Debian DLA-1518-1 : polarssl security update

2018-09-27T00:00:00

Description

Two vulnerabilities were discovered in polarssl, a lightweight crypto and SSL/TLS library (nowadays continued under the name mbedtls) which could result in plain text recovery via side-channel attacks. Two other minor vulnerabilities were discovered in polarssl which could result in arithmetic overflow errors. CVE-2018-0497 As a protection against the Lucky Thirteen attack, the TLS code for CBC decryption in encrypt-then-MAC mode performs extra MAC calculations to compensate for variations in message size due to padding. The amount of extra MAC calculation to perform was based on the assumption that the bulk of the time is spent in processing 64-byte blocks, which is correct for most supported hashes but not for SHA-384. Correct the amount of extra work for SHA-384 (and SHA-512 which is currently not used in TLS, and MD2 although no one should care about that). This is a regression fix for what CVE-2013-0169 had been fixed this. CVE-2018-0498 The basis for the Lucky 13 family of attacks is for an attacker to be able to distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding. Since our code sets padlen = 0 for invalid padding, the length of the input to the HMAC function gives information about that. Information about this length (modulo the MD/SHA block size) can be deduced from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used. If MD/SHA padding is read from a (static) buffer, a local attacker could get information about how much is used via a cache attack targeting that buffer. Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA one, which is always read fully by the process() function. CVE-2018-9988 Prevent arithmetic overflow on bounds check and add bound check before signature length read in ssl_parse_server_key_exchange(). CVE-2018-9989 Prevent arithmetic overflow on bounds check and add bound check before length read in ssl_parse_server_psk_hint() For Debian 8 'Jessie', these problems have been fixed in version 1.3.9-2.1+deb8u4. We recommend that you upgrade your polarssl packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "DEBIAN_DLA-1518.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DLA-1518-1 : polarssl security update", "description": "Two vulnerabilities were discovered in polarssl, a lightweight crypto and SSL/TLS library (nowadays continued under the name mbedtls) which could result in plain text recovery via side-channel attacks.\n\nTwo other minor vulnerabilities were discovered in polarssl which could result in arithmetic overflow errors.\n\nCVE-2018-0497\n\nAs a protection against the Lucky Thirteen attack, the TLS code for CBC decryption in encrypt-then-MAC mode performs extra MAC calculations to compensate for variations in message size due to padding. The amount of extra MAC calculation to perform was based on the assumption that the bulk of the time is spent in processing 64-byte blocks, which is correct for most supported hashes but not for SHA-384. Correct the amount of extra work for SHA-384 (and SHA-512 which is currently not used in TLS, and MD2 although no one should care about that).\n\nThis is a regression fix for what CVE-2013-0169 had been fixed this.\n\nCVE-2018-0498\n\nThe basis for the Lucky 13 family of attacks is for an attacker to be able to distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding. Since our code sets padlen = 0 for invalid padding, the length of the input to the HMAC function gives information about that.\n\nInformation about this length (modulo the MD/SHA block size) can be deduced from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used. If MD/SHA padding is read from a (static) buffer, a local attacker could get information about how much is used via a cache attack targeting that buffer.\n\nLet's get rid of this buffer. Now the only buffer used is the internal MD/SHA one, which is always read fully by the process() function.\n\nCVE-2018-9988\n\nPrevent arithmetic overflow on bounds check and add bound check before signature length read in ssl_parse_server_key_exchange().\n\nCVE-2018-9989\n\nPrevent arithmetic overflow on bounds check and add bound check before length read in ssl_parse_server_psk_hint()\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.3.9-2.1+deb8u4.\n\nWe recommend that you upgrade your polarssl packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2018-09-27T00:00:00", "modified": "2022-12-05T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/117711", "reporter": "This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9989", "https://packages.debian.org/source/jessie/polarssl", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9988", "https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0497", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0498"], "cvelist": ["CVE-2013-0169", "CVE-2018-0497", "CVE-2018-0498", "CVE-2018-9988", "CVE-2018-9989"], "immutableFields": [], "lastseen": "2023-05-20T14:40:51", "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSH_ADVISORY2.ASC", "OPENSSL_ADVISORY5.ASC"]}, {"type": "altlinux", "idList": ["39DBB4D94511FCA7FDA51A77CFC51473", "7D3BBDC21038EFD8B1902BE7C13DF0E4", "86333ABC5C9649A16C2D01CDB74BE5C4", "F69337A7FACE56FE25E8F0492906D4BA", "FB75E7F7060485250B21CEA7891ABBD6"]}, {"type": "amazon", "idList": ["ALAS-2013-162", "ALAS-2013-163", "ALAS-2013-171", "ALAS-2014-320"]}, {"type": "archlinux", "idList": ["ASA-201605-3", "ASA-201605-4"]}, {"type": "centos", "idList": ["CESA-2013:0273", "CESA-2013:0274", "CESA-2013:0275", "CESA-2013:0587"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "cnvd", "idList": ["CNVD-2021-59609"]}, {"type": "cve", "idList": ["CVE-2013-0169", "CVE-2013-1618", "CVE-2013-1619", "CVE-2013-1620", "CVE-2013-1621", "CVE-2013-1623", "CVE-2013-1624", "CVE-2013-2116", "CVE-2016-2107", "CVE-2018-0497", "CVE-2018-0498", "CVE-2018-9988", "CVE-2018-9989"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1518-1:A6705", "DEBIAN:DLA-1518-1:EF500", "DEBIAN:DLA-2826-1:14CB9", "DEBIAN:DSA-2621-1:52BC0", "DEBIAN:DSA-2622-1:EE504", "DEBIAN:DSA-4296-1:E5BF9"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-0169", "DEBIANCVE:CVE-2013-1619", "DEBIANCVE:CVE-2013-1620", "DEBIANCVE:CVE-2013-1624", "DEBIANCVE:CVE-2016-2107", "DEBIANCVE:CVE-2018-0497", "DEBIANCVE:CVE-2018-0498", "DEBIANCVE:CVE-2018-9988", "DEBIANCVE:CVE-2018-9989"]}, {"type": "f5", "idList": ["F5:K14190", "F5:K15622", "F5:K15630", "F5:K15637", "F5:K93600123", "SOL14190", "SOL15630", "SOL15637", "SOL15721", "SOL93600123"]}, {"type": "fedora", "idList": ["FEDORA:08FDA6048FC4", "FEDORA:10FC06048FEE", "FEDORA:11FDB603B260", "FEDORA:2554F6051CC0", "FEDORA:2DB19603E84B", "FEDORA:30021603E85E", "FEDORA:3F0A060CEC5C", "FEDORA:4C97C603E84D", "FEDORA:5F614206D5", "FEDORA:67F53603E84F", "FEDORA:811AA20A83", "FEDORA:8C663603E856", "FEDORA:B55866093D5D", "FEDORA:BA848210A3", "FEDORA:C01F021E98", "FEDORA:C041720764", "FEDORA:C308C6048D23", "FEDORA:C6E3221DBD"]}, {"type": "freebsd", "idList": ["00B0D8CD-7097-11E2-98D9-003067C2616F", "69BFC852-9BD0-11E2-A7BE-8C705AF55518", "F4876DD4-9CA8-11E8-AA17-0011D823EEBD"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-13:03.