)\n- document some options of the speed command (#1312110)\n- fix high-precision timestamps in timestamping authority\n- enable SCTP support in DTLS\n- use correct digest when exporting keying material in TLS1.2 (#1289620)\n- fix CVE-2016-0799 - memory issues in BIO_printf\n- add support for setting Kerberos service and keytab in\n s_server and s_client\n[1.0.1e-55]\n- fix CVE-2016-0702 - side channel attack on modular exponentiation\n- fix CVE-2016-0705 - double-free in DSA private key parsing\n- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn\n[1.0.1e-54]\n- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement\n- disable SSLv2 in the generic TLS method\n[1.0.1e-53]\n- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2\n[1.0.1e-52]\n- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter\n- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak\n- fix CVE-2015-3196 - race condition when handling PSK identity hint\n[1.0.1e-51]\n- fix the CVE-2015-1791 fix (broken server side renegotiation)\n[1.0.1e-50]\n- improved fix for CVE-2015-1791\n- add missing parts of CVE-2015-0209 fix for corectness although unexploitable\n[1.0.1e-49]\n- fix CVE-2014-8176 - invalid free in DTLS buffering code\n- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time\n- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent\n- fix CVE-2015-1791 - race condition handling NewSessionTicket\n- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function\n[1.0.1e-48]\n- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on\n read in multithreaded applications\n[1.0.1e-47]\n- fix CVE-2015-4000 - prevent the logjam attack on client - restrict\n the DH key size to at least 768 bits (limit will be increased in future)\n[1.0.1e-46]\n- drop the AES-GCM restriction of 2^32 operations because the IV is\n always 96 bits (32 bit fixed field + 64 bit invocation field)\n[1.0.1e-45]\n- update fix for CVE-2015-0287 to what was released upstream\n[1.0.1e-44]\n- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()\n- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison\n- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption\n- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference\n- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data\n- fix CVE-2015-0292 - integer underflow in base64 decoder\n- fix CVE-2015-0293 - triggerable assert in SSLv2 server\n[1.0.1e-43]\n- fix broken error detection when unwrapping unpadded key\n[1.0.1e-42.1]\n- fix the RFC 5649 for key material that does not need padding\n[1.0.1e-42]\n- test in the non-FIPS RSA keygen for minimal distance of p and q\n similarly to the FIPS RSA keygen\n[1.0.1e-41]\n- fix CVE-2014-3570 - incorrect computation in BN_sqr()\n- fix CVE-2014-3571 - possible crash in dtls1_get_record()\n- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state\n- fix CVE-2014-8275 - various certificate fingerprint issues\n- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export\n ciphersuites and on server\n- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate\n- fix CVE-2015-0206 - possible memory leak when buffering DTLS records\n[1.0.1e-40]\n- use FIPS approved method for computation of d in RSA\n- copy digest algorithm when handling SNI context switch\n[1.0.1e-39]\n- fix CVE-2014-3567 - memory leak when handling session tickets\n- fix CVE-2014-3513 - memory leak in srtp support\n- add support for fallback SCSV to partially mitigate CVE-2014-3566\n (padding attack on SSL3)\n[1.0.1e-38]\n- do FIPS algorithm selftest before the integrity check\n[1.0.1e-37]\n- add support for RFC 5649 (#1119738)\n- do not pass the FIPS integrity check if the .hmac files are empty (#1128849)\n- add ECC TLS extensions to DTLS (#1119803)\n- do not send ECC ciphersuites in SSLv2 client hello (#1090955)\n- properly propagate encryption failure in BIO_f_cipher (#1072439)\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n- improve documentation of ciphersuites - patch by Hubert Kario (#1108026)\n- use case insensitive comparison for servername in s_server (#1081163)\n- add support for automatic ECDH curve selection on server (#1080128)\n- FIPS mode: make the limitations on DSA, DH, and RSA keygen\n length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment\n variable is set\n[1.0.1e-36]\n- add support for ppc64le architecture\n- add Power 8 optimalizations\n[1.0.1e-35]\n- fix CVE-2014-3505 - doublefree in DTLS packet processing\n- fix CVE-2014-3506 - avoid memory exhaustion in DTLS\n- fix CVE-2014-3507 - avoid memory leak in DTLS\n- fix CVE-2014-3508 - fix OID handling to avoid information leak\n- fix CVE-2014-3509 - fix race condition when parsing server hello\n- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS\n- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation\n[1.0.1e-34.3]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-34]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-33]\n- use the key length from configuration file if req -newkey rsa is invoked\n[1.0.1e-32]\n- avoid unnecessary reseeding in BN_rand in the FIPS mode\n[1.0.1e-31]\n- print ephemeral key size negotiated in TLS handshake (#1057715)\n- add DH_compute_key_padded needed for FIPS CAVS testing\n- make expiration and key length changeable by DAYS and KEYLEN\n variables in the certificate Makefile (#1058108)\n- change default hash to sha256 (#1062325)\n- lower the actual 3des strength so it is sorted behind aes128 (#1056616)\n[1:1.0.1e-30]\n- Mass rebuild 2014-01-24\n[1.0.1e-29]\n- rebuild with -O3 on ppc64 architecture\n[1.0.1e-28]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1:1.0.1e-27]\n- Mass rebuild 2013-12-27\n[1.0.1e-26]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n- drop weak ciphers from the default TLS ciphersuite list\n- add back some symbols that were dropped with update to 1.0.1 branch\n- more FIPS validation requirement changes\n[1.0.1e-25]\n- fix locking and reseeding problems with FIPS drbg\n[1.0.1e-24]\n- additional changes required for FIPS validation\n- disable verification of certificate, CRL, and OCSP signatures\n using MD5 if OPENSSL_ENABLE_MD5_VERIFY environment variable\n is not set\n[1.0.1e-23]\n- add back support for secp521r1 EC curve\n- add aarch64 to Configure (#969692)\n[1.0.1e-22]\n- do not advertise ECC curves we do not support (#1022493)\n[1.0.1e-21]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n- drop the -fips subpackage, installation of dracut-fips marks that the FIPS\n module is installed\n- avoid dlopening libssl.so from libcrypto\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-20]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n- try to avoid some races when updating the -fips subpackage\n[1.0.1e-19]\n- use version-release in .hmac suffix to avoid overwrite\n during upgrade\n[1.0.1e-18]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-16]\n- add -fips subpackage that contains the FIPS module files\n[1.0.1e-15]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-14]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-13]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-12]\n- use _prefix macro\n[1.0.1e-11]\n- add openssl.cnf.5 manpage symlink to config.5\n[1.0.1e-10]\n- add relro linking flag\n[1.0.1e-9]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-8]\n- disable GOST engine\n[1.0.1e-7]\n- add symbol version for ECC functions\n[1.0.1e-6]\n- update the FIPS selftests to use 256 bit curves\n[1.0.1e-5]\n- enabled NIST Suite B ECC curves and algorithms\n[1.0.1e-4]\n- fix random bad record mac errors (#918981)\n[1.0.1e-3]\n- fix up the SHLIB_VERSION_NUMBER\n[1.0.1e-2]\n- disable ZLIB loading by default (due to CRIME attack)\n[1.0.1e-1]\n- new upstream version\n[1.0.1c-12]\n- more fixes from upstream\n- fix errors in manual causing build failure (#904777)\n[1.0.1c-11]\n- add script for renewal of a self-signed cert by Philip Prindeville (#871566)\n- allow X509_issuer_and_serial_hash() produce correct result in\n the FIPS mode (#881336)\n[1.0.1c-10]\n- do not load default verify paths if CApath or CAfile specified (#884305)\n[1.0.1c-9]\n- more fixes from upstream CVS\n- fix DSA key pairwise check (#878597)\n[1.0.1c-8]\n- use 1024 bit DH parameters in s_server as 512 bit is not allowed\n in FIPS mode and it is quite weak anyway\n[1.0.1c-7]\n- add missing initialization of str in aes_ccm_init_key (#853963)\n- add important patches from upstream CVS\n- use the secure_getenv() with new glibc\n[1:1.0.1c-6]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild\n[1.0.1c-5]\n- use __getenv_secure() instead of __libc_enable_secure\n[1.0.1c-4]\n- do not move libcrypto to /lib\n- do not use environment variables if __libc_enable_secure is on\n- fix strict aliasing problems in modes\n[1.0.1c-3]\n- fix DSA key generation in FIPS mode (#833866)\n- allow duplicate FIPS_mode_set(1)\n- enable build on ppc64 subarch (#834652)\n[1.0.1c-2]\n- fix s_server with new glibc when no global IPv6 address (#839031)\n- make it build with new Perl\n[1.0.1c-1]\n- new upstream version\n[1.0.1b-1]\n- new upstream