ID ALA_ALAS-2016-650.NASL Type nessus Reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. Modified 2021-02-02T00:00:00
Description
It was found that the parsing of the NSSCipherSuite option of
mod24_nss, which accepts OpenSSL-style cipherstrings, is flawed. If
the option is used to disable insecure ciphersuites using the common
'!' syntax, it will actually enable those insecure ciphersuites.
(CVE-2015-5244)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2016-650.
#
include("compat.inc");
if (description)
{
script_id(88662);
script_version("2.4");
script_cvs_date("Date: 2018/04/18 15:09:35");
script_cve_id("CVE-2015-5244");
script_xref(name:"ALAS", value:"2016-650");
script_name(english:"Amazon Linux AMI : mod24_nss (ALAS-2016-650)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux AMI host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"It was found that the parsing of the NSSCipherSuite option of
mod24_nss, which accepts OpenSSL-style cipherstrings, is flawed. If
the option is used to disable insecure ciphersuites using the common
'!' syntax, it will actually enable those insecure ciphersuites.
(CVE-2015-5244)"
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/ALAS-2016-650.html"
);
script_set_attribute(
attribute:"solution",
value:"Run 'yum update mod24_nss' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mod24_nss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mod24_nss-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2016/02/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/10");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"mod24_nss-1.0.12-1.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mod24_nss-debuginfo-1.0.12-1.21.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod24_nss / mod24_nss-debuginfo");
}
{"id": "ALA_ALAS-2016-650.NASL", "bulletinFamily": "scanner", "title": "Amazon Linux AMI : mod24_nss (ALAS-2016-650)", "description": "It was found that the parsing of the NSSCipherSuite option of\nmod24_nss, which accepts OpenSSL-style cipherstrings, is flawed. If\nthe option is used to disable insecure ciphersuites using the common\n'!' syntax, it will actually enable those insecure ciphersuites.\n(CVE-2015-5244)", "published": "2016-02-10T00:00:00", "modified": "2021-02-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/88662", "reporter": "This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.", "references": ["https://alas.aws.amazon.com/ALAS-2016-650.html"], "cvelist": ["CVE-2015-5244"], "type": "nessus", "lastseen": "2021-02-01T01:21:12", "edition": 28, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-5244"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120640", "OPENVAS:1361412562310807212"]}, {"type": "fedora", "idList": ["FEDORA:5BE3460EDE81", "FEDORA:19A7D604971E"]}, {"type": "amazon", "idList": ["ALAS-2016-650"]}, {"type": "nessus", "idList": ["FEDORA_2015-C76C1C84CF.NASL", "FEDORA_2016-6AA4DD4F3A.NASL", "SUSE_SU-2016-2396-1.NASL", "SUSE_SU-2016-2285-1.NASL"]}], "modified": "2021-02-01T01:21:12", "rev": 2}, "score": {"value": 4.7, "vector": "NONE", "modified": "2021-02-01T01:21:12", "rev": 2}, "vulnersScore": 4.7}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-650.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88662);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-5244\");\n script_xref(name:\"ALAS\", value:\"2016-650\");\n\n script_name(english:\"Amazon Linux AMI : mod24_nss (ALAS-2016-650)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the parsing of the NSSCipherSuite option of\nmod24_nss, which accepts OpenSSL-style cipherstrings, is flawed. If\nthe option is used to disable insecure ciphersuites using the common\n'!' syntax, it will actually enable those insecure ciphersuites.\n(CVE-2015-5244)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-650.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update mod24_nss' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mod24_nss-1.0.12-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_nss-debuginfo-1.0.12-1.21.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod24_nss / mod24_nss-debuginfo\");\n}\n", "naslFamily": "Amazon Linux Local Security Checks", "pluginID": "88662", "cpe": ["p-cpe:/a:amazon:linux:mod24_nss-debuginfo", "p-cpe:/a:amazon:linux:mod24_nss", "cpe:/o:amazon:linux"], "scheme": null, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}