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201310-10", "GLSA-201312-03", "GLSA-201401-30", "GLSA-201406-32"]}, {"type": "github", "idList": ["GHSA-8353-FGCR-XFHX"]}, {"type": "hackerone", "idList": ["H1:255041"]}, {"type": "ibm", "idList": ["094C676690DD74F0A877C604DAE40B5DBAAF1713090F5D65D95FB5F47C419C9C", "0A2F4509B2B4AFE8F720A6AF92997F57DF2C869B533D164E26BFB106E3AA5DC4", "0CA57BDC2A5B29D7A05B000C9F4660CECD108471C93FE144B5B5B7B541E5DB80", "1490E64B6C89A28FE7D82BD31871B5BCF0AA0EDCD3A3B483DF42E4A809F821F4", "1643D6D42AA03B195E5B38E5C611550B5917ADFCFB91A4CEE3FA17D822F63866", "17F2DE1F272EBF8E1F0E16B3A3D0C121D7F53002360A33B2E318E8910C665E9D", "1C551C877DFFA66B0623C95693FBE991A11A9D99C3C26E971DC816B27098E8DD", "1DC0A9C6D3EFE4EEA571DAAA9286B8F974D5ECF8F3BAAA188781D697B6DC2546", "1DD17DFA982ED4D61FB750115CB0EF37D8B00E016AE5F0F656377426A5C4EE18", "1F28273F958E55F6FE1789A83C92EDED4F2AAA3B9D872DA2CEAA127470C88CCE", "236329FBB4C57928A51AF5989855EBBE8AEFC2496ED2345E1CE8C703B7EA9BD5", "2888C8C51406BDD1DDB129FA2FD21486139C2B46881E4BF8D52B96F286B243B4", "31C0AFB718E47F2565BB2125DFEA05544B924823108F7C7BE892843715FA5571", "322619DE13AD7AE40C87D0499D49F5FD2A44C7972AD6C9A81CD50939DF001639", "3258D879016CCEB97F8F543943D502B2C423771C5D452641CB88919F035248B5", "3B57923CAB505EF521BBA172A4E2D8A03F9751E11D84F9D7571E2F66E3F439C9", "3D0BC65439AE2C6207784D85D50B1217AFC4355059DD4B08B7D876C83FA00ACE", "3F34D8EA25B1CFED1F77BE0A29D70083D293CF0532267E430A4F453410CE1576", "42CDE43C2F08FD3C2E311B9F3BB48950BDFCDDA3BF0F895A9FF7750A3690B573", "43B76C333A7576029A83B6169787B1ACB6CA6F7F5FB81FE4498044B211FB42E4", "474383EC7932F456FF11851996BAA76765D90113FA098C62CA6E0DE8A1088855", "476070037D8C6B95A023CADE7B7B8E36D86FE85A0AE9BDFC8D5FB131FC5DB6F9", "48C1F15C09B1F7BDA80A9EFEADECD71756B3E935BF8D2C49D4EBF682961DBB6E", "4B79D8EB462A55A962C272FC6E71910088E63C9F67E0839F26A4A73F042A12DF", "4E588C74A55CD9FFE957FBF604B06826EB4B08A52741A2D771A96FB3782D2303", "511A2CEA23CFB8B15C62F78EE3A158E3C8F986D7D0E152D292B641365BBD08F1", "51A25EC520455269A79F9DDA6AEB73FB003F12BAA0B35BFB5A6A50A403534F59", "540B5BFC7425C0A1AEC2AE0E39CAFAA87610B3C5A51646F532BF2994455918B4", "5791D1CE1402BA2CCCB885DE108E94B6A0D7E17C594791D10D2118C7AD239041", "5DDB5CECEC283344BB3F493BC01FBE017DB8DDFB43CB94DFA49BBFFB5437AC29", "618A72A7D08892ADCD819AD422F802E0F22DD66F0926AF2D81288E8865A68EFC", "61C29B2018A4B8DC7247FEB87D67D749F5AB58D20D16FB7F0426B1B9762B49FF", "630F07BCFBA91233BBB559ED997B4656AF3D22DB4D916E90B078150D1E4475A5", "635552E99951D8D5AEBD584BBE0C8D1EBBAE770AEE83BA96CDC88B692C2A1891", "65F855CBB6E474F39746F43DB188D7D6BFF25111F9027E1DC2947DAACA0066DC", "66CBA83FF8DB4B1480B110763AD607AB3CE8490A3D98399E9C813B066837800F", "69F32F166EB30A983D321FEF01D6359F9C720CB30502BC0DC1A0C7C9E4BECE5F", "7395B8BB0E921EA44FC2DA34DC1642BF4297981E52ABAF79CE1C5A075991C089", "7657AB8E9AC9E04C2A3E8106D178B61FA9C47F6720A6C18CE94D1DFB2ABE8793", "76B052C00B7D3B7660A204A6BD72087C4E84FB5E8C7CEA95BE48BBACC2FC5AD0", "7BA745D5E73DB0357EF4DBFC0D8A2DB4DA2A4CEC7B1D7138B96712A2B403839C", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "80952E481DBBFE075E1E11F8AE4B7BDB89FD8CB66DFBE913C231D73EF1E5C852", "88C6B153E8539F010657B5F23ADB7EC58D8F5DE163EBE45D240E77FC480565B5", "893B4BFAF96F5CCE46A3F4BB145D13A37B810A30BC0EF9EEB46E92F43F2965B9", "89826858CF10F9B56C50470B3C39DB96D911844221CFE9ED3E49161D3BCF5F04", "8FB0EF2BC912FEF8086EDA6A85F6EADBA8F6FD58431B3D97965CB05312955112", "915F25F9D4BBEE1CAACAA6F5FD6ACC3E18033BE658B9A06B8B13ACD613C9B6FD", "9767587F564D9C9625F74EB5AC595ABB7605EE6BA3253E7CAEBC767879A17130", "9C1F47AF22D3FE94B849B30F92E5DF03ECA2B7ADBF7975CC80E0E36479905E36", "9EB202E5169E83CA3DE86AF32B2513BB89B1A82D62E1E66F378A15560B279609", "9F83ED7D961B69342BBB0C4157AF6D1AD1EF3528F0C8EC1218A10D5B884F6B87", "A5137BA80934878703E513A2E2362BDF3EE170D02FF731389CA4911F76DACF16", "A866252B75E912D0B0730469904A7C2D30F443084DF2C8AC2265ED850925178B", "ABEB10FAE05FC24F89DEF01481AC39609E9B6830F4501FB4E71427C5078B01EE", "ACD785EFFF948519FD0D49C90B1E5FD1AC79B738AC42DC13E0C51385CE4CE9AB", "AD3DEE6A50AC4F6651955CE510E56DC0170683854BF573E9389CCA2769B638B1", "ADCCD07ABE84A7FC8550F577A3823CD6D29F46A50A4065FB573165CDF08E84E1", "B2A692687E0D397416E3549B4377E5B3319BF086A451607250B307F6DEECCF53", "B8CDE2E20BC16C41FC85BA2A86684E11CDAD295FBFA9F508C045F715A67AC321", "BC14F6832E7A855373319126E5CF0A69CAAC1369B245AE25C03158E47AD57D0A", "BE9A67BD9BDD24F3FA830A98F5DC10D0C03A55261ED483855170AC3FF8B34B20", "C43295EDCDB671C41F9E96483F5E89378A947A89F40869B467F309DBF973E6B7", "C44E07EA5086C9BEBD0E896839F7E52E6DE1B379F604FBD6F4A29FB1A0D32827", "C4FDDC1384D8FD0DDE8B004DBBC87A757834460AE92B55B9C87335F27F45968F", "C53887B5065E8CBF2E75B8207E4CC5546F907715375F0C60DDEEACFD8829F5D5", "C886374FAD3679EE6A5BD963F389F833A405B75137FC01C5D8C98D9F3D152423", "CFB76C7955286783207A10F8AD81EE581F67A422A7BCC33041BABFA8A0EAE5C1", "D09ABF92F9241537F2411A406C8EBC7E6385C510450FCBD8E4BEA2A58ED1A1F8", "E05BB8F45DC047A2895F7AC85F4B8A9F55D22D985F0D4F65E95F3141873851DC", "E59ACF3695AD2CD789F134AAEEB562DA1F3666F9F39B6C6075E68D3EB0B3D646", "E807324C5E086363AD4484F48FAC20F17946148F82B1FD2BEB5F79FF92D4D4EB", "EE216EF5D81838DBD9885BCCAD28FE9FA806673A7B6C6F9FD4DC5F95C8DC1B7C", "F0DE6E4E0B989C212565A180164B3116C1C0A2058857C3A677B778E4539132ED", "F5B4855A2BDF3424779D9A7DEEC69330CBD0503AFAA4BF2D919922C8B5B9AAE7", "F6BF964257D9117951117EACB7D0B6AB86CADA510E6E8CC1798F11D49A2CE23B", "F9CC95E70A9161C3B608A1B574CD3163423445BE11BF9B52BFC0E69641BB32D2", "FB5FC638F0F9678EB3E47AF62A74BAF20709E94BB9ADB83967699806B344DB3C", "FD7351ECB85A42C62F9023BAC5EEEAF6CF37D6FC6389D561479E0D751AD3BA8F", "FE752375F93FC92B2A9739798BAB02AD01A97863DA8F24EEBD0ACD3ABB213574", "FFCC3373408F02CC542763623853BD92D404CF7A56813566A2A692A6EC5C572D"]}, {"type": "ics", "idList": ["ICSA-19-192-04", "ICSA-22-097-01", "ICSA-22-349-21"]}, {"type": "mageia", "idList": ["MGASA-2013-0290", "MGASA-2018-0253", "MGASA-2018-0432"]}, {"type": "nessus", "idList": ["6868.PRM", "8008.PRM", "801052.PRM", "AIX_OPENSSL_ADVISORY5.NASL", "ALA_ALAS-2013-162.NASL", "ALA_ALAS-2013-163.NASL", "ALA_ALAS-2013-171.NASL", "CENTOS_RHSA-2013-0273.NASL", "CENTOS_RHSA-2013-0274.NASL", "CENTOS_RHSA-2013-0275.NASL", "CENTOS_RHSA-2013-0587.NASL", "DB2_101FP3A.NASL", "DB2_97FP9.NASL", "DEBIAN_DLA-2826.NASL", "DEBIAN_DSA-2621.NASL", "DEBIAN_DSA-2622.NASL", "DEBIAN_DSA-4296.NASL", "EULEROS_SA-2019-1547.NASL", "F5_BIGIP_SOL14190.NASL", "F5_BIGIP_SOL15630.NASL", "F5_BIGIP_SOL15637.NASL", "F5_BIGIP_SOL93600123.NASL", "FEDORA_2013-2793.NASL", "FEDORA_2013-2834.NASL", "FEDORA_2013-4403.NASL", "FEDORA_2018-5D6E80AB82.NASL", "FEDORA_2018-C6B5117772.NASL", "FREEBSD_PKG_00B0D8CD709711E298D9003067C2616F.NASL", "FREEBSD_PKG_69BFC8529BD011E2A7BE8C705AF55518.NASL", "FREEBSD_PKG_F4876DD49CA811E8AA170011D823EEBD.NASL", "GENTOO_GLSA-201310-10.NASL", "GENTOO_GLSA-201312-03.NASL", "GENTOO_GLSA-201401-30.NASL", "GENTOO_GLSA-201406-32.NASL", "IBM_GSKIT_SWG21638270.NASL", "IBM_HTTP_SERVER_491407.NASL", "IBM_TEM_8_2_1372.NASL", "IBM_TSM_SERVER_5_5_X.NASL", "IBM_TSM_SERVER_6_1_X.NASL", "IBM_TSM_SERVER_6_2_6_0.NASL", "IBM_TSM_SERVER_6_3_4_200.NASL", "IPSWITCH_IMAIL_12_3.NASL", "JUNIPER_JSA10575.NASL", "JUNIPER_NSM_JSA10642.NASL", "JUNIPER_SPACE_JSA10659.NASL", "JUNOS_PULSE_JSA10591.NASL", "MACOSX_10_8_5.NASL", "MACOSX_SECUPD2013-004.NASL", "MANDRIVA_MDVSA-2013-014.NASL", "MANDRIVA_MDVSA-2013-050.NASL", "MANDRIVA_MDVSA-2013-052.NASL", "MANDRIVA_MDVSA-2013-095.NASL", "NEWSTART_CGSL_NS-SA-2019-0020_OPENSSL098E.