version\n[1.0.1a-1]\n- new upstream version fixing CVE-2012-2110\n[1.0.1-3]\n- add Kerberos 5 libraries to pkgconfig for static linking (#807050)\n[1.0.1-2]\n- backports from upstream CVS\n- fix segfault when /dev/urandom is not available (#809586)\n[1.0.1-1]\n- new upstream release\n[1.0.1-0.3.beta3]\n- add obsoletes to assist multilib updates (#799636)\n[1.0.1-0.2.beta3]\n- epoch bumped to 1 due to revert to 1.0.0g on Fedora 17\n- new upstream release from the 1.0.1 branch\n- fix s390x build (#798411)\n- versioning for the SSLeay symbol (#794950)\n- add -DPURIFY to build flags (#797323)\n- filter engine provides\n- split the libraries to a separate -libs package\n- add make to requires on the base package (#783446)\n[1.0.1-0.1.beta2]\n- new upstream release from the 1.0.1 branch, ABI compatible\n- add documentation for the -no_ign_eof option\n[1.0.0g-1]\n- new upstream release fixing CVE-2012-0050 - DoS regression in\n DTLS support introduced by the previous release (#782795)\n[1.0.0f-1]\n- new upstream release fixing multiple CVEs\n[1.0.0e-4]\n- move the libraries needed for static linking to Libs.private\n[1.0.0e-3]\n- do not use AVX instructions when osxsave bit not set\n- add direct known answer tests for SHA2 algorithms\n[1.0.0e-2]\n- fix missing initialization of variable in CHIL engine\n[1.0.0e-1]\n- new upstream release fixing CVE-2011-3207 (#736088)\n[1.0.0d-8]\n- drop the separate engine for Intel acceleration improvements\n and merge in the AES-NI, SHA1, and RC4 optimizations\n- add support for OPENSSL_DISABLE_AES_NI environment variable\n that disables the AES-NI support\n[1.0.0d-7]\n- correct openssl cms help output (#636266)\n- more tolerant starttls detection in XMPP protocol (#608239)\n[1.0.0d-6]\n- add support for newest Intel acceleration improvements backported\n from upstream by Intel in form of a separate engine\n[1.0.0d-5]\n- allow the AES-NI engine in the FIPS mode\n[1.0.0d-4]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0d-3]\n- add support for VIA Padlock on 64bit arch from upstream (#617539)\n- do not return bogus values from load_certs (#652286)\n[1.0.0d-2]\n- clarify apps help texts for available digest algorithms (#693858)\n[1.0.0d-1]\n- new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability)\n[1.0.0c-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild\n[1.0.0c-3]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0c-2]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers\n[1.0.0c-1]\n- new upstream version fixing CVE-2010-4180\n[1.0.0b-3]\n- replace the revert for the s390x bignum asm routines with\n fix from upstream\n[1.0.0b-2]\n- revert upstream change in s390x bignum asm routines\n[1.0.0b-1]\n- new upstream version fixing CVE-2010-3864 (#649304)\n[1.0.0a-3]\n- make SHLIB_VERSION reflect the library suffix\n[1.0.0a-2]\n- openssl man page fix (#609484)\n[1.0.0a-1]\n- new upstream patch release, fixes CVE-2010-0742 (#598738)\n and CVE-2010-1633 (#598732)\n[1.0.0-5]\n- pkgconfig files now contain the correct libdir (#593723)\n[1.0.0-4]\n- make CA dir readable - the private keys are in private subdir (#584810)\n[1.0.0-3]\n- a few fixes from upstream CVS\n- move libcrypto to /lib (#559953)\n[1.0.0-2]\n- set UTC timezone on pod2man run (#578842)\n- make X509_NAME_hash_old work in FIPS mode\n[1.0.0-1]\n- update to final 1.0.0 upstream release\n[1.0.0-0.22.beta5]\n- make TLS work in the FIPS mode\n[1.0.0-0.21.beta5]\n- gracefully handle zero length in assembler implementations of\n OPENSSL_cleanse (#564029)\n- do not fail in s_server if client hostname not resolvable (#561260)\n[1.0.0-0.20.beta5]\n- new upstream release\n[1.0.0-0.19.beta4]\n- fix CVE-2009-4355 - leak in applications incorrectly calling\n CRYPTO_free_all_ex_data() before application exit (#546707)\n- upstream fix for future TLS protocol version handling\n[1.0.0-0.18.beta4]\n- add support for Intel AES-NI\n[1.0.0-0.17.beta4]\n- upstream fix compression handling on session resumption\n- various null checks and other small fixes from upstream\n- upstream changes for the renegotiation info according to the latest draft\n[1.0.0-0.16.beta4]\n- fix non-fips mingw build (patch by Kalev Lember)\n- add IPV6 fix for DTLS\n[1.0.0-0.15.beta4]\n- add better error reporting for the unsafe renegotiation\n[1.0.0-0.14.beta4]\n- fix build on s390x\n[1.0.0-0.13.beta4]\n- disable enforcement of the renegotiation extension on the client (#537962)\n- add fixes from the current upstream snapshot\n[1.0.0-0.12.beta4]\n- keep the beta status in version number at 3 so we do not have to rebuild\n openssh and possibly other dependencies with too strict version check\n[1.0.0-0.11.beta4]\n- update to new upstream version, no soname bump needed\n- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used\n so the compatibility with unfixed clients is not broken. The\n protocol extension is also not final.\n[1.0.0-0.10.beta3]\n- fix use of freed memory if SSL_CTX_free() is called before\n SSL_free() (#521342)\n[1.0.0-0.9.beta3]\n- fix typo in DTLS1 code (#527015)\n- fix leak in error handling of d2i_SSL_SESSION()\n[1.0.0-0.8.beta3]\n- fix RSA and DSA FIPS selftests\n- reenable fixed x86_64 camellia assembler code (#521127)\n[1.0.0-0.7.beta3]\n- temporarily disable x86_64 camellia assembler code (#521127)\n[1.0.0-0.6.beta3]\n- fix openssl dgst -dss1 (#520152)\n[1.0.0-0.5.beta3]\n- drop the compat symlink hacks\n[1.0.0-0.4.beta3]\n- constify SSL_CIPHER_description()\n[1.0.0-0.3.beta3]\n- fix WWW:Curl:Easy reference in tsget\n[1.0.0-0.2.beta3]\n- enable MD-2\n[1.0.0-0.1.beta3]\n- update to new major upstream release\n[0.9.8k-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Wed Jul 22 2009 Bill Nottingham \n- do not build special 'optimized' versions for i686, as that's the base\n arch in Fedora now\n[0.9.8k-6]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n- make CA dir absolute path (#445344)\n- change default length for RSA key generation to 2048 (#484101)\n[0.9.8k-5]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8k-4]\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n[0.9.8k-3]\n- correct the SHLIB_VERSION define\n[0.9.8k-2]\n- add support for multiple CRLs with same subject\n- load only dynamic engine support in FIPS mode\n[0.9.8k-1]\n- update to new upstream release (minor bug fixes, security\n fixes and machine code optimizations only)\n[0.9.8j-10]\n- move libraries to /usr/lib (#239375)\n[0.9.8j-9]\n- add a static subpackage\n[0.9.8j-8]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n[0.9.8j-7]\n- must also verify checksum of libssl.so in the FIPS mode\n- obtain the seed for FIPS rng directly from the kernel device\n- drop the temporary symlinks\n[0.9.8j-6]\n- drop the temporary triggerpostun and symlinking in post\n- fix the pkgconfig files and drop the unnecessary buildrequires\n on pkgconfig as it is a rpmbuild dependency (#481419)\n[0.9.8j-5]\n- add temporary triggerpostun to reinstate the symlinks\n[0.9.8j-4]\n- no pairwise key tests in non-fips mode (#479817)\n[0.9.8j-3]\n- even more robust test for the temporary symlinks\n[0.9.8j-2]\n- try to ensure the temporary symlinks exist\n[0.9.8j-1]\n- new upstream version with necessary soname bump (#455753)\n- temporarily provide symlink to old soname to make it possible to rebuild\n the dependent packages in rawhide\n- add eap-fast support (#428181)\n- add possibility to disable zlib by setting\n- add fips mode support for testing purposes\n- do not null dereference on some invalid smime files\n- add buildrequires pkgconfig (#479493)\n[0.9.8g-11]\n- do not add tls extensions to server hello for SSLv3 either\n[0.9.8g-10]\n- move root CA bundle to ca-certificates package\n[0.9.8g-9]\n- fix CVE-2008-0891 - server name extension crash (#448492)\n- fix CVE-2008-1672 - server key exchange message omit crash (#448495)\n[0.9.8g-8]\n- super-H arch support\n- drop workaround for bug 199604 as it should be fixed in gcc-4.3\n[0.9.8g-7]\n- sparc handling\n[0.9.8g-6]\n- update to new root CA bundle from mozilla.org (r1.45)\n[0.9.8g-5]\n- Autorebuild for GCC 4.3\n[0.9.8g-4]\n- merge review fixes (#226220)\n- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846)\n[0.9.8g-3]\n- set default paths when no explicit paths are set (#418771)\n- do not add tls extensions to client hello for SSLv3 (#422081)\n[0.9.8g-2]\n- enable some new crypto algorithms and features\n- add some more important bug fixes from openssl CVS\n[0.9.8g-1]\n- update to latest upstream release, SONAME bumped to 7\n[0.9.8b-17]\n- update to new CA bundle from mozilla.org\n[0.9.8b-16]\n- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)\n- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)\n- add alpha sub-archs (#296031)\n[0.9.8b-15]\n- rebuild\n[0.9.8b-14]\n- use localhost in testsuite, hopefully fixes slow build in koji\n- CVE-2007-3108 - fix side channel attack on private keys (#250577)\n- make ssl session cache id matching strict (#233599)\n[0.9.8b-13]\n- allow building on ARM architectures (#245417)\n- use reference timestamps to prevent multilib