{"cve": [{"lastseen": "2021-02-02T06:21:26", "description": "The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-07T20:29:00", "title": "CVE-2015-5244", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5244"], "modified": "2017-08-16T16:16:00", "cpe": ["cpe:/a:mod_nss_project:mod_nss:1.0.11"], "id": "CVE-2015-5244", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5244", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mod_nss_project:mod_nss:1.0.11:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-06-11T17:41:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5244"], "description": "Check the version of mod_nss", "modified": "2020-06-09T00:00:00", "published": "2016-01-25T00:00:00", "id": "OPENVAS:1361412562310807212", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807212", "type": "openvas", "title": "Fedora Update for mod_nss FEDORA-2016-6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mod_nss FEDORA-2016-6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807212\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-01-25 06:12:24 +0100 (Mon, 25 Jan 2016)\");\n script_cve_id(\"CVE-2015-5244\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mod_nss FEDORA-2016-6\");\n script_tag(name:\"summary\", value:\"Check the version of mod_nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mod_nss on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_nss\", rpm:\"mod_nss~1.0.11~6.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:56:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5244"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2016-02-11T00:00:00", "id": "OPENVAS:1361412562310120640", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120640", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-650)", "sourceData": "# Copyright (C) 2016 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120640\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-02-11 07:16:48 +0200 (Thu, 11 Feb 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-650)\");\n script_tag(name:\"insight\", value:\"It was found that the parsing of the NSSCipherSuite option of mod24_nss, which accepts OpenSSL-style cipherstrings, is flawed. If the option is used to disable insecure ciphersuites using the common ! syntax, it will actually enable those insecure ciphersuites. (CVE-2015-5244 )\");\n script_tag(name:\"solution\", value:\"Run yum update mod24_nss to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-650.html\");\n script_cve_id(\"CVE-2015-5244\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~1.0.12~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss\", rpm:\"nss~1.0.12~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5244"], "description": "The mod_nss module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols using the Network Security Services (NSS) security library. ", "modified": "2016-01-08T20:57:37", "published": "2016-01-08T20:57:37", "id": "FEDORA:5BE3460EDE81", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: mod_nss-1.0.12-1.fc23", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5244"], "description": "The mod_nss module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols using the Network Security Services (NSS) security library. ", "modified": "2016-01-24T22:52:03", "published": "2016-01-24T22:52:03", "id": "FEDORA:19A7D604971E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: mod_nss-1.0.11-6.fc22", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:17", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5244"], "description": "**Issue Overview:**\n\nIt was found that the parsing of the NSSCipherSuite option of mod24_nss, which accepts OpenSSL-style cipherstrings, is flawed. If the option is used to disable insecure ciphersuites using the common \"!\" syntax, it will actually enable those insecure ciphersuites. ([CVE-2015-5244 __](<https://access.redhat.com/security/cve/CVE-2015-5244>))\n\n \n**Affected Packages:** \n\n\nmod24_nss\n\n \n**Issue Correction:** \nRun _yum update mod24_nss_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n mod24_nss-debuginfo-1.0.12-1.21.amzn1.i686 \n mod24_nss-1.0.12-1.21.amzn1.i686 \n \n src: \n mod24_nss-1.0.12-1.21.amzn1.src \n \n x86_64: \n mod24_nss-1.0.12-1.21.amzn1.x86_64 \n mod24_nss-debuginfo-1.0.12-1.21.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2016-02-09T13:30:00", "published": "2016-02-09T13:30:00", "id": "ALAS-2016-650", "href": "https://alas.aws.amazon.com/ALAS-2016-650.html", "title": "Medium: mod24_nss", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T10:14:22", "description": "Fix for CVE-2015-5244. An OpenSSL cipher string wasn't disabled when\nprefixed with !.