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_NSS.NASL", "OPENSSL_0_9_8Y.NASL", "OPENSSL_1_0_0K.NASL", "OPENSSL_1_0_1D.NASL", "OPENSSL_1_0_1E.NASL", "OPENSUSE-2013-153.NASL", "OPENSUSE-2013-154.NASL", "OPENSUSE-2013-164.NASL", "OPENSUSE-2016-294.NASL", "OPENSUSE-2018-382.NASL", "ORACLELINUX_ELSA-2013-0273.NASL", "ORACLELINUX_ELSA-2013-0274.NASL", "ORACLELINUX_ELSA-2013-0275.NASL", "ORACLELINUX_ELSA-2013-0587.NASL", "ORACLEVM_OVMSA-2014-0007.NASL", "ORACLEVM_OVMSA-2014-0008.NASL", "ORACLE_JAVA_CPU_FEB_2013_1.NASL", "ORACLE_JAVA_CPU_FEB_2013_1_UNIX.NASL", "ORACLE_RDBMS_CPU_OCT_2013.NASL", "REDHAT-RHSA-2013-0273.NASL", "REDHAT-RHSA-2013-0274.NASL", "REDHAT-RHSA-2013-0275.NASL", "REDHAT-RHSA-2013-0531.NASL", "REDHAT-RHSA-2013-0532.NASL", "REDHAT-RHSA-2013-0587.NASL", "REDHAT-RHSA-2013-0636.NASL", "REDHAT-RHSA-2013-0822.NASL", "REDHAT-RHSA-2013-0823.NASL", "REDHAT-RHSA-2013-0833.NASL", "REDHAT-RHSA-2013-0855.NASL", "REDHAT-RHSA-2013-1455.NASL", "REDHAT-RHSA-2013-1456.NASL", "REDHAT-RHSA-2014-0416.NASL", "SLACKWARE_SSA_2013-040-01.NASL", "SL_20130304_OPENSSL_ON_SL5_X.NASL", "SOLARIS11_GNUTLS_20130924.NASL", "SOLARIS11_NSS_20140809.NASL", "SOLARIS11_OPENSSL_20130716.NASL", "SPLUNK_503.NASL", "STUNNEL_4_55.NASL", "SUSE_11_COMPAT-OPENSSL097G-141202.NASL", "SUSE_11_JAVA-1_6_0-IBM-130416.NASL", "SUSE_11_JAVA-1_6_0-OPENJDK-130221.NASL", "SUSE_11_JAVA-1_7_0-IBM-130415.NASL", "SUSE_11_LIBOPENSSL-DEVEL-130325.NASL", "SUSE_JAVA-1_6_0-IBM-8544.NASL", "SUSE_OPENSSL-8517.NASL", "TIVOLI_DIRECTORY_SVR_SWG21638270.NASL", "UBUNTU_USN-1732-1.NASL", "UBUNTU_USN-1732-2.NASL", "UBUNTU_USN-1732-3.NASL", "UBUNTU_USN-1735-1.NASL", "UBUNTU_USN-4267-1.NASL", "VMWARE_ESXI_5_0_BUILD_1311177_REMOTE.NASL", "VMWARE_ESXI_5_1_BUILD_1483097_REMOTE.NASL", "VMWARE_ESX_VMSA-2013-0009_REMOTE.NASL", "VMWARE_VMSA-2013-0009.NASL", "WEBSPHERE_6_1_0_47.NASL", "WEBSPHERE_7_0_0_29.NASL", "WEBSPHERE_8_0_0_6.NASL", "WEBSPHERE_8_0_0_7.NASL", "WEBSPHERE_8_5_0_2.NASL", "WEBSPHERE_8_5_5.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2013-0169", "OPENSSL:CVE-2016-2107"]}, {"type": "openvas", "idList": ["OPENVAS:103749", "OPENVAS:103872", "OPENVAS:1361412562310103749", "OPENVAS:1361412562310103872", "OPENVAS:1361412562310105413", "OPENVAS:1361412562310120209", "OPENVAS:1361412562310120390", "OPENVAS:1361412562310120391", "OPENVAS:1361412562310120555", "OPENVAS:1361412562310121048", "OPENVAS:1361412562310121084", "OPENVAS:1361412562310121127", "OPENVAS:1361412562310121235", "OPENVAS:1361412562310123684", "OPENVAS:1361412562310123719", "OPENVAS:1361412562310123720", "OPENVAS:1361412562310123721", "OPENVAS:1361412562310704296", "OPENVAS:1361412562310841323", "OPENVAS:1361412562310841327", "OPENVAS:1361412562310841348", "OPENVAS:1361412562310841378", "OPENVAS:1361412562310844330", "OPENVAS:1361412562310850410", "OPENVAS:1361412562310850412", "OPENVAS:1361412562310851223", "OPENVAS:1361412562310865421", "OPENVAS:1361412562310865434", "OPENVAS:1361412562310865516", "OPENVAS:1361412562310866899", "OPENVAS:1361412562310866977", "OPENVAS:1361412562310870916", "OPENVAS:1361412562310870924", "OPENVAS:1361412562310870926", "OPENVAS:1361412562310870944", "OPENVAS:1361412562310875177", "OPENVAS:1361412562310875179", "OPENVAS:1361412562310875182", "OPENVAS:1361412562310875183", "OPENVAS:1361412562310875362", "OPENVAS:1361412562310877578", "OPENVAS:1361412562310881602", "OPENVAS:1361412562310881606", "OPENVAS:1361412562310881610", "OPENVAS:1361412562310881611", "OPENVAS:1361412562310881620", "OPENVAS:1361412562310881669", "OPENVAS:1361412562310891518", "OPENVAS:1361412562310892621", "OPENVAS:1361412562310892622", "OPENVAS:1361412562311220191547", "OPENVAS:841323", "OPENVAS:841327", "OPENVAS:841348", "OPENVAS:841378", "OPENVAS:850410", "OPENVAS:850412", "OPENVAS:865421", "OPENVAS:865434", "OPENVAS:865516", "OPENVAS:866899", "OPENVAS:866977", "OPENVAS:870916", "OPENVAS:870924", "OPENVAS:870926", "OPENVAS:870944", "OPENVAS:881602", "OPENVAS:881606", "OPENVAS:881610", "OPENVAS:881611", "OPENVAS:881620", "OPENVAS:881669", "OPENVAS:892621", "OPENVAS:892622"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2013-1899837"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0273", "ELSA-2013-0274", "ELSA-2013-0275", "ELSA-2013-0587", "ELSA-2015-3022", "ELSA-2016-3621", "ELSA-2019-4747", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:CVE-2016-2107", "OSV:DLA-1518-1", "OSV:DLA-2826-1", "OSV:DSA-2621-1", "OSV:DSA-2622-1", "OSV:DSA-4296-1", "OSV:GHSA-8353-FGCR-XFHX"]}, {"type": "redhat", "idList": ["RHSA-2013:0273", "RHSA-2013:0274", "RHSA-2013:0275", "RHSA-2013:0531", "RHSA-2013:0532", "RHSA-2013:0587", "RHSA-2013:0636", "RHSA-2013:0783", "RHSA-2013:0822", "RHSA-2013:0823", "RHSA-2013:0833", "RHSA-2013:0855", "RHSA-2013:1455", "RHSA-2013:1456", "RHSA-2014:0416", "RHSA-2020:4298"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29043", "SECURITYVULNS:DOC:29601", "SECURITYVULNS:DOC:29602", "SECURITYVULNS:DOC:29603", "SECURITYVULNS:DOC:29893", "SECURITYVULNS:DOC:30449", "SECURITYVULNS:VULN:12873", "SECURITYVULNS:VULN:12887", "SECURITYVULNS:VULN:13186", "SECURITYVULNS:VULN:13663"]}, {"type": "slackware", "idList": ["SSA-2013-040-01", "SSA-2013-042-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:0375-1", "OPENSUSE-SU-2013:0378-1", "OPENSUSE-SU-2016:0640-1", "SUSE-SU-2013:0328-1", "SUSE-SU-2013:0701-1", "SUSE-SU-2013:0701-2", "SUSE-SU-2014:0320-1", "SUSE-SU-2015:0578-1"]}, {"type": "symantec", "idList": ["SMNTC-1363"]}, {"type": "ubuntu", "idList": ["USN-1732-1", "USN-1732-2", "USN-1732-3", "USN-1735-1", "USN-4267-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-2686", "UB:CVE-2013-0169", "UB:CVE-2013-1619", "UB:CVE-2013-1620", "UB:CVE-2013-1621", "UB:CVE-2013-1623", "UB:CVE-2013-1624", "UB:CVE-2013-2116", "UB:CVE-2016-2107", "UB:CVE-2018-0497", "UB:CVE-2018-0498", "UB:CVE-2018-9988", "UB:CVE-2018-9989"]}, {"type": "veracode", "idList": ["VERACODE:10846", "VERACODE:3347", "VERACODE:3568"]}, {"type": "vmware", "idList": ["VMSA-2013-0009", "VMSA-2013-0009.3"]}]}, "score": {"value": -0.