conflicts (#218064)\n- -devel package must require pkgconfig (#241031)\n[0.9.8b-12]\n- detect duplicates in add_dir properly (#206346)\n[0.9.8b-11]\n- the previous change still didn't make X509_NAME_cmp transitive\n[0.9.8b-10]\n- make X509_NAME_cmp transitive otherwise certificate lookup\n is broken (#216050)\n[0.9.8b-9]\n- aliasing bug in engine loading, patch by IBM (#213216)\n[0.9.8b-8]\n- CVE-2006-2940 fix was incorrect (#208744)\n[0.9.8b-7]\n- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n- fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n- fix CVE-2006-4343 - sslv2 client DoS (#206940)\n[0.9.8b-6]\n- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n[0.9.8b-5]\n- set buffering to none on stdio/stdout FILE when bufsize is set (#200580)\n patch by IBM\n[0.9.8b-4.1]\n- rebuild with new binutils (#200330)\n[0.9.8b-4]\n- add a temporary workaround for sha512 test failure on s390 (#199604)\n* Thu Jul 20 2006 Tomas Mraz \n- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737)\n- add patches for BN threadsafety, AES cache collision attack hazard fix and\n pkcs7 code memleak fix from upstream CVS\n[0.9.8b-3.1]\n- rebuild\n[0.9.8b-3]\n- dropped libica and ica engine from build\n* Wed Jun 21 2006 Joe Orton \n- update to new CA bundle from mozilla.org; adds CA certificates\n from netlock.hu and startcom.org\n[0.9.8b-2]\n- fixed a few rpmlint warnings\n- better fix for #173399 from upstream\n- upstream fix for pkcs12\n[0.9.8b-1]\n- upgrade to new version, stays ABI compatible\n- there is no more linux/config.h (it was empty anyway)\n[0.9.8a-6]\n- fix stale open handles in libica (#177155)\n- fix build if 'rand' or 'passwd' in buildroot path (#178782)\n- initialize VIA Padlock engine (#186857)\n[0.9.8a-5.2]\n- bump again for double-long bug on ppc(64)\n[0.9.8a-5.1]\n- rebuilt for new gcc4.1 snapshot and glibc changes\n[0.9.8a-5]\n- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n in SSL_OP_ALL (#175779)\n* Fri Dec 09 2005 Jesse Keating \n- rebuilt\n[0.9.8a-4]\n- fix build (-lcrypto was erroneusly dropped) of the updated libica\n- updated ICA engine to 1.3.6-rc3\n[0.9.8a-3]\n- disable builtin compression methods for now until they work\n properly (#173399)\n[0.9.8a-2]\n- don't set -rpath for openssl binary\n[0.9.8a-1]\n- new upstream version\n- patches partially renumbered\n[0.9.7f-11]\n- updated IBM ICA engine library and patch to latest upstream version\n[0.9.7f-10]\n- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which\n disables the countermeasure against man in the middle attack in SSLv2\n (#169863)\n- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)\n[0.9.7f-9]\n- add *.so.soversion as symlinks in /lib (#165264)\n- remove unpackaged symlinks (#159595)\n- fixes from upstream (constant time fixes for DSA,\n bn assembler div on ppc arch, initialize memory on realloc)\n[0.9.7f-8]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7f-7]\n- fix CAN-2005-0109 - use constant time/memory access mod_exp\n so bits of private key aren't leaked by cache eviction (#157631)\n- a few more fixes from upstream 0.9.7g\n[0.9.7f-6]\n- use poll instead of select in rand (#128285)\n- fix Makefile.certificate to point to /etc/pki/tls\n- change the default string mask in ASN1 to PrintableString+UTF8String\n[0.9.7f-5]\n- update to revision 1.37 of Mozilla CA bundle\n[0.9.7f-4]\n- move certificates to _sysconfdir/pki/tls (#143392)\n- move CA directories to _sysconfdir/pki/CA\n- patch the CA script and the default config so it points to the\n CA directories\n[0.9.7f-3]\n- uninitialized variable mustn't be used as input in inline\n assembly\n- reenable the x86_64 assembly again\n[0.9.7f-2]\n- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken\n- disable broken bignum assembly on x86_64\n[0.9.7f-1]\n- reenable optimizations on ppc64 and assembly code on ia64\n- upgrade to new upstream version (no soname bump needed)\n- disable thread test - it was testing the backport of the\n RSA blinding - no longer needed\n- added support for changing serial number to\n Makefile.certificate (#151188)\n- make ca-bundle.crt a config file (#118903)\n[0.9.7e-3]\n- libcrypto shouldn't depend on libkrb5 (#135961)\n[0.9.7e-2]\n- rebuild\n[0.9.7e-1]\n- new upstream source, updated patches\n- added patch so we are hopefully ABI compatible with upcoming\n 0.9.7f\n* Thu Feb 10 2005 Tomas Mraz \n- Support UTF-8 charset in the Makefile.certificate (#134944)\n- Added cmp to BuildPrereq\n[0.9.7a-46]\n- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32)\n[0.9.7a-45]\n- Fixed and updated libica-1.3.4-urandom.patch patch (#122967)\n[0.9.7a-44]\n- rebuild\n[0.9.7a-43]\n- rebuild\n[0.9.7a-42]\n- rebuild\n[0.9.7a-41]\n- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040)\n[0.9.7a-40]\n- Include latest libica version with important bugfixes\n* Tue Jun 15 2004 Elliot Lee \n- rebuilt\n[0.9.7a-38]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7a-37]\n- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik)\n[0.9.7a-36]\n- handle %{_arch}=i486/i586/i686/athlon cases in the intermediate\n header (#124303)\n[0.9.7a-35]\n- add security fixes for CAN-2004-0079, CAN-2004-0112\n* Tue Mar 16 2004 Phil Knirsch \n- Fixed libica filespec.\n[0.9.7a-34]\n- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix\n the intermediate header\n[0.9.7a-33]\n- add an intermediate \n which points to the right\n arch-specific opensslconf.h on multilib arches\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[0.9.7a-32]\n- Updated libica to latest upstream version 1.3.5.\n[0.9.7a-31]\n- Update ICA crypto engine patch from IBM to latest version.\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[0.9.7a-29]\n- rebuilt\n[0.9.7a-28]\n- Fixed libica build.\n* Wed Feb 04 2004 Nalin Dahyabhai \n- add '-ldl' to link flags added for Linux-on-ARM (#99313)\n[0.9.7a-27]\n- updated ca-bundle.crt: removed expired GeoTrust roots, added\n freessl.com root, removed trustcenter.de Class 0 root\n[0.9.7a-26]\n- Fix link line for libssl (bug #111154).\n[0.9.7a-25]\n- add dependency on zlib-devel for the -devel package, which depends on zlib\n symbols because we enable zlib for libssl (#102962)\n[0.9.7a-24]\n- Use /dev/urandom instead of PRNG for libica.\n- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c\n- Use latest ICA engine patch from IBM.\n[0.9.7a-22.1]\n- rebuild\n[0.9.7a-22]\n- rebuild (22 wasn't actually built, fun eh?)\n[0.9.7a-23]\n- re-disable optimizations on ppc64\n* Tue Sep 30 2003 Joe Orton \n- add a_mbstr.c fix for 64-bit platforms from CVS\n[0.9.7a-22]\n- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged\n as not needing executable stacks\n[0.9.7a-21]\n- rebuild\n* Thu Sep 25 2003 Nalin Dahyabhai \n- re-enable optimizations on ppc64\n* Thu Sep 25 2003 Nalin Dahyabhai \n- remove exclusivearch\n[0.9.7a-20]\n- only parse a client cert if one was requested\n- temporarily exclusivearch for %{ix86}\n* Tue Sep 23 2003 Nalin Dahyabhai \n- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544)\n and heap corruption (CAN-2003-0545)\n- update RHNS-CA-CERT files\n- ease back on the number of threads used in the threading test\n[0.9.7a-19]\n- rebuild to fix gzipped file md5sums (#91211)\n[0.9.7a-18]\n- Updated libica to version 1.3.4.\n[0.9.7a-17]\n- rebuild\n[0.9.7a-10.9]\n- free the kssl_ctx structure when we free an SSL structure (#99066)\n[0.9.7a-16]\n- rebuild\n[0.9.7a-15]\n- lower thread test count on s390x\n[0.9.7a-14]\n- rebuild\n[0.9.7a-13]\n- disable assembly on arches where it seems to conflict with threading\n[0.9.7a-12]\n- Updated libica to latest upstream version 1.3.0\n[0.9.7a-9.9]\n- rebuild\n[0.9.7a-11]\n- rebuild\n[0.9.7a-10]\n- ubsec: don't stomp on output data which might also be input data\n[0.9.7a-9]\n- temporarily disable optimizations on ppc64\n* Mon Jun 09 2003 Nalin Dahyabhai \n- backport fix for engine-used-for-everything from 0.9.7b\n- backport fix for prng not being seeded causing problems, also from 0.9.7b\n- add a check at build-time to ensure that RSA is thread-safe\n- keep perlpath from stomping on the libica configure scripts\n* Fri Jun 06 2003 Nalin Dahyabhai \n- thread-safety fix for RSA blinding\n[0.9.7a-8]\n- rebuilt\n[0.9.7a-7]\n- Added libica-1.2 to openssl (featurerequest).\n[0.9.7a-6]\n- fix building with incorrect flags on ppc64\n[0.9.7a-5]\n- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's\n attack (CAN-2003-0131)\n[ 0.9.7a-4]\n- add patch to enable RSA blinding by default, closing a timing attack\n (CAN-2003-0147)\n[0.9.7a-3]\n- disable use of BN assembly module on x86_64, but continue to allow inline\n assembly (#83403)\n[0.9.7a-2]\n- disable EC algorithms\n[0.9.7a-1]\n- update to 0.9.7a\n[0.9.7-8]\n- add fix to guard against attempts to allocate negative amounts of memory\n- add patch for CAN-2003-0078, fixing a timing attack\n[0.9.7-7]\n- Add openssl-ppc64.patch\n[0.9.7-6]\n- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(),\n to get the right behavior when passed uninitialized context structures\n (#83766)\n- build with -mcpu=ev5 on alpha family (#83828)\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[0.9.7-4]\n- Added IBM hw crypto support patch.