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 22 : mod_nss-1.0.11-6.fc22 (2016-6aa4dd4f3a)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5244"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mod_nss", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-6AA4DD4F3A.NASL", "href": "https://www.tenable.com/plugins/nessus/89562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-6aa4dd4f3a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89562);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5244\");\n script_xref(name:\"FEDORA\", value:\"2016-6aa4dd4f3a\");\n\n script_name(english:\"Fedora 22 : mod_nss-1.0.11-6.fc22 (2016-6aa4dd4f3a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2015-5244. An OpenSSL cipher string wasn't disabled when\nprefixed with !.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1263070\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d2ed256f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_nss package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"mod_nss-1.0.11-6.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_nss\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:13:54", "description": "Update to upstream 1.0.12 * Fixes CVE-2015-5244 * Add support for SNI\n* Add RenegBufferSize option * Add support for TLS Session Tickets\n(RFC 5077) For full list of changes see\nhttps://fedorahosted.org/mod_nss/wiki/Releases mod_nss-1.0.12-1.fc23 -\nUpdate to upstream 1.0.12\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : mod_nss-1.0.12-1.fc23 (2015-c76c1c84cf)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5244"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mod_nss", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-C76C1C84CF.NASL", "href": "https://www.tenable.com/plugins/nessus/89402", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-c76c1c84cf.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89402);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5244\");\n script_xref(name:\"FEDORA\", value:\"2015-c76c1c84cf\");\n\n script_name(english:\"Fedora 23 : mod_nss-1.0.12-1.fc23 (2015-c76c1c84cf)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream 1.0.12 * Fixes CVE-2015-5244 * Add support for SNI\n* Add RenegBufferSize option * Add support for TLS Session Tickets\n(RFC 5077) For full list of changes see\nhttps://fedorahosted.org/mod_nss/wiki/Releases mod_nss-1.0.12-1.fc23 -\nUpdate to upstream 1.0.12\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1259216\"\n );\n # https://fedorahosted.org/mod_nss/wiki/Releases\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b696c8a6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mod_nss package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"mod_nss-1.0.12-1.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_nss\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T14:24:41", "description": "This update provides apache2-mod_nss 1.0.14, which brings several\nfixes and enhancements :\n\n - Fix OpenSSL ciphers stopped parsing at +.\n (CVE-2016-3099)\n\n - Created valgrind suppression files to ease debugging.\n\n - Implement SSL_PPTYPE_FILTER to call executables to get\n the key password pins.\n\n - Improvements to migrate.pl.\n\n - Update default ciphers to something more modern and\n secure.\n\n - Check for host and netstat commands in gencert before\n trying to use them.\n\n - Add server support for DHE ciphers.\n\n - Extract SAN from server/client certificates into env\n\n - Fix memory leaks and other coding issues caught by clang\n analyzer.\n\n - Add support for Server Name Indication (SNI).\n\n - Add support for SNI for reverse proxy connections.\n\n - Add RenegBufferSize? option.\n\n - Add support for TLS Session Tickets (RFC 5077).\n\n - Fix logical AND support in OpenSSL cipher compatibility.\n\n - Correctly handle disabled ciphers. (CVE-2015-5244)\n\n - Implement a slew more OpenSSL cipher macros.\n\n - Fix a number of illegal memory accesses and memory\n leaks.\n\n - Support for SHA384 ciphers if they are available in NSS.\n\n - Add compatibility for mod_ssl-style cipher definitions.\n\n - Add TLSv1.2-specific ciphers.\n\n - Completely remove support for SSLv2.\n\n - Add support for sqlite NSS databases.\n\n - Compare subject CN and VS hostname during server start\n up.\n\n - Add support for enabling TLS v1.2.\n\n - Don't enable SSL 3 by default. (CVE-2014-3566)\n\n - Fix CVE-2013-4566.\n\n - Move nss_pcache to /usr/libexec.