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSH_ADVISORY2.ASC"]}, {"type": "amazon", "idList": ["ALAS-2014-320"]}, {"type": "archlinux", "idList": ["ASA-201605-3"]}, {"type": "centos", "idList": ["CESA-2013:0273", "CESA-2013:0274", "CESA-2013:0275", "CESA-2013:0587"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "cve", "idList": ["CVE-2013-0169"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4296-1:E5BF9"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-0169", "DEBIANCVE:CVE-2018-0497", "DEBIANCVE:CVE-2018-0498", "DEBIANCVE:CVE-2018-9988", "DEBIANCVE:CVE-2018-9989"]}, {"type": "f5", "idList": ["SOL14190", "SOL15630", "SOL15637", "SOL15721"]}, {"type": "fedora", "idList": ["FEDORA:08FDA6048FC4", "FEDORA:10FC06048FEE", "FEDORA:11FDB603B260", "FEDORA:2554F6051CC0", "FEDORA:2DB19603E84B", "FEDORA:30021603E85E", "FEDORA:3F0A060CEC5C", "FEDORA:4C97C603E84D", "FEDORA:67F53603E84F", "FEDORA:8C663603E856", "FEDORA:C308C6048D23"]}, {"type": "freebsd", "idList": ["00B0D8CD-7097-11E2-98D9-003067C2616F", "69BFC852-9BD0-11E2-A7BE-8C705AF55518"]}, {"type": "gentoo", "idList": ["GLSA-201401-30"]}, {"type": "ibm", "idList": ["3F34D8EA25B1CFED1F77BE0A29D70083D293CF0532267E430A4F453410CE1576"]}, {"type": "ics", "idList": ["ICSA-19-192-04"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AMAZON-LINUX-AMI-ALAS-2014-320/"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2013-0273.NASL", "DEBIAN_DSA-4296.NASL", "FEDORA_2013-2793.NASL", "OPENSSL_1_0_1D.NASL", "OPENSUSE-2018-382.NASL", "ORACLELINUX_ELSA-2013-0273.NASL", "SLACKWARE_SSA_2013-040-01.NASL", "UBUNTU_USN-4267-1.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2013-0169", "OPENSSL:CVE-2016-2107"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704296", "OPENVAS:1361412562310844330", "OPENVAS:1361412562310881606", "OPENVAS:881669"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2013-1899837"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0275"]}, {"type": "redhat", "idList": ["RHSA-2013:0783", "RHSA-2013:0823", "RHSA-2014:0416"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29893"]}, {"type": "slackware", "idList": ["SSA-2013-040-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:0378-1"]}, {"type": "symantec", "idList": ["SMNTC-1363"]}, {"type": "ubuntu", "idList": ["USN-4267-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-0497", "UB:CVE-2018-0498", "UB:CVE-2018-9988", "UB:CVE-2018-9989"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2013-0169", "epss": 0.00536, "percentile": 0.73799, "modified": "2023-05-06"}, {"cve": "CVE-2018-0497", "epss": 0.00439, "percentile": 0.71028, "modified": "2023-05-06"}, {"cve": "CVE-2018-0498", "epss": 0.00051, "percentile": 0.1746, "modified": "2023-05-06"}, {"cve": "CVE-2018-9988", "epss": 0.0044, "percentile": 0.71047, "modified": "2023-05-06"}, {"cve": "CVE-2018-9989", "epss": 0.0044, "percentile": 0.71047, "modified": "2023-05-06"}], "vulnersScore": -0.4}, "_state": {"dependencies": 1684596290, "score": 1684598868, "epss": 0}, "_internal": {"score_hash": "9e03bc321a518e83c61b1e803b9e7bfa"}, "pluginID": "117711", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1518-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117711);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2013-0169\",\n \"CVE-2018-0497\",\n \"CVE-2018-0498\",\n \"CVE-2018-9988\",\n \"CVE-2018-9989\"\n );\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Debian DLA-1518-1 : polarssl security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Two vulnerabilities were discovered in polarssl, a lightweight crypto\nand SSL/TLS library (nowadays continued under the name mbedtls) which\ncould result in plain text recovery via side-channel attacks.\n\nTwo other minor vulnerabilities were discovered in polarssl which\ncould result in arithmetic overflow errors.\n\nCVE-2018-0497\n\nAs a protection against the Lucky Thirteen attack, the TLS code for\nCBC decryption in encrypt-then-MAC mode performs extra MAC\ncalculations to compensate for variations in message size due to\npadding. The amount of extra MAC calculation to perform was based on\nthe assumption that the bulk of the time is spent in processing\n64-byte blocks, which is correct for most supported hashes but not for\nSHA-384. Correct the amount of extra work for SHA-384 (and SHA-512\nwhich is currently not used in TLS, and MD2 although no one should\ncare about that).\n\nThis is a regression fix for what CVE-2013-0169 had been\nfixed this.\n\nCVE-2018-0498\n\nThe basis for the Lucky 13 family of attacks is for an attacker to be\nable to distinguish between (long) valid TLS-CBC padding and invalid\nTLS-CBC padding. Since our code sets padlen = 0 for invalid padding,\nthe length of the input to the HMAC function gives information about\nthat.\n\nInformation about this length (modulo the MD/SHA block size)\ncan be deduced from how much MD/SHA padding (this is\ndistinct from TLS-CBC padding) is used. If MD/SHA padding is\nread from a (static) buffer, a local attacker could get\ninformation about how much is used via a cache attack\ntargeting that buffer.\n\nLet's get rid of this buffer. Now the only buffer used is\nthe internal MD/SHA one, which is always read fully by the\nprocess() function.\n\nCVE-2018-9988\n\nPrevent arithmetic overflow on bounds check and add bound check before\nsignature length read in ssl_parse_server_key_exchange().\n\nCVE-2018-9989\n\nPrevent arithmetic overflow on bounds check and add bound check before\nlength read in ssl_parse_server_psk_hint()\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.3.9-2.1+deb8u4.\n\nWe recommend that you upgrade your polarssl packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/polarssl\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpolarssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpolarssl-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpolarssl7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libpolarssl-dev\", reference:\"1.3.9-2.1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpolarssl-runtime\", reference:\"1.3.9-2.1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpolarssl7\", reference:\"1.3.9-2.1+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["p-cpe:/a:debian:debian_linux:libpolarssl-dev", "p-cpe:/a:debian:debian_linux:libpolarssl-runtime", "p-cpe:/a:debian:debian_linux:libpolarssl7", "cpe:/o:debian:debian_linux:8.0"], "solution": "Upgrade the affected packages.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vendor_cvss2": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "vendor_cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "vpr": {"risk factor": "Low", "score": "3.6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2018-09-25T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}