\n* Wed Jan 15 2003 Nalin Dahyabhai \n- add missing builddep on sed\n[0.9.7-3]\n- debloat\n- fix broken manpage symlinks\n[0.9.7-2]\n- fix double-free in 'openssl ca'\n[0.9.7-1]\n- update to 0.9.7 final\n[0.9.7-0]\n- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n* Wed Dec 11 2002 Nalin Dahyabhai \n- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n[0.9.6b-30]\n- add configuration stanza for x86_64 and use it on x86_64\n- build for linux-ppc on ppc\n- start running the self-tests again\n[0.9.6b-29hammer.3]\n- Merge fixes from previous hammer packages, including general x86-64 and\n multilib\n[0.9.6b-29]\n- rebuild\n[0.9.6b-28]\n- update asn patch to fix accidental reversal of a logic check\n[0.9.6b-27]\n- update asn patch to reduce chance that compiler optimization will remove\n one of the added tests\n[0.9.6b-26]\n- rebuild\n[0.9.6b-25]\n- add patch to fix ASN.1 vulnerabilities\n[0.9.6b-24]\n- add backport of Ben Laurie's patches for OpenSSL 0.9.6d\n[0.9.6b-23]\n- own {_datadir}/ssl/misc\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[0.9.6b-20]\n- free ride through the build system (whee!)\n[0.9.6b-19]\n- rebuild in new environment\n[0.9.6b-17, 0.9.6b-18]\n- merge RHL-specific bits into stronghold package, rename\n[stronghold-0.9.6c-2]\n- add support for Chrysalis Luna token\n* Tue Mar 26 2002 Gary Benson \n- disable AEP random number generation, other AEP fixes\n[0.9.6b-15]\n- only build subpackages on primary arches\n[0.9.6b-13]\n- on ia32, only disable use of assembler on i386\n- enable assembly on ia64\n[0.9.6b-11]\n- fix sparcv9 entry\n[stronghold-0.9.6c-1]\n- upgrade to 0.9.6c\n- bump BuildArch to i686 and enable assembler on all platforms\n- synchronise with shrimpy and rawhide\n- bump soversion to 3\n* Wed Oct 10 2001 Florian La Roche \n- delete BN_LLONG for s390x, patch from Oliver Paukstadt\n[0.9.6b-9]\n- update AEP driver patch\n* Mon Sep 10 2001 Nalin Dahyabhai \n- adjust RNG disabling patch to match version of patch from Broadcom\n[0.9.6b-8]\n- disable the RNG in the ubsec engine driver\n[0.9.6b-7]\n- tweaks to the ubsec engine driver\n[0.9.6b-6]\n- tweaks to the ubsec engine driver\n[0.9.6b-5]\n- update ubsec engine driver from Broadcom\n[0.9.6b-4]\n- move man pages back to %{_mandir}/man?/foo.?ssl from\n %{_mandir}/man?ssl/foo.?\n- add an [ engine ] section to the default configuration file\n* Thu Aug 09 2001 Nalin Dahyabhai \n- add a patch for selecting a default engine in SSL_library_init()\n[0.9.6b-3]\n- add patches for AEP hardware support\n- add patch to keep trying when we fail to load a cert from a file and\n there are more in the file\n- add missing prototype for ENGINE_ubsec() in engine_int.h\n[0.9.6b-2]\n- actually add hw_ubsec to the engine list\n* Tue Jul 17 2001 Nalin Dahyabhai \n- add in the hw_ubsec driver from CVS\n[0.9.6b-1]\n- update to 0.9.6b\n* Thu Jul 05 2001 Nalin Dahyabhai \n- move .so symlinks back to %{_libdir}\n* Tue Jul 03 2001 Nalin Dahyabhai \n- move shared libraries to /lib (#38410)\n* Mon Jun 25 2001 Nalin Dahyabhai \n- switch to engine code base\n* Mon Jun 18 2001 Nalin Dahyabhai \n- add a script for creating dummy certificates\n- move man pages from %{_mandir}/man?/foo.?ssl to %{_mandir}/man?ssl/foo.?\n* Thu Jun 07 2001 Florian La Roche \n- add s390x support\n* Fri Jun 01 2001 Nalin Dahyabhai \n- change two memcpy() calls to memmove()\n- don't define L_ENDIAN on alpha\n[stronghold-0.9.6a-1]\n- Add 'stronghold-' prefix to package names.\n- Obsolete standard openssl packages.\n* Wed May 16 2001 Joe Orton \n- Add BuildArch: i586 as per Nalin's advice.\n* Tue May 15 2001 Joe Orton \n- Enable assembler on ix86 (using new .tar.bz2 which does\n include the asm directories).\n* Tue May 15 2001 Nalin Dahyabhai \n- make subpackages depend on the main package\n* Tue May 01 2001 Nalin Dahyabhai \n- adjust the hobble script to not disturb symlinks in include/ (fix from\n Joe Orton)\n* Fri Apr 27 2001 Nalin Dahyabhai \n- drop the m2crypo patch we weren't using\n* Tue Apr 24 2001 Nalin Dahyabhai \n- configure using 'shared' as well\n* Sun Apr 08 2001 Nalin Dahyabhai \n- update to 0.9.6a\n- use the build-shared target to build shared libraries\n- bump the soversion to 2 because we're no longer compatible with\n our 0.9.5a packages or our 0.9.6 packages\n- drop the patch for making rsatest a no-op when rsa null support is used\n- put all man pages into \nssl instead of \n- break the m2crypto modules into a separate package\n* Tue Mar 13 2001 Nalin Dahyabhai \n- use BN_LLONG on s390\n* Mon Mar 12 2001 Nalin Dahyabhai \n- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)\n* Sat Mar 03 2001 Nalin Dahyabhai \n- move c_rehash to the perl subpackage, because it's a perl script now\n* Fri Mar 02 2001 Nalin Dahyabhai \n- update to 0.9.6\n- enable MD2\n- use the libcrypto.so and libssl.so targets to build shared libs with\n- bump the soversion to 1 because we're no longer compatible with any of\n the various 0.9.5a packages circulating around, which provide lib*.so.0\n* Wed Feb 28 2001 Florian La Roche \n- change hobble-openssl for disabling MD2 again\n* Tue Feb 27 2001 Nalin Dahyabhai \n- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152\n bytes or so, causing EVP_DigestInit() to zero out stack variables in\n apps built against a version of the library without it\n* Mon Feb 26 2001 Nalin Dahyabhai \n- disable some inline assembly, which on x86 is Pentium-specific\n- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)\n* Thu Feb 08 2001 Florian La Roche \n- fix s390 patch\n* Fri Dec 08 2000 Than Ngo \n- added support s390\n* Mon Nov 20 2000 Nalin Dahyabhai \n- remove -Wa,* and -m* compiler flags from the default Configure file (#20656)\n- add the CA.pl man page to the perl subpackage\n* Thu Nov 02 2000 Nalin Dahyabhai \n- always build with -mcpu=ev5 on alpha\n* Tue Oct 31 2000 Nalin Dahyabhai \n- add a symlink from cert.pem to ca-bundle.crt\n* Wed Oct 25 2000 Nalin Dahyabhai \n- add a ca-bundle file for packages like Samba to reference for CA certificates\n* Tue Oct 24 2000 Nalin Dahyabhai \n- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)\n* Mon Oct 02 2000 Nalin Dahyabhai \n- add unzip as a buildprereq (#17662)\n- update m2crypto to 0.05-snap4\n* Tue Sep 26 2000 Bill Nottingham \n- fix some issues in building when it's not installed\n* Wed Sep 06 2000 Nalin Dahyabhai \n- make sure the headers we include are the ones we built with (aaaaarrgh!)\n* Fri Sep 01 2000 Nalin Dahyabhai \n- add Richard Henderson's patch for BN on ia64\n- clean up the changelog\n* Tue Aug 29 2000 Nalin Dahyabhai \n- fix the building of python modules without openssl-devel already installed\n* Wed Aug 23 2000 Nalin Dahyabhai \n- byte-compile python extensions without the build-root\n- adjust the makefile to not remove temporary files (like .key files when\n building .csr files) by marking them as .PRECIOUS\n* Sat Aug 19 2000 Nalin Dahyabhai \n- break out python extensions into a subpackage\n* Mon Jul 17 2000 Nalin Dahyabhai \n- tweak the makefile some more\n* Tue Jul 11 2000 Nalin Dahyabhai \n- disable MD2 support\n* Thu Jul 06 2000 Nalin Dahyabhai \n- disable MDC2 support\n* Sun Jul 02 2000 Nalin Dahyabhai \n- tweak the disabling of RC5, IDEA support\n- tweak the makefile\n* Thu Jun 29 2000 Nalin Dahyabhai \n- strip binaries and libraries\n- rework certificate makefile to have the right parts for Apache\n* Wed Jun 28 2000 Nalin Dahyabhai \n- use %{_perl} instead of /usr/bin/perl\n- disable alpha until it passes its own test suite\n* Fri Jun 09 2000 Nalin Dahyabhai \n- move the passwd.1 man page out of the passwd package's way\n* Fri Jun 02 2000 Nalin Dahyabhai \n- update to 0.9.5a, modified for U.S.\n- add perl as a build-time requirement\n- move certificate makefile to another package\n- disable RC5, IDEA, RSA support\n- remove optimizations for now\n* Wed Mar 01 2000 Florian La Roche \n- Bero told me to move the Makefile into this package\n* Wed Mar 01 2000 Florian La Roche \n- add lib*.so symlinks to link dynamically against shared libs\n* Tue Feb 29 2000 Florian La Roche \n- update to 0.9.5\n- run ldconfig directly in post/postun\n- add FAQ\n* Sat Dec 18 1999 Bernhard Rosenkrdnzer \n- Fix build on non-x86 platforms\n* Fri Nov 12 1999 Bernhard Rosenkrdnzer \n- move /usr/share/ssl/* from -devel to main package\n* Tue Oct 26 1999 Bernhard Rosenkrdnzer \n- inital packaging\n- changes from base:\n - Move /usr/local/ssl to /usr/share/ssl for FHS compliance\n - handle RPM_OPT_FLAGS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-03-13T00:00:00", "type": "oraclelinux", "title": "openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0078", "CVE-2003-0131", "CVE-2003-0147", "CVE-2003-0543", "CVE-2003-0544", "CVE-2003-0545", "CVE-2004-0079", "CVE-2004-0112", "CVE-2004-0975", "CVE-2005-0109", "CVE-2005-2946", "CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-5298", "CVE-2011-0014", "CVE-2011-3207", "CVE-2012-0050", "CVE-2012-2110", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2014-3505", "CVE-2014-3506", "CVE-2014-3507", "CVE-2014-3508", "CVE-2014-3509", "CVE-2014-3510", "CVE-2014-3511", "CVE-2014-3513", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-8176", "CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2015-3197", "CVE-2015-3216", "CVE-2015-4000", "CVE-2015-7575", "CVE-2016-0702", "CVE-2016-0705", "CVE-2016-0797", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3737", "CVE-2017-3738", "CVE-2018-0495", "CVE-2018-0732", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-5407"], "modified": "2019-03-13T00:00:00", "id": "ELSA-2019-4581", "href": "http://linux.oracle.com/errata/ELSA-2019-4581.