\n\n - Support httpd 2.4+.\n\n - Use apache2-systemd-ask-pass to prompt for a certificate\n passphrase. (bsc#972968, bsc#975394)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 35, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-13T00:00:00", "title": "SUSE SLES12 Security Update : apache2-mod_nss (SUSE-SU-2016:2285-1) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566", "CVE-2013-4566", "CVE-2015-5244", "CVE-2016-3099"], "modified": "2016-09-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_nss-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:apache2-mod_nss", "p-cpe:/a:novell:suse_linux:apache2-mod_nss-debugsource"], "id": "SUSE_SU-2016-2285-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93457", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2285-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93457);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-4566\", \"CVE-2014-3566\", \"CVE-2015-5244\", \"CVE-2016-3099\");\n script_bugtraq_id(64114, 70574);\n\n script_name(english:\"SUSE SLES12 Security Update : apache2-mod_nss (SUSE-SU-2016:2285-1) (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update provides apache2-mod_nss 1.0.14, which brings several\nfixes and enhancements :\n\n - Fix OpenSSL ciphers stopped parsing at +.\n (CVE-2016-3099)\n\n - Created valgrind suppression files to ease debugging.\n\n - Implement SSL_PPTYPE_FILTER to call executables to get\n the key password pins.\n\n - Improvements to migrate.pl.\n\n - Update default ciphers to something more modern and\n secure.\n\n - Check for host and netstat commands in gencert before\n trying to use them.\n\n - Add server support for DHE ciphers.\n\n - Extract SAN from server/client certificates into env\n\n - Fix memory leaks and other coding issues caught by clang\n analyzer.\n\n - Add support for Server Name Indication (SNI).\n\n - Add support for SNI for reverse proxy connections.\n\n - Add RenegBufferSize? option.\n\n - Add support for TLS Session Tickets (RFC 5077).\n\n - Fix logical AND support in OpenSSL cipher compatibility.\n\n - Correctly handle disabled ciphers. (CVE-2015-5244)\n\n - Implement a slew more OpenSSL cipher macros.\n\n - Fix a number of illegal memory accesses and memory\n leaks.\n\n - Support for SHA384 ciphers if they are available in NSS.\n\n - Add compatibility for mod_ssl-style cipher definitions.\n\n - Add TLSv1.2-specific ciphers.\n\n - Completely remove support for SSLv2.\n\n - Add support for sqlite NSS databases.\n\n - Compare subject CN and VS hostname during server start\n up.\n\n - Add support for enabling TLS v1.2.\n\n - Don't enable SSL 3 by default. (CVE-2014-3566)\n\n - Fix CVE-2013-4566.\n\n - Move nss_pcache to /usr/libexec.\n\n - Support httpd 2.4+.\n\n - Use apache2-systemd-ask-pass to prompt for a certificate\n passphrase. (bsc#972968, bsc#975394)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=972968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=975394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5244/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3099/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162285-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?22c87ff4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1335=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-mod_nss-1.0.14-18.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-mod_nss-debuginfo-1.0.14-18.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-mod_nss-debugsource-1.0.14-18.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_nss\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T14:24:44", "description": "This update provides apache2-mod_nss 1.0.14, which brings several\nfixes and enhancements :\n\n - Fix OpenSSL ciphers stopped parsing at +.\n (CVE-2016-3099)\n\n - Created valgrind suppression files to ease debugging.\n\n - Implement SSL_PPTYPE_FILTER to call executables to get\n the key password pins.\n\n - Improvements to migrate.pl.\n\n - Update default ciphers to something more modern and\n secure.\n\n - Check for host and netstat commands in gencert before\n trying to use them.\n\n - Add server support for DHE ciphers.\n\n - Extract SAN from server/client certificates into env\n\n - Fix memory leaks and other coding issues caught by clang\n analyzer.\n\n - Add support for Server Name Indication (SNI).\n\n - Add support for SNI for reverse proxy connections.\n\n - Add RenegBufferSize? option.\n\n - Add support for TLS Session Tickets (RFC 5077).