{"osv": [{"lastseen": "2022-08-05T05:18:18", "description": "\nTwo vulnerabilities were discovered in polarssl, a lightweight crypto and\nSSL/TLS library (nowadays continued under the name mbedtls) which could\nresult in plain text recovery via side-channel attacks.\n\n\nTwo other minor vulnerabilities were discovered in polarssl which could\nresult in arithmetic overflow errors.\n\n\n* [CVE-2018-0497](https://security-tracker.debian.org/tracker/CVE-2018-0497)\nAs a protection against the Lucky Thirteen attack, the TLS code for\n CBC decryption in encrypt-then-MAC mode performs extra MAC\n calculations to compensate for variations in message size due to\n padding. The amount of extra MAC calculation to perform was based on\n the assumption that the bulk of the time is spent in processing\n 64-byte blocks, which is correct for most supported hashes but not for\n SHA-384. Correct the amount of extra work for SHA-384 (and SHA-512\n which is currently not used in TLS, and MD2 although no one should\n care about that).\n\n\nThis is a regression fix for what [CVE-2013-0169](https://security-tracker.debian.org/tracker/CVE-2013-0169) had been fixed this.\n* [CVE-2018-0498](https://security-tracker.debian.org/tracker/CVE-2018-0498)\nThe basis for the Lucky 13 family of attacks is for an attacker to be\n able to distinguish between (long) valid TLS-CBC padding and invalid\n TLS-CBC padding. Since our code sets padlen = 0 for invalid padding,\n the length of the input to the HMAC function gives information about\n that.\n\n\nInformation about this length (modulo the MD/SHA block size) can be\n deduced from how much MD/SHA padding (this is distinct from TLS-CBC\n padding) is used. If MD/SHA padding is read from a (static) buffer, a\n local attacker could get information about how much is used via a\n cache attack targeting that buffer.\n\n\nLet's get rid of this buffer. Now the only buffer used is the\n internal MD/SHA one, which is always read fully by the process()\n function.\n* [CVE-2018-9988](https://security-tracker.debian.org/tracker/CVE-2018-9988)\nPrevent arithmetic overflow on bounds check and add bound check\n before signature length read in ssl\\_parse\\_server\\_key\\_exchange().\n* [CVE-2018-9989](https://security-tracker.debian.org/tracker/CVE-2018-9989)\nPrevent arithmetic overflow on bounds check and add bound check\n before length read in ssl\\_parse\\_server\\_psk\\_hint()\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n1.3.9-2.1+deb8u4.\n\n\nWe recommend that you upgrade your polarssl packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2018-09-25T00:00:00", "type": "osv", "title": "polarssl - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497", "CVE-2018-9989", "CVE-2013-0169", "CVE-2018-0498", "CVE-2018-9988"], "modified": "2022-08-05T05:18:16", "id": "OSV:DLA-1518-1", "href": "https://osv.dev/vulnerability/DLA-1518-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-21T08:23:44", "description": "\nTwo vulnerabilities were discovered in mbedtls, a lightweight crypto and\nSSL/TLS library which could result in plain text recovery via\nside-channel attacks.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.4.2-1+deb9u3.\n\n\nWe recommend that you upgrade your mbedtls packages.\n\n\nFor the detailed security status of mbedtls please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/mbedtls](https://security-tracker.debian.org/tracker/mbedtls)\n\n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-09-16T00:00:00", "type": "osv", "title": "mbedtls - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497", "CVE-2018-0498"], "modified": "2022-07-21T05:49:59", "id": "OSV:DSA-4296-1", "href": "https://osv.dev/vulnerability/DSA-4296-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-21T08:14:55", "description": "\nSeveral vulnerabilities were discovered in mbed TLS, a lightweight crypto\nand SSL/TLS library, which could result in denial of service, information\ndisclosure or side-channel attacks.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.4.2-1+deb9u4.\n\n\nWe recommend that you upgrade your mbedtls packages.\n\n\nFor the detailed security status of mbedtls please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/mbedtls>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-11-23T00:00:00", "type": "osv", "title": "mbedtls - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9989", "CVE-2021-24119", "CVE-2020-36476", "CVE-2020-36475", "CVE-2020-36478", "CVE-2018-9988"], "modified": "2022-07-21T05:53:56", "id": "OSV:DLA-2826-1", "href": "https://osv.dev/vulnerability/DLA-2826-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:08:12", "description": "\nMultiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\n\n* [CVE-2013-0166](https://security-tracker.debian.org/tracker/CVE-2013-0166)\nOpenSSL does not properly perform signature verification for OCSP\n responses, which allows remote attackers to cause a denial of\n service via an invalid key.\n* [CVE-2013-0169](https://security-tracker.debian.org/tracker/CVE-2013-0169)\nA timing side channel attack has been found in CBC padding\n allowing an attacker to recover pieces of plaintext via statistical\n analysis of crafted packages, known as the Lucky Thirteen issue.\n\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.9.8o-4squeeze14.\n\n\nFor the testing distribution (wheezy), these problems will be fixed soon.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.1e-1.\n\n\nWe recommend that you upgrade your openssl packages.\n\n\n", "cvss3": {}, "published": "2013-02-13T00:00:00", "type": "osv", "title": "openssl - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-08-10T07:08:00", "id": "OSV:DSA-2621-1", "href": "https://osv.dev/vulnerability/DSA-2621-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-04-11T01:45:56", "description": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.", "cvss3": {}, "published": "2022-05-14T02:14:04", "type": "osv", "title": "Improper Input Validation in Bouncy Castle", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1624"], "modified": "2023-04-11T01:45:50", "id": "OSV:GHSA-8353-FGCR-XFHX", "href": "https://osv.dev/vulnerability/GHSA-8353-fgcr-xfhx", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-12-13T13:51:54", "description": "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.", "cvss3": {}, "published": "2016-05-05T01:59:00", "type": "osv", "title": "CVE-2016-2107", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2016-2107"], "modified": "2022-12-13T13:51:49", "id": "OSV:CVE-2016-2107", "href": "https://osv.dev/vulnerability/CVE-2016-2107", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2020-01-29T20:09:27", "description": "Two vulnerabilities were discovered in polarssl, a lightweight crypto and\nSSL/TLS library (nowadays continued under the name mbedtls) which could\nresult in plain text recovery via side-channel attacks.\n\nTwo other minor vulnerabilities were discovered in polarssl which could\nresult in arithmetic overflow errors.\n\nCVE-2018-0497\n\nAs a protection against the Lucky Thirteen attack, the TLS code for\nCBC decryption in encrypt-then-MAC mode performs extra MAC\ncalculations to compensate for variations in message size due to\npadding. The amount of extra MAC calculation to perform was based on\nthe assumption that the bulk of the time is spent in processing\n64-byte blocks, which is correct for most supported hashes but not for\nSHA-384. Correct the amount of extra work for SHA-384 (and SHA-512\nwhich is currently not used in TLS, and MD2 although no one should\ncare about that).