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-30T06:24:45", "description": "[1.0.1e-58.0.1]\n- Oracle bug 28730228: backport CVE-2018-0732\n- Oracle bug 28758493: backport CVE-2018-0737\n- Merge upstream patch to fix CVE-2018-0739\n- Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz\n- sha256 is used for the RSA pairwise consistency test instead of sha1\n[1.0.1e-58]\n- fix CVE-2019-1559 - 0-byte record padding oracle\n[1.0.1e-57]\n- fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher\n[1.0.1e-55]\n- fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts\n[1.0.1e-54]\n- fix handling of ciphersuites present after the FALLBACK_SCSV\n ciphersuite entry (#1386350)\n[1.0.1e-53]\n- add README.legacy-settings\n[1.0.1e-52]\n- deprecate and disable verification of insecure hash algorithms\n- disallow DH keys with less than 1024 bits in TLS client\n- remove support for weak and export ciphersuites\n- use correct digest when exporting keying material in TLS1.2 (#1376741)\n[1.0.1e-50]\n- fix CVE-2016-2177 - possible integer overflow\n- fix CVE-2016-2178 - non-constant time DSA operations\n- fix CVE-2016-2179 - further DoS issues in DTLS\n- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()\n- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue\n- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()\n- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check\n- fix CVE-2016-6304 - unbound memory growth with OCSP status request\n- fix CVE-2016-6306 - certificate message OOB reads\n- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to\n 112 bit effective strength\n- replace expired testing certificates\n[1.0.1e-49]\n- fix CVE-2016-2105 - possible overflow in base64 encoding\n- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()\n- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC\n- fix CVE-2016-2108 - memory corruption in ASN.1 encoder\n- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO\n- fix CVE-2016-0799 - memory issues in BIO_printf\n[1.0.1e-48]\n- fix CVE-2016-0702 - side channel attack on modular exponentiation\n- fix CVE-2016-0705 - double-free in DSA private key parsing\n- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn\n[1.0.1e-47]\n- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement\n- disable SSLv2 in the generic TLS method\n[1.0.1e-46]\n- fix 1-byte memory leak in pkcs12 parse (#1229871)\n- document some options of the speed command (#1197095)\n[1.0.1e-45]\n- fix high-precision timestamps in timestamping authority\n[1.0.1e-44]\n- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2\n[1.0.1e-43]\n- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter\n- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak\n- fix CVE-2015-3196 - race condition when handling PSK identity hint\n[1.0.1e-42]\n- fix regression caused by mistake in fix for CVE-2015-1791\n[1.0.1e-41]\n- improved fix for CVE-2015-1791\n- add missing parts of CVE-2015-0209 fix for corectness although unexploitable\n[1.0.1e-40]\n- fix CVE-2014-8176 - invalid free in DTLS buffering code\n- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time\n- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent\n- fix CVE-2015-1791 - race condition handling NewSessionTicket\n- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function\n[1.0.1e-39]\n- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on\n read in multithreaded applications\n[1.0.1e-38]\n- fix CVE-2015-4000 - prevent the logjam attack on client - restrict\n the DH key size to at least 768 bits (limit will be increased in future)\n[1.0.1e-37]\n- drop the AES-GCM restriction of 2^32 operations because the IV is\n always 96 bits (32 bit fixed field + 64 bit invocation field)\n[1.0.1e-36]\n- update fix for CVE-2015-0287 to what was released upstream\n[1.0.1e-35]\n- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()\n- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison\n- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption\n- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference\n- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data\n- fix CVE-2015-0292 - integer underflow in base64 decoder\n- fix CVE-2015-0293 - triggerable assert in SSLv2 server\n[1.0.1e-34]\n- copy digest algorithm when handling SNI context switch\n- improve documentation of ciphersuites - patch by Hubert Kario\n- add support for setting Kerberos service and keytab in\n s_server and s_client\n[1.0.1e-33]\n- fix CVE-2014-3570 - incorrect computation in BN_sqr()\n- fix CVE-2014-3571 - possible crash in dtls1_get_record()\n- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state\n- fix CVE-2014-8275 - various certificate fingerprint issues\n- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export\n ciphersuites and on server\n- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate\n- fix CVE-2015-0206 - possible memory leak when buffering DTLS records\n[1.0.1e-32]\n- use FIPS approved method for computation of d in RSA\n[1.0.1e-31]\n- fix CVE-2014-3567 - memory leak when handling session tickets\n- fix CVE-2014-3513 - memory leak in srtp support\n- add support for fallback SCSV to partially mitigate CVE-2014-3566\n (padding attack on SSL3)\n[1.0.1e-30]\n- add ECC TLS extensions to DTLS (#1119800)\n[1.0.1e-29]\n- fix CVE-2014-3505 - doublefree in DTLS packet processing\n- fix CVE-2014-3506 - avoid memory exhaustion in DTLS\n- fix CVE-2014-3507 - avoid memory leak in DTLS\n- fix CVE-2014-3508 - fix OID handling to avoid information leak\n- fix CVE-2014-3509 - fix race condition when parsing server hello\n- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS\n- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation\n[1.0.1e-28]\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n[1.0.1e-26]\n- drop EXPORT, RC2, and DES from the default cipher list (#1057520)\n- print ephemeral key size negotiated in TLS handshake (#1057715)\n- do not include ECC ciphersuites in SSLv2 client hello (#1090952)\n- properly detect encryption failure in BIO (#1100819)\n- fail on hmac integrity check if the .hmac file is empty (#1105567)\n- FIPS mode: make the limitations on DSA, DH, and RSA keygen\n length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment\n variable is set\n[1.0.1e-25]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-24]\n- add back support for secp521r1 EC curve\n[1.0.1e-23]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-22]\n- use 2048 bit RSA key in FIPS selftests\n[1.0.1e-21]\n- add DH_compute_key_padded needed for FIPS CAVS testing\n- make 3des strength to be 128 bits instead of 168 (#1056616)\n- FIPS mode: do not generate DSA keys and DH parameters < 2048 bits\n- FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys)\n- FIPS mode: add DH selftest\n- FIPS mode: reseed DRBG properly on RAND_add()\n- FIPS mode: add RSA encrypt/decrypt selftest\n- FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key\n- use the key length from configuration file if req -newkey rsa is invoked\n[1.0.1e-20]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-19]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-18]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-17]\n- add back some no-op symbols that were inadvertently dropped\n[1.0.1e-16]\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1e-15]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n[1.0.1e-14]\n- installation of dracut-fips marks that the FIPS module is installed\n[1.0.1e-13]\n- avoid dlopening libssl.so from libcrypto\n[1.0.1e-12]\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-11]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n[1.0.1e-9]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-8]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-7]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-6]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-5]\n- use _prefix macro\n[1.0.1e-4]\n- add relro linking flag\n[1.0.1e-2]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-1]\n- rebase to the 1.0.1e upstream version\n[1.0.0-28]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)\n[1.0.0-27]\n- fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645)\n- drop superfluous lib64 fixup in pkgconfig .pc files (#770872)\n- force BIO_accept_new(*:\n) to listen on IPv4\n[1.0.0-26]\n- use PKCS#8 when writing private keys