Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.ALA_ALAS-2013-171.NASL
HistorySep 04, 2013 - 12:00 a.m.

Amazon Linux AMI : openssl (ALAS-2013-171)

2013-09-0400:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
17
JSON

It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)

A NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially crafted response. (CVE-2013-0166)

It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929)

Note: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2013-171.
#

include('compat.inc');

if (description)
{
  script_id(69730);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");

  script_cve_id("CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169");
  script_xref(name:"ALAS", value:"2013-171");
  script_xref(name:"RHSA", value:"2013:0587");
  script_xref(name:"CEA-ID", value:"CEA-2019-0547");

  script_name(english:"Amazon Linux AMI : openssl (ALAS-2013-171)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux AMI host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"It was discovered that OpenSSL leaked timing information when
decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode
cipher suites were used. A remote attacker could possibly use this
flaw to retrieve plain text from the encrypted packets by using a
TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)

A NULL pointer dereference flaw was found in the OCSP response
verification in OpenSSL. A malicious OCSP server could use this flaw
to crash applications performing OCSP verification by sending a
specially crafted response. (CVE-2013-0166)

It was discovered that the TLS/SSL protocol could leak information
about plain text when optional compression was used. An attacker able
to control part of the plain text sent over an encrypted TLS/SSL
connection could possibly use this flaw to recover other portions of
the plain text. (CVE-2012-4929)

Note: This update disables zlib compression, which was previously
enabled in OpenSSL by default. Applications using OpenSSL now need to
explicitly enable zlib compression to use it.");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2013-171.html");
  script_set_attribute(attribute:"solution", value:
"Run 'yum update openssl' to update your system.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:openssl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:openssl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:openssl-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:openssl-static");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Amazon Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"openssl-1.0.0k-1.48.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"openssl-debuginfo-1.0.0k-1.48.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"openssl-devel-1.0.0k-1.48.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"openssl-perl-1.0.0k-1.48.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"openssl-static-1.0.0k-1.48.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc");
}
VendorProductVersionCPE
amazonlinuxopensslp-cpe:/a:amazon:linux:openssl
amazonlinuxopenssl-debuginfop-cpe:/a:amazon:linux:openssl-debuginfo
amazonlinuxopenssl-develp-cpe:/a:amazon:linux:openssl-devel
amazonlinuxopenssl-perlp-cpe:/a:amazon:linux:openssl-perl
amazonlinuxopenssl-staticp-cpe:/a:amazon:linux:openssl-static
amazonlinuxcpe:/o:amazon:linux