\n\nThis is a regression fix for what CVE-2013-0169 had been fixed this.\n\nCVE-2018-0498\n\nThe basis for the Lucky 13 family of attacks is for an attacker to be\nable to distinguish between (long) valid TLS-CBC padding and invalid\nTLS-CBC padding. Since our code sets padlen = 0 for invalid padding,\nthe length of the input to the HMAC function gives information about\nthat.\n\nInformation about this length (modulo the MD/SHA block size) can be\ndeduced from how much MD/SHA padding (this is distinct from TLS-CBC\npadding) is used. If MD/SHA padding is read from a (static) buffer, a\nlocal attacker could get information about how much is used via a\ncache attack targeting that buffer.\n\nLet", "cvss3": {}, "published": "2018-09-26T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for polarssl (DLA-1518-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497", "CVE-2018-9989", "CVE-2013-0169", "CVE-2018-0498", "CVE-2018-9988"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891518", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891518", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891518\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2018-0497\", \"CVE-2018-0498\", \"CVE-2018-9988\", \"CVE-2018-9989\");\n script_name(\"Debian LTS: Security Advisory for polarssl (DLA-1518-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-09-26 00:00:00 +0200 (Wed, 26 Sep 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"polarssl on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.3.9-2.1+deb8u4.\n\nWe recommend that you upgrade your polarssl packages.\");\n\n script_tag(name:\"summary\", value:\"Two vulnerabilities were discovered in polarssl, a lightweight crypto and\nSSL/TLS library (nowadays continued under the name mbedtls) which could\nresult in plain text recovery via side-channel attacks.\n\nTwo other minor vulnerabilities were discovered in polarssl which could\nresult in arithmetic overflow errors.\n\nCVE-2018-0497\n\nAs a protection against the Lucky Thirteen attack, the TLS code for\nCBC decryption in encrypt-then-MAC mode performs extra MAC\ncalculations to compensate for variations in message size due to\npadding. The amount of extra MAC calculation to perform was based on\nthe assumption that the bulk of the time is spent in processing\n64-byte blocks, which is correct for most supported hashes but not for\nSHA-384. Correct the amount of extra work for SHA-384 (and SHA-512\nwhich is currently not used in TLS, and MD2 although no one should\ncare about that).\n\nThis is a regression fix for what CVE-2013-0169 had been fixed this.\n\nCVE-2018-0498\n\nThe basis for the Lucky 13 family of attacks is for an attacker to be\nable to distinguish between (long) valid TLS-CBC padding and invalid\nTLS-CBC padding. Since our code sets padlen = 0 for invalid padding,\nthe length of the input to the HMAC function gives information about\nthat.\n\nInformation about this length (modulo the MD/SHA block size) can be\ndeduced from how much MD/SHA padding (this is distinct from TLS-CBC\npadding) is used. If MD/SHA padding is read from a (static) buffer, a\nlocal attacker could get information about how much is used via a\ncache attack targeting that buffer.\n\nLet's get rid of this buffer. Now the only buffer used is the\ninternal MD/SHA one, which is always read fully by the process()\nfunction.\n\nCVE-2018-9988\n\nPrevent arithmetic overflow on bounds check and add bound check\nbefore signature length read in ssl_parse_server_key_exchange().\n\nCVE-2018-9989\n\nPrevent arithmetic overflow on bounds check and add bound check\nbefore length read in ssl_parse_server_psk_hint()\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libpolarssl-dev\", ver:\"1.3.9-2.1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpolarssl-runtime\", ver:\"1.3.9-2.1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpolarssl7\", ver:\"1.3.9-2.1+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:55:27", "description": "Two vulnerabilities were discovered in mbedtls, a lightweight crypto and\nSSL/TLS library which could result in plain text recovery via\nside-channel attacks.", "cvss3": {}, "published": "2018-09-16T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4296-1 (mbedtls - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497", "CVE-2018-0498"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704296", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704296", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4296-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704296\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-0497\", \"CVE-2018-0498\");\n script_name(\"Debian Security Advisory DSA 4296-1 (mbedtls - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-09-16 00:00:00 +0200 (Sun, 16 Sep 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4296.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"mbedtls on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2.4.2-1+deb9u3.\n\nWe recommend that you upgrade your mbedtls packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/mbedtls\");\n script_tag(name:\"summary\", value:\"Two vulnerabilities were discovered in mbedtls, a lightweight crypto and\nSSL/TLS library which could result in plain text recovery via\nside-channel attacks.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libmbedcrypto0\", ver:\"2.4.2-1+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmbedtls-dev\", ver:\"2.4.2-1+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmbedtls-doc\", ver:\"2.4.2-1+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmbedtls10\", ver:\"2.4.2-1+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmbedx509-0\", ver:\"2.4.2-1+deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-02-06T16:44:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-06T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for mbedtls (USN-4267-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497", "CVE-2018-0487", "CVE-2017-18187", "CVE-2018-0498", "CVE-2018-0488"], "modified": "2020-02-06T00:00:00", "id": "OPENVAS:1361412562310844330", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844330", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844330\");\n script_version(\"2020-02-06T07:28:53+0000\");\n script_cve_id(\"CVE-2017-18187\", \"CVE-2018-0487\", \"CVE-2018-0488\", \"CVE-2018-0497\", \"CVE-2018-0498\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-06 07:28:53 +0000 (Thu, 06 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-06 04:00:18 +0000 (Thu, 06 Feb 2020)\");\n script_name(\"Ubuntu: Security Advisory for mbedtls (USN-4267-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4267-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-February/005317.