in FIPS mode as the old\n PEM encryption mode is not FIPS compatible (#812348)\n[1.0.0-25]\n- fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n- properly initialize tkeylen in the CVE-2012-0884 fix\n[1.0.0-24]\n- fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)\n[1.0.0-23]\n- fix problem with the SGC restart patch that might terminate handshake\n incorrectly\n- fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n- fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n[1.0.0-22]\n- fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes\n[1.0.0-21]\n- fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery\n vulnerability and additional DTLS fixes (#771770)\n- fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n- fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778)\n- fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n[1.0.0-20]\n- fix x86cpuid.pl - patch by Paolo Bonzini\n[1.0.0-19]\n- add known answer test for SHA2 algorithms\n[1.0.0-18]\n- fix missing initialization of a variable in the CHIL engine (#740188)\n[1.0.0-17]\n- initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207\n (#736087)\n[1.0.0-16]\n- merge the optimizations for AES-NI, SHA1, and RC4 from the intelx\n engine to the internal implementations\n[1.0.0-15]\n- better documentation of the available digests in apps (#693858)\n- backported CHIL engine fixes (#693863)\n- allow testing build without downstream patches (#708511)\n- enable partial RELRO when linking (#723994)\n- add intelx engine with improved performance on new Intel CPUs\n- add OPENSSL_DISABLE_AES_NI environment variable which disables\n the AES-NI support (does not affect the intelx engine)\n[1.0.0-14]\n- use the AES-NI engine in the FIPS mode\n[1.0.0-11]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document\n[1.0.0-8]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0-7]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers (#619762)\n[1.0.0-6]\n- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864\n (#649304)\n[1.0.0-5]\n- fix race in extension parsing code - CVE-2010-3864 (#649304)\n[1.0.0-4]\n- openssl man page fix (#609484)\n[1.0.0-3]\n- fix wrong ASN.1 definition of OriginatorInfo - CVE-2010-0742 (#598738)\n- fix information leak in rsa_verify_recover - CVE-2010-1633 (#598732)\n[1.0.0-2]\n- make CA dir readable - the private keys are in private subdir (#584810)\n- a few fixes from upstream CVS\n- make X509_NAME_hash_old work in FIPS mode (#568395)\n[1.0.0-1]\n- update to final 1.0.0 upstream release\n[1.0.0-0.22.beta5]\n- make TLS work in the FIPS mode\n[1.0.0-0.21.beta5]\n- gracefully handle zero length in assembler implementations of\n OPENSSL_cleanse (#564029)\n- do not fail in s_server if client hostname not resolvable (#561260)\n[1.0.0-0.20.beta5]\n- new upstream release\n[1.0.0-0.19.beta4]\n- fix CVE-2009-4355 - leak in applications incorrectly calling\n CRYPTO_free_all_ex_data() before application exit (#546707)\n- upstream fix for future TLS protocol version handling\n[1.0.0-0.18.beta4]\n- add support for Intel AES-NI\n[1.0.0-0.17.beta4]\n- upstream fix compression handling on session resumption\n- various null checks and other small fixes from upstream\n- upstream changes for the renegotiation info according to the latest draft\n[1.0.0-0.16.beta4]\n- fix non-fips mingw build (patch by Kalev Lember)\n- add IPV6 fix for DTLS\n[1.0.0-0.15.beta4]\n- add better error reporting for the unsafe renegotiation\n[1.0.0-0.14.beta4]\n- fix build on s390x\n[1.0.0-0.13.beta4]\n- disable enforcement of the renegotiation extension on the client (#537962)\n- add fixes from the current upstream snapshot\n[1.0.0-0.12.beta4]\n- keep the beta status in version number at 3 so we do not have to rebuild\n openssh and possibly other dependencies with too strict version check\n[1.0.0-0.11.beta4]\n- update to new upstream version, no soname bump needed\n- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used\n so the compatibility with unfixed clients is not broken. The\n protocol extension is also not final.\n[1.0.0-0.10.beta3]\n- fix use of freed memory if SSL_CTX_free() is called before\n SSL_free() (#521342)\n[1.0.0-0.9.beta3]\n- fix typo in DTLS1 code (#527015)\n- fix leak in error handling of d2i_SSL_SESSION()\n[1.0.0-0.8.beta3]\n- fix RSA and DSA FIPS selftests\n- reenable fixed x86_64 camellia assembler code (#521127)\n[1.0.0-0.7.beta3]\n- temporarily disable x86_64 camellia assembler code (#521127)\n[1.0.0-0.6.beta3]\n- fix openssl dgst -dss1 (#520152)\n[1.0.0-0.5.beta3]\n- drop the compat symlink hacks\n[1.0.0-0.4.beta3]\n- constify SSL_CIPHER_description()\n[1.0.0-0.3.beta3]\n- fix WWW:Curl:Easy reference in tsget\n[1.0.0-0.2.beta3]\n- enable MD-2\n[1.0.0-0.1.beta3]\n- update to new major upstream release\n[0.9.8k-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Wed Jul 22 2009 Bill Nottingham \n- do not build special 'optimized' versions for i686, as that's the base\n arch in Fedora now\n[0.9.8k-6]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n- make CA dir absolute path (#445344)\n- change default length for RSA key generation to 2048 (#484101)\n[0.9.8k-5]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8k-4]\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n[0.9.8k-3]\n- correct the SHLIB_VERSION define\n[0.9.8k-2]\n- add support for multiple CRLs with same subject\n- load only dynamic engine support in FIPS mode\n[0.9.8k-1]\n- update to new upstream release (minor bug fixes, security\n fixes and machine code optimizations only)\n[0.9.8j-10]\n- move libraries to /usr/lib (#239375)\n[0.9.8j-9]\n- add a static subpackage\n[0.9.8j-8]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n[0.9.8j-7]\n- must also verify checksum of libssl.so in the FIPS mode\n- obtain the seed for FIPS rng directly from the kernel device\n- drop the temporary symlinks\n[0.9.8j-6]\n- drop the temporary triggerpostun and symlinking in post\n- fix the pkgconfig files and drop the unnecessary buildrequires\n on pkgconfig as it is a rpmbuild dependency (#481419)\n[0.9.8j-5]\n- add temporary triggerpostun to reinstate the symlinks\n[0.9.8j-4]\n- no pairwise key tests in non-fips mode (#479817)\n[0.9.8j-3]\n- even more robust test for the temporary symlinks\n[0.9.8j-2]\n- try to ensure the temporary symlinks exist\n[0.9.8j-1]\n- new upstream version with necessary soname bump (#455753)\n- temporarily provide symlink to old soname to make it possible to rebuild\n the dependent packages in rawhide\n- add eap-fast support (#428181)\n- add possibility to disable zlib by setting\n- add fips mode support for testing purposes\n- do not null dereference on some invalid smime files\n- add buildrequires pkgconfig (#479493)\n[0.9.8g-11]\n- do not add tls extensions to server hello for SSLv3 either\n[0.9.8g-10]\n- move root CA bundle to ca-certificates package\n[0.9.8g-9]\n- fix CVE-2008-0891 - server name extension crash (#448492)\n- fix CVE-2008-1672 - server key exchange message omit crash (#448495)\n[0.9.8g-8]\n- super-H arch support\n- drop workaround for bug 199604 as it should be fixed in gcc-4.3\n[0.9.8g-7]\n- sparc handling\n[0.9.8g-6]\n- update to new root CA bundle from mozilla.org (r1.45)\n[0.9.8g-5]\n- Autorebuild for GCC 4.3\n[0.9.8g-4]\n- merge review fixes (#226220)\n- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846)\n[0.9.8g-3]\n- set default paths when no explicit paths are set (#418771)\n- do not add tls extensions to client hello for SSLv3 (#422081)\n[0.9.8g-2]\n- enable some new crypto algorithms and features\n- add some more important bug fixes from openssl CVS\n[0.9.8g-1]\n- update to latest upstream release, SONAME bumped to 7\n[0.9.8b-17]\n- update to new CA bundle from mozilla.org\n[0.9.8b-16]\n- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)\n- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)\n- add alpha sub-archs (#296031)\n[0.9.8b-15]\n- rebuild\n[0.9.8b-14]\n- use localhost in testsuite, hopefully fixes slow build in koji\n- CVE-2007-3108 - fix side channel attack on private keys (#250577)\n- make ssl session cache id matching strict (#233599)\n[0.9.8b-13]\n- allow building on ARM architectures (#245417)\n- use reference timestamps to prevent multilib conflicts (#218064)\n- -devel package must require pkgconfig (#241031)\n[0.9.8b-12]\n- detect duplicates in add_dir properly (#206346)\n[0.9.8b-11]\n- the previous change still didn't make X509_NAME_cmp transitive\n[0.9.8b-10]\n- make X509_NAME_cmp transitive otherwise certificate lookup\n is broken (#216050)\n[0.9.8b-9]\n- aliasing bug in engine loading, patch by IBM (#213216)\n[0.9.8b-8]\n- CVE-2006-2940 fix was incorrect (#208744)\n[0.9.8b-7]\n- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n- fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n- fix CVE-2006-4343 - sslv2 client DoS (#206940)\n[0.9.8b-6]\n- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n[0.9.8b-5]\n- set buffering to none on stdio/stdout FILE when bufsize is set (#200580)\n patch by IBM\n[0.9.8b-4.1]\n- rebuild with new binutils (#200330)\n[0.9.8b-4]\n- add a temporary workaround for sha512 test failure on s390 (#199604)\n* Thu Jul 20 2006 Tomas Mraz \n- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737)\n- add patches for BN threadsafety, AES cache collision attack hazard fix and\n pkcs7 code memleak fix from upstream CVS\n[0.9.8b-3.1]\n- rebuild\n[0.9.8b-3]\n- dropped libica and ica engine from build\n* Wed Jun 21 2006 Joe Orton \n- update to new CA bundle from mozilla.org; adds CA certificates\n from netlock.hu and startcom.org\n[0.9.8b-2]\n- fixed a few rpmlint warnings\n- better fix for #173399 from upstream\n- upstream fix for pkcs12\n[0.9.8b-1]\n- upgrade to new version, stays ABI compatible\n- there is no more linux/config.h (it was empty anyway)\n[0.9.8a-6]\n- fix stale open handles in libica (#177155)\n- fix build if 'rand' or 'passwd' in buildroot path (#178782)\n- initialize VIA Padlock engine (#186857)\n[0.9.8a-5.2]\n- bump again for double-long bug on ppc(64)\n[0.9.8a-5.1]\n- rebuilt for new gcc4.1 snapshot and glibc changes\n[0.9.8a-5]\n- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n in SSL_OP_ALL (#175779)\n* Fri Dec 09 2005 Jesse Keating \n- rebuilt\n[0.9.8a-4]\n- fix build (-lcrypto was erroneusly dropped) of the updated libica\n- updated ICA engine to 1.3.6-rc3\n[0.9.8a-3]\n- disable builtin compression methods for now until they work\n properly (#173399)\n[0.9.8a-2]\n- don't set -rpath for openssl binary\n[0.9.8a-1]\n- new upstream version\n- patches partially renumbered\n[0.9.7f-11]\n- updated IBM ICA engine library and patch to latest upstream version\n[0.9.7f-10]\n- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which\n disables the countermeasure against man in the middle attack in SSLv2\n (#169863)\n- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)\n[0.9.7f-9]\n- add *.so.soversion as symlinks in /lib (#165264)\n- remove unpackaged symlinks (#159595)\n- fixes from upstream (constant time fixes for DSA,\n bn assembler div on ppc arch, initialize memory on realloc)\n[0.9.7f-8]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7f-7]\n- fix CAN-2005-0109 - use constant time/memory access mod_exp\n so bits of private key aren't leaked by cache eviction (#157631)\n- a few more fixes from upstream 0.9.7g\n[0.9.7f-6]\n- use poll instead of select in rand (#128285)\n- fix Makefile.certificate to point to /etc/pki/tls\n- change the default string mask in ASN1 to PrintableString+UTF8String\n[0.9.7f-5]\n- update to revision 1.37 of Mozilla CA bundle\n[0.9.7f-4]\n- move certificates to _sysconfdir/pki/tls (#143392)\n- move CA directories to _sysconfdir/pki/CA\n- patch the CA script and the default config so it points to the\n CA directories\n[0.9.7f-3]\n- uninitialized variable mustn't be used as input in inline\n assembly\n- reenable the x86_64 assembly again\n[0.9.7f-2]\n- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken\n- disable broken bignum assembly on x86_64\n[0.9.7f-1]\n- reenable optimizations on ppc64 and assembly code on ia64\n- upgrade to new upstream version (no soname bump needed)\n- disable thread test - it was testing the backport of the\n RSA blinding - no longer needed\n- added support for changing serial number to\n Makefile.certificate (#151188)\n- make ca-bundle.crt a config file (#118903)\n[0.9.7e-3]\n- libcrypto shouldn't depend on libkrb5 (#135961)\n[0.9.7e-2]\n- rebuild\n[0.9.7e-1]\n- new upstream source, updated patches\n- added patch so we are hopefully ABI compatible with upcoming\n 0.9.7f\n* Thu Feb 10 2005 Tomas Mraz \n- Support UTF-8 charset in the Makefile.certificate (#134944)\n- Added cmp to BuildPrereq\n[0.9.7a-46]\n- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32)\n[0.9.7a-45]\n- Fixed and updated libica-1.3.4-urandom.patch patch (#122967)\n[0.9.7a-44]\n- rebuild\n[0.9.7a-43]\n- rebuild\n[0.9.7a-42]\n- rebuild\n[0.9.7a-41]\n- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040)\n[0.9.7a-40]\n- Include latest libica version with important bugfixes\n* Tue Jun 15 2004 Elliot Lee \n- rebuilt\n[0.9.7a-38]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7a-37]\n- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik)\n[0.9.7a-36]\n- handle %{_arch}=i486/i586/i686/athlon cases in the intermediate\n header (#124303)\n[0.9.7a-35]\n- add security fixes for CAN-2004-0079, CAN-2004-0112\n* Tue Mar 16 2004 Phil Knirsch \n- Fixed libica filespec.\n[0.9.7a-34]\n- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix\n the intermediate header\n[0.9.7a-33]\n- add an intermediate \n which points to the right\n arch-specific opensslconf.h on multilib arches\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[0.9.7a-32]\n- Updated libica to latest upstream version 1.3.5.\n[0.9.7a-31]\n- Update ICA crypto engine patch from IBM to latest version.\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[0.9.7a-29]\n- rebuilt\n[0.9.7a-28]\n- Fixed libica build.\n* Wed Feb 04 2004 Nalin Dahyabhai \n- add '-ldl' to link flags added for Linux-on-ARM (#99313)\n[0.9.7a-27]\n- updated ca-bundle.crt: removed expired GeoTrust roots, added\n freessl.com root, removed trustcenter.de Class 0 root\n[0.9.7a-26]\n- Fix link line for libssl (bug #111154).\n[0.9.7a-25]\n- add dependency on zlib-devel for the -devel package, which depends on zlib\n symbols because we enable zlib for libssl (#102962)\n[0.9.7a-24]\n- Use /dev/urandom instead of PRNG for libica.\n- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c\n- Use latest ICA engine patch from IBM.\n[0.9.7a-22.1]\n- rebuild\n[0.9.7a-22]\n- rebuild (22 wasn't actually built, fun eh?)\n[0.9.7a-23]\n- re-disable optimizations on ppc64\n* Tue Sep 30 2003 Joe Orton \n- add a_mbstr.c fix for 64-bit platforms from CVS\n[0.9.7a-22]\n- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged\n as not needing executable stacks\n[0.9.7a-21]\n- rebuild\n* Thu Sep 25 2003 Nalin Dahyabhai \n- re-enable optimizations on ppc64\n* Thu Sep 25 2003 Nalin Dahyabhai \n- remove exclusivearch\n[0.9.7a-20]\n- only parse a client cert if one was requested\n- temporarily exclusivearch for %{ix86}\n* Tue Sep 23 2003 Nalin Dahyabhai \n- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544)\n and heap corruption (CAN-2003-0545)\n- update RHNS-CA-CERT files\n- ease back on the number of threads used in the threading test\n[0.9.7a-19]\n- rebuild to fix gzipped file md5sums (#91211)\n[0.9.7a-18]\n- Updated libica to version 1.3.4.\n[0.9.7a-17]\n- rebuild\n[0.9.7a-10.9]\n- free the kssl_ctx structure when we free an SSL structure (#99066)\n[0.9.7a-16]\n- rebuild\n[0.9.7a-15]\n- lower thread test count on s390x\n[0.9.7a-14]\n- rebuild\n[0.9.7a-13]\n- disable assembly on arches where it seems to conflict with threading\n[0.9.7a-12]\n- Updated libica to latest upstream version 1.3.0\n[0.9.7a-9.9]\n- rebuild\n[0.9.7a-11]\n- rebuild\n[0.9.7a-10]\n- ubsec: don't stomp on output data which might also be input data\n[0.9.7a-9]\n- temporarily disable optimizations on ppc64\n* Mon Jun 09 2003 Nalin Dahyabhai \n- backport fix for engine-used-for-everything from 0.9.7b\n- backport fix for prng not being seeded causing problems, also from 0.9.7b\n- add a check at build-time to ensure that RSA is thread-safe\n- keep perlpath from stomping on the libica configure scripts\n* Fri Jun 06 2003 Nalin Dahyabhai \n- thread-safety fix for RSA blinding\n[0.9.7a-8]\n- rebuilt\n[0.9.7a-7]\n- Added libica-1.2 to openssl (featurerequest).\n[0.9.7a-6]\n- fix building with incorrect flags on ppc64\n[0.9.7a-5]\n- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's\n attack (CAN-2003-0131)\n[ 0.9.7a-4]\n- add patch to enable RSA blinding by default, closing a timing attack\n (CAN-2003-0147)\n[0.9.7a-3]\n- disable use of BN assembly module on x86_64, but continue to allow inline\n assembly (#83403)\n[0.9.7a-2]\n- disable EC algorithms\n[0.9.7a-1]\n- update to 0.9.7a\n[0.9.7-8]\n- add fix to guard against attempts to allocate negative amounts of memory\n- add patch for CAN-2003-0078, fixing a timing attack\n[0.9.7-7]\n- Add openssl-ppc64.patch\n[0.9.7-6]\n- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(),\n to get the right behavior when passed uninitialized context structures\n (#83766)\n- build with -mcpu=ev5 on alpha family (#83828)\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[0.9.7-4]\n- Added IBM hw crypto support patch.\n* Wed Jan 15 2003 Nalin Dahyabhai \n- add missing builddep on sed\n[0.9.7-3]\n- debloat\n- fix broken manpage symlinks\n[0.9.7-2]\n- fix double-free in 'openssl ca'\n[0.9.7-1]\n- update to 0.9.7 final\n[0.9.7-0]\n- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n* Wed Dec 11 2002 Nalin Dahyabhai \n- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n[0.9.6b-30]\n- add configuration stanza for x86_64 and use it on x86_64\n- build for linux-ppc on ppc\n- start running the self-tests again\n[0.9.6b-29hammer.3]\n- Merge fixes from previous hammer packages, including general x86-64 and\n multilib\n[0.9.6b-29]\n- rebuild\n[0.9.6b-28]\n- update asn patch to fix accidental reversal of a logic check\n[0.9.6b-27]\n- update asn patch to reduce chance that compiler optimization will remove\n one of the added tests\n[0.9.6b-26]\n- rebuild\n[0.9.6b-25]\n- add patch to fix ASN.1 vulnerabilities\n[0.9.6b-24]\n- add backport of Ben Laurie's patches for OpenSSL 0.9.6d\n[0.9.6b-23]\n- own {_datadir}/ssl/misc\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[0.9.6b-20]\n- free ride through the build system (whee!)