\n\n - Fix logical AND support in OpenSSL cipher compatibility.\n\n - Correctly handle disabled ciphers. (CVE-2015-5244)\n\n - Implement a slew more OpenSSL cipher macros.\n\n - Fix a number of illegal memory accesses and memory\n leaks.\n\n - Support for SHA384 ciphers if they are available in NSS.\n\n - Add compatibility for mod_ssl-style cipher definitions.\n\n - Add TLSv1.2-specific ciphers.\n\n - Completely remove support for SSLv2.\n\n - Add support for sqlite NSS databases.\n\n - Compare subject CN and VS hostname during server start\n up.\n\n - Add support for enabling TLS v1.2.\n\n - Don't enable SSL 3 by default. (CVE-2014-3566)\n\n - Fix CVE-2013-4566.\n\n - Move nss_pcache to /usr/libexec.\n\n - Support httpd 2.4+.\n\n - SHA256 cipher names change spelling from *_sha256 to\n *_sha_256.\n\n - Use apache2-systemd-ask-pass to prompt for a certificate\n passphrase. (bsc#972968, bsc#975394)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 35, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-28T00:00:00", "title": "SUSE SLES12 Security Update : apache2-mod_nss (SUSE-SU-2016:2396-1) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566", "CVE-2013-4566", "CVE-2015-5244", "CVE-2016-3099"], "modified": "2016-09-28T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_nss-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:apache2-mod_nss", "p-cpe:/a:novell:suse_linux:apache2-mod_nss-debugsource"], "id": "SUSE_SU-2016-2396-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93767", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2396-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93767);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-4566\", \"CVE-2014-3566\", \"CVE-2015-5244\", \"CVE-2016-3099\");\n script_bugtraq_id(64114, 70574);\n\n script_name(english:\"SUSE SLES12 Security Update : apache2-mod_nss (SUSE-SU-2016:2396-1) (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update provides apache2-mod_nss 1.0.14, which brings several\nfixes and enhancements :\n\n - Fix OpenSSL ciphers stopped parsing at +.\n (CVE-2016-3099)\n\n - Created valgrind suppression files to ease debugging.\n\n - Implement SSL_PPTYPE_FILTER to call executables to get\n the key password pins.\n\n - Improvements to migrate.pl.\n\n - Update default ciphers to something more modern and\n secure.\n\n - Check for host and netstat commands in gencert before\n trying to use them.\n\n - Add server support for DHE ciphers.\n\n - Extract SAN from server/client certificates into env\n\n - Fix memory leaks and other coding issues caught by clang\n analyzer.\n\n - Add support for Server Name Indication (SNI).\n\n - Add support for SNI for reverse proxy connections.\n\n - Add RenegBufferSize? option.\n\n - Add support for TLS Session Tickets (RFC 5077).\n\n - Fix logical AND support in OpenSSL cipher compatibility.\n\n - Correctly handle disabled ciphers. (CVE-2015-5244)\n\n - Implement a slew more OpenSSL cipher macros.\n\n - Fix a number of illegal memory accesses and memory\n leaks.\n\n - Support for SHA384 ciphers if they are available in NSS.\n\n - Add compatibility for mod_ssl-style cipher definitions.\n\n - Add TLSv1.2-specific ciphers.\n\n - Completely remove support for SSLv2.\n\n - Add support for sqlite NSS databases.\n\n - Compare subject CN and VS hostname during server start\n up.\n\n - Add support for enabling TLS v1.2.\n\n - Don't enable SSL 3 by default. (CVE-2014-3566)\n\n - Fix CVE-2013-4566.\n\n - Move nss_pcache to /usr/libexec.\n\n - Support httpd 2.4+.\n\n - SHA256 cipher names change spelling from *_sha256 to\n *_sha_256.\n\n - Use apache2-systemd-ask-pass to prompt for a certificate\n passphrase. (bsc#972968, bsc#975394)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=972968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=975394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5244/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3099/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162396-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ba2c8c5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2016-1391=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2016-1391=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_nss-1.0.14-10.14.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_nss-debuginfo-1.0.14-10.14.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_nss-debugsource-1.0.14-10.14.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_nss\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