Related

redhat 4
nessus 51
openvas 46
amazon 1
centos 1
oraclelinux 1
fedora 3
altlinux 5
freebsd 2
debian 5
freebsd_advisory 1
aix 1
osv 4
ibm 31
slackware 2
ubuntu 4
cve 4
prion 4
threatpost 1
f5 7
jvn 1
veracode 4
debiancve 3
ubuntucve 4
securityvulns 4
hackerone 1
openssl 2
vmware 1
kitploit 1
redhat
redhat
(RHSA-2013:0587) Moderate: openssl security update
2013-03-04 00:00:00
(RHSA-2013:0783) Moderate: openssl security update
2013-05-01 17:58:17
(RHSA-2014:0416) Important: rhevm-spice-client security update
2014-04-17 00:00:00
nessus
nessus
Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64 (20130304)
2013-03-05 00:00:00
CentOS 5 / 6 : openssl (CESA-2013:0587)
2013-03-07 00:00:00
Oracle Linux 5 / 6 : openssl (ELSA-2013-0587)
2013-07-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:0549-3)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0554-1)
2021-06-09 00:00:00
CentOS Update for openssl CESA-2013:0587 centos5
2013-03-08 00:00:00
amazon
amazon
Medium: openssl
2013-03-14 22:04:00
centos
centos
openssl security update
2013-03-04 22:46:45
oraclelinux
oraclelinux
openssl security update
2013-03-04 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: mingw-openssl-1.0.1e-1.fc18
2013-04-03 04:51:11
[SECURITY] Fedora 18 Update: openssl-1.0.1e-3.fc18
2013-03-02 19:55:52
[SECURITY] Fedora 17 Update: openssl-1.0.0k-1.fc17
2013-03-08 00:02:36
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 6 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
freebsd
freebsd
FreeBSD -- OpenSSL multiple vulnerabilities
2013-04-02 00:00:00
OpenSSL -- TLS 1.1, 1.2 denial of service
2013-02-05 00:00:00
debian
debian
[SECURITY] [DSA 2621-1] openssl security update
2013-02-13 20:07:41
[SECURITY] [DSA 2627-1] nginx security update
2013-02-17 11:14:31
openssl security update
2014-06-20 16:35:50
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:03.openssl
2013-04-02 00:00:00
aix
aix
Multiple OpenSSL vulnerabilities
2013-03-15 03:20:11
osv
osv
openssl - several vulnerabilities
2013-02-13 00:00:00
nginx - information leak
2013-02-17 00:00:00
openssl - security update
2014-06-20 00:00:00
ibm
ibm
Security Bulletin: IBM Smart Analytics System 1050, 2050, and 5600 and IBM InfoSphere Balanced Warehouse C3000, C4000, and D5100 are affected by vulnerabilities in OpenSSL (CVE-2013-0166, CVE-2013-0169)
2022-09-25 23:13:40
Security Bulletin: IBM Tivoli Network Manager - GSKit Security Vulnerabilities (CVE-2013-0169), (CVE-2012-2190) and (CVE-2013-0166)
2018-06-17 14:37:51
Security Bulletin: Tivoli Management Framework affected by vulnerabilities in OpenSSL 1.0.1c
2022-09-25 21:06:56
slackware
slackware
openssl
2013-02-09 15:03:57
openssl
2013-02-11 23:49:59
ubuntu
ubuntu
OpenSSL vulnerabilities
2013-02-21 00:00:00
OpenSSL vulnerability
2013-07-04 00:00:00
Qt vulnerability
2012-11-08 00:00:00
cve
cve
CVE-2012-4929
2012-09-15 18:55:00
CVE-2013-0169
2013-02-08 19:55:00
CVE-2013-0166
2013-02-08 19:55:00
prion
prion
Design/Logic Flaw
2012-09-15 18:55:00
Null pointer dereference
2013-02-08 19:55:00
Design/Logic Flaw
2013-02-08 19:55:00
threatpost
threatpost
Apple Patches Mass of Security Bugs in OS X and Safari
2013-06-05 09:51:54
f5
f5
SOL14054 - CRIME vulnerability via TLS 1.2 protocol CVE-2012-4929
2012-12-05 00:00:00
K14054 : CRIME vulnerability via TLS 1.2 protocol CVE-2012-4929
2013-09-09 00:00:00
K14261 : OpenSSL OCSP vulnerability CVE-2013-0166
2014-04-03 00:00:00
jvn
jvn
JVN#65273415: Android OS issue where it is affected by the CRIME attack
2016-07-22 00:00:00
veracode
veracode
Information Leakage
2019-01-15 08:58:53
Denial Of Service (DoS) Through Null Pointer Dereference
2017-02-08 05:51:39
Timing Attacks
2017-02-10 05:59:15
debiancve
debiancve
CVE-2012-4929
2012-09-15 18:55:00
CVE-2013-0166
2013-02-08 19:55:00
CVE-2013-0169
2013-02-08 19:55:00
ubuntucve
ubuntucve
CVE-2012-4929
2012-09-15 00:00:00
CVE-2013-0166
2013-02-08 00:00:00
CVE-2013-0169
2013-02-08 00:00:00
securityvulns
securityvulns
ESA-2013-032 RSA BSAFE® Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery (aka “Lucky Thirteen”) Vulnerability
2013-07-15 00:00:00
OpenSSL / PolarSSL / GnuTLS security vulnerabilities
2013-03-02 00:00:00
ESA-2013-045: RSA BSAFE® SSL-C Security Update for SSL/TLS Plaintext Recovery (aka “Lucky Thirteen”) Vulnerability
2013-07-15 00:00:00
hackerone
hackerone
Legal Robot: LUCKY13 (CVE-2013-0169) effects legalrobot.com
2017-07-30 20:00:47
openssl
openssl
Vulnerability in OpenSSL CVE-2013-0169
2013-02-04 00:00:00
Vulnerability in OpenSSL CVE-2013-0166
2013-02-05 00:00:00
vmware
vmware
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
kitploit
kitploit
Sitadel - Web Application Security Scanner
2019-01-14 12:13:00
JSON
Related for ALA_ALAS-2013-171.NASL
redhat4nessus51openvas46amazon1centos1oraclelinux1fedora3altlinux5freebsd2debian5freebsd_advisory1aix1osv4ibm31slackware2ubuntu4cve4prion4threatpost1f57jvn1veracode4debiancve3ubuntucve4securityvulns4hackerone1openssl2vmware1kitploit1