\n[0.9.6b-19]\n- rebuild in new environment\n[0.9.6b-17, 0.9.6b-18]\n- merge RHL-specific bits into stronghold package, rename\n[stronghold-0.9.6c-2]\n- add support for Chrysalis Luna token\n* Tue Mar 26 2002 Gary Benson \n- disable AEP random number generation, other AEP fixes\n[0.9.6b-15]\n- only build subpackages on primary arches\n[0.9.6b-13]\n- on ia32, only disable use of assembler on i386\n- enable assembly on ia64\n[0.9.6b-11]\n- fix sparcv9 entry\n[stronghold-0.9.6c-1]\n- upgrade to 0.9.6c\n- bump BuildArch to i686 and enable assembler on all platforms\n- synchronise with shrimpy and rawhide\n- bump soversion to 3\n* Wed Oct 10 2001 Florian La Roche \n- delete BN_LLONG for s390x, patch from Oliver Paukstadt\n[0.9.6b-9]\n- update AEP driver patch\n* Mon Sep 10 2001 Nalin Dahyabhai \n- adjust RNG disabling patch to match version of patch from Broadcom\n[0.9.6b-8]\n- disable the RNG in the ubsec engine driver\n[0.9.6b-7]\n- tweaks to the ubsec engine driver\n[0.9.6b-6]\n- tweaks to the ubsec engine driver\n[0.9.6b-5]\n- update ubsec engine driver from Broadcom\n[0.9.6b-4]\n- move man pages back to %{_mandir}/man?/foo.?ssl from\n %{_mandir}/man?ssl/foo.?\n- add an [ engine ] section to the default configuration file\n* Thu Aug 09 2001 Nalin Dahyabhai \n- add a patch for selecting a default engine in SSL_library_init()\n[0.9.6b-3]\n- add patches for AEP hardware support\n- add patch to keep trying when we fail to load a cert from a file and\n there are more in the file\n- add missing prototype for ENGINE_ubsec() in engine_int.h\n[0.9.6b-2]\n- actually add hw_ubsec to the engine list\n* Tue Jul 17 2001 Nalin Dahyabhai \n- add in the hw_ubsec driver from CVS\n[0.9.6b-1]\n- update to 0.9.6b\n* Thu Jul 05 2001 Nalin Dahyabhai \n- move .so symlinks back to %{_libdir}\n* Tue Jul 03 2001 Nalin Dahyabhai \n- move shared libraries to /lib (#38410)\n* Mon Jun 25 2001 Nalin Dahyabhai \n- switch to engine code base\n* Mon Jun 18 2001 Nalin Dahyabhai \n- add a script for creating dummy certificates\n- move man pages from %{_mandir}/man?/foo.?ssl to %{_mandir}/man?ssl/foo.?\n* Thu Jun 07 2001 Florian La Roche \n- add s390x support\n* Fri Jun 01 2001 Nalin Dahyabhai \n- change two memcpy() calls to memmove()\n- don't define L_ENDIAN on alpha\n[stronghold-0.9.6a-1]\n- Add 'stronghold-' prefix to package names.\n- Obsolete standard openssl packages.\n* Wed May 16 2001 Joe Orton \n- Add BuildArch: i586 as per Nalin's advice.\n* Tue May 15 2001 Joe Orton \n- Enable assembler on ix86 (using new .tar.bz2 which does\n include the asm directories).\n* Tue May 15 2001 Nalin Dahyabhai \n- make subpackages depend on the main package\n* Tue May 01 2001 Nalin Dahyabhai \n- adjust the hobble script to not disturb symlinks in include/ (fix from\n Joe Orton)\n* Fri Apr 27 2001 Nalin Dahyabhai \n- drop the m2crypo patch we weren't using\n* Tue Apr 24 2001 Nalin Dahyabhai \n- configure using 'shared' as well\n* Sun Apr 08 2001 Nalin Dahyabhai \n- update to 0.9.6a\n- use the build-shared target to build shared libraries\n- bump the soversion to 2 because we're no longer compatible with\n our 0.9.5a packages or our 0.9.6 packages\n- drop the patch for making rsatest a no-op when rsa null support is used\n- put all man pages into \nssl instead of \n- break the m2crypto modules into a separate package\n* Tue Mar 13 2001 Nalin Dahyabhai \n- use BN_LLONG on s390\n* Mon Mar 12 2001 Nalin Dahyabhai \n- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)\n* Sat Mar 03 2001 Nalin Dahyabhai \n- move c_rehash to the perl subpackage, because it's a perl script now\n* Fri Mar 02 2001 Nalin Dahyabhai \n- update to 0.9.6\n- enable MD2\n- use the libcrypto.so and libssl.so targets to build shared libs with\n- bump the soversion to 1 because we're no longer compatible with any of\n the various 0.9.5a packages circulating around, which provide lib*.so.0\n* Wed Feb 28 2001 Florian La Roche \n- change hobble-openssl for disabling MD2 again\n* Tue Feb 27 2001 Nalin Dahyabhai \n- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152\n bytes or so, causing EVP_DigestInit() to zero out stack variables in\n apps built against a version of the library without it\n* Mon Feb 26 2001 Nalin Dahyabhai \n- disable some inline assembly, which on x86 is Pentium-specific\n- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)\n* Thu Feb 08 2001 Florian La Roche \n- fix s390 patch\n* Fri Dec 08 2000 Than Ngo \n- added support s390\n* Mon Nov 20 2000 Nalin Dahyabhai \n- remove -Wa,* and -m* compiler flags from the default Configure file (#20656)\n- add the CA.pl man page to the perl subpackage\n* Thu Nov 02 2000 Nalin Dahyabhai \n- always build with -mcpu=ev5 on alpha\n* Tue Oct 31 2000 Nalin Dahyabhai \n- add a symlink from cert.pem to ca-bundle.crt\n* Wed Oct 25 2000 Nalin Dahyabhai \n- add a ca-bundle file for packages like Samba to reference for CA certificates\n* Tue Oct 24 2000 Nalin Dahyabhai \n- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)\n* Mon Oct 02 2000 Nalin Dahyabhai \n- add unzip as a buildprereq (#17662)\n- update m2crypto to 0.05-snap4\n* Tue Sep 26 2000 Bill Nottingham \n- fix some issues in building when it's not installed\n* Wed Sep 06 2000 Nalin Dahyabhai \n- make sure the headers we include are the ones we built with (aaaaarrgh!)\n* Fri Sep 01 2000 Nalin Dahyabhai \n- add Richard Henderson's patch for BN on ia64\n- clean up the changelog\n* Tue Aug 29 2000 Nalin Dahyabhai \n- fix the building of python modules without openssl-devel already installed\n* Wed Aug 23 2000 Nalin Dahyabhai \n- byte-compile python extensions without the build-root\n- adjust the makefile to not remove temporary files (like .key files when\n building .csr files) by marking them as .PRECIOUS\n* Sat Aug 19 2000 Nalin Dahyabhai \n- break out python extensions into a subpackage\n* Mon Jul 17 2000 Nalin Dahyabhai \n- tweak the makefile some more\n* Tue Jul 11 2000 Nalin Dahyabhai \n- disable MD2 support\n* Thu Jul 06 2000 Nalin Dahyabhai \n- disable MDC2 support\n* Sun Jul 02 2000 Nalin Dahyabhai \n- tweak the disabling of RC5, IDEA support\n- tweak the makefile\n* Thu Jun 29 2000 Nalin Dahyabhai \n- strip binaries and libraries\n- rework certificate makefile to have the right parts for Apache\n* Wed Jun 28 2000 Nalin Dahyabhai \n- use %{_perl} instead of /usr/bin/perl\n- disable alpha until it passes its own test suite\n* Fri Jun 09 2000 Nalin Dahyabhai \n- move the passwd.1 man page out of the passwd package's way\n* Fri Jun 02 2000 Nalin Dahyabhai \n- update to 0.9.5a, modified for U.S.\n- add perl as a build-time requirement\n- move certificate makefile to another package\n- disable RC5, IDEA, RSA support\n- remove optimizations for now\n* Wed Mar 01 2000 Florian La Roche \n- Bero told me to move the Makefile into this package\n* Wed Mar 01 2000 Florian La Roche \n- add lib*.so symlinks to link dynamically against shared libs\n* Tue Feb 29 2000 Florian La Roche \n- update to 0.9.5\n- run ldconfig directly in post/postun\n- add FAQ\n* Sat Dec 18 1999 Bernhard Rosenkrdnzer \n- Fix build on non-x86 platforms\n* Fri Nov 12 1999 Bernhard Rosenkrdnzer \n- move /usr/share/ssl/* from -devel to main package\n* Tue Oct 26 1999 Bernhard Rosenkrdnzer \n- inital packaging\n- changes from base:\n - Move /usr/local/ssl to /usr/share/ssl for FHS compliance\n - handle RPM_OPT_FLAGS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-16T00:00:00", "type": "oraclelinux", "title": "openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0078", "CVE-2003-0131", "CVE-2003-0147", "CVE-2003-0543", "CVE-2003-0544", "CVE-2003-0545", "CVE-2004-0079", "CVE-2004-0112", "CVE-2004-0975", "CVE-2005-0109", "CVE-2005-2946", "CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-5298", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2333", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2014-3505", "CVE-2014-3506", "CVE-2014-3507", "CVE-2014-3508", "CVE-2014-3509", "CVE-2014-3510", "CVE-2014-3511", "CVE-2014-3513", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-8176", "CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2015-3197", "CVE-2015-3216", "CVE-2015-4000", "CVE-2015-7575", "CVE-2016-0702", "CVE-2016-0705", "CVE-2016-0797", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-8610", "CVE-2017-3731", "CVE-2018-0732", "CVE-2018-0737", "CVE-2018-0739", "CVE-2019-1559"], "modified": "2019-08-16T00:00:00", "id": "ELSA-2019-4747", "href": "http://linux.oracle.com/errata/ELSA-2019-4747.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}

OpenSSL &lt; 0.9.8h Multiple Vulnerabilities

Description

Related

OpenSSL < 0.9.8h Multiple Vulnerabilities