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mbedtls'\n package(s) announced via the USN-4267-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that mbedtls has a bounds-check bypass through an integer\noverflow that can be used by an attacked to execute arbitrary code or cause a\ndenial of service.\n(CVE-2017-18187)\n\nIt was discovered that mbedtls has a vulnerability where an attacker could\nexecute arbitrary code or cause a denial of service (buffer overflow)\nvia a crafted certificate chain that is mishandled during RSASSA-PSS\nsignature verification within a TLS or DTLS session.\n(CVE-2018-0487)\n\nIt was discovered that mbedtls has a vulnerability where an attacker could\nexecute arbitrary code or cause a denial of service (heap corruption) via a\ncrafted application packet within a TLS or DTLS session.\n(CVE-2018-0488)\n\nIt was discovered that mbedtls has a vulnerability that allows remote\nattackers to achieve partial plaintext recovery (for a CBC based ciphersuite)\nvia a timing-based side-channel attack.\n(CVE-2018-0497)\n\nIt was discovered that mbedtls has a vulnerability that allows local users to\nachieve partial plaintext recovery (for a CBC based ciphersuite) via a\ncache-based side-channel attack.\n(CVE-2018-0498)\");\n\n script_tag(name:\"affected\", value:\"'mbedtls' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmbedcrypto0\", ver:\"2.2.1-2ubuntu0.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmbedtls10\", ver:\"2.2.1-2ubuntu0.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmbedx509-0\", ver:\"2.2.1-2ubuntu0.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-13T00:00:00", "type": "openvas", "title": "Fedora Update for dolphin-emu FEDORA-2018-5d6e80ab82", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875182", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875182", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_5d6e80ab82_dolphin-emu_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for dolphin-emu FEDORA-2018-5d6e80ab82\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875182\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-13 07:07:40 +0200 (Sat, 13 Oct 2018)\");\n script_cve_id(\"CVE-2018-0497\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for dolphin-emu FEDORA-2018-5d6e80ab82\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dolphin-emu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"dolphin-emu on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-5d6e80ab82\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMG4NHFLYC6SCJDSSRT7HV7IRI2D4DZU\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"dolphin-emu\", rpm:\"dolphin-emu~5.0~25.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-13T00:00:00", "type": "openvas", "title": "Fedora Update for dislocker FEDORA-2018-5d6e80ab82", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875183", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875183", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_5d6e80ab82_dislocker_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for dislocker FEDORA-2018-5d6e80ab82\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875183\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-13 07:07:43 +0200 (Sat, 13 Oct 2018)\");\n script_cve_id(\"CVE-2018-0497\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for dislocker FEDORA-2018-5d6e80ab82\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dislocker'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"dislocker on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-5d6e80ab82\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NNIXS7UKQLOJUG7FEVPT6VW2CUKQ65S\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"dislocker\", rpm:\"dislocker~0.7.1~10.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-13T00:00:00", "type": "openvas", "title": "Fedora Update for nekovm FEDORA-2018-5d6e80ab82", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875179", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875179", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_5d6e80ab82_nekovm_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for nekovm FEDORA-2018-5d6e80ab82\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875179\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-13 07:07:34 +0200 (Sat, 13 Oct 2018)\");\n script_cve_id(\"CVE-2018-0497\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nekovm FEDORA-2018-5d6e80ab82\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nekovm'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"nekovm on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-5d6e80ab82\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYA4SSIXNC5CV3ZEAFZ4ERI24JOO3IBN\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"nekovm\", rpm:\"nekovm~2.2.0~8.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-13T00:00:00", "type": "openvas", "title": "Fedora Update for mbedtls FEDORA-2018-5d6e80ab82", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875177", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875177", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_5d6e80ab82_mbedtls_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for mbedtls FEDORA-2018-5d6e80ab82\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875177\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-13 07:07:28 +0200 (Sat, 13 Oct 2018)\");\n script_cve_id(\"CVE-2018-0497\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mbedtls FEDORA-2018-5d6e80ab82\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mbedtls'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"mbedtls on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-5d6e80ab82\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM23BJMRSZYYR22JLDBTPXOMVSJXVHTZ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"mbedtls\", rpm:\"mbedtls~2.13.0~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-18T00:00:00", "type": "openvas", "title": "Fedora Update for mbedtls FEDORA-2018-1f6ca69276", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497", "CVE-2018-19608"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875362", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id$\n#\n# Fedora Update for mbedtls FEDORA-2018-1f6ca69276\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875362\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-19608\", \"CVE-2018-0497\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-18 08:05:56 +0100 (Tue, 18 Dec 2018)\");\n script_name(\"Fedora Update for mbedtls FEDORA-2018-1f6ca69276\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1f6ca69276\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YRNPONBFEIO4HMSVRBOW7CDQLWTSN56\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mbedtls'\n package(s) announced via the FEDORA-2018-1f6ca69276 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"mbedtls on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"mbedtls\", rpm:\"mbedtls~2.14.1~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-17T23:00:34", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-320)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2014-0160"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120209", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120209", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120209\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:20:13 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-320)\");\n script_tag(name:\"insight\", value:\"The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue. The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-320.html\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2014-0160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~37.66.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~37.66.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~37.66.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~37.66.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~37.66.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-12-04T11:21:33", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2013-03-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-1732-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2012-2686"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841378", "href": "http://plugins.openvas.org/nasl.php?oid=841378", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1732_3.nasl 7958 2017-12-01 06:47:47Z santu $\n#\n# Ubuntu Update for openssl USN-1732-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and\n CVE-2012-2686 was reverted in USN-1732-2 because of a regression. This\n update restores the security fix, and includes an extra fix from upstream\n to address the AES-NI regression. We apologize for the inconvenience.\n\n Original advisory details:\n \n Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly\n handled certain crafted CBC data when used with AES-NI. A remote attacker\n could use this issue to cause OpenSSL to crash, resulting in a denial of\n service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10.\n (CVE-2012-2686)\n Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as\n used\n in OpenSSL was vulnerable to a timing side-channel attack known as the\n "Lucky Thirteen" issue. A remote attacker could use this issue to perform\n plaintext-recovery attacks via analysis of timing data. (CVE-2013-0169)\";\n\n\ntag_affected = \"openssl on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1732-3/\");\n script_id(841378);\n script_version(\"$Revision: 7958 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-28 09:51:04 +0530 (Thu, 28 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2012-2686\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1732-3\");\n script_name(\"Ubuntu Update for openssl USN-1732-3\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1-4ubuntu5.8\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1c-3ubuntu2.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:45", "description": "Oracle Linux Local Security Checks ELSA-2013-0273", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0273", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123719", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123719", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0273.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123719\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:37 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0273\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0273 - java-1.6.0-openjdk security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0273\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0273.html\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:23", "description": "Oracle Linux Local Security Checks ELSA-2013-0274", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0274", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123721", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123721", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0274.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123721\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:39 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0274\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0274 - java-1.6.0-openjdk security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0274\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0274.html\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.35.1.11.8.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.35.1.11.8.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.35.1.11.8.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.35.1.11.8.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.35.1.11.8.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:52:02", "description": "Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166 \nOpenSSL does not properly perform signature verification for OCSP\nresponses, which allows remote attackers to cause a denial of\nservice via an invalid key.\n\nCVE-2013-0169A timing side channel attack has been found in CBC padding\nallowing an attacker to recover pieces of plaintext via statistical\nanalysis of crafted packages, known as the Lucky Thirteen \nissue.", "cvss3": {}, "published": "2013-02-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892621", "href": "http://plugins.openvas.org/nasl.php?oid=892621", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2621.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2621-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"openssl on Debian Linux\";\ntag_insight = \"This package contains the openssl binary and related tools.\";\ntag_solution = \"For the stable distribution (squeeze), these problems have been fixed in\nversion 0.9.8o-4squeeze14.\n\nFor the testing distribution (wheezy), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.1e-1.\n\nWe recommend that you upgrade your openssl packages.\";\ntag_summary = \"Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166 \nOpenSSL does not properly perform signature verification for OCSP\nresponses, which allows remote attackers to cause a denial of\nservice via an invalid key.\n\nCVE-2013-0169A timing side channel attack has been found in CBC padding\nallowing an attacker to recover pieces of plaintext via statistical\nanalysis of crafted packages, known as the Lucky Thirteen \nissue.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892621);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_name(\"Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-02-13 00:00:00 +0100 (Wed, 13 Feb 2013)\");\n script_tag(name: \"cvss_base\", value:\"5.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2621.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:51:58", "description": "Check for the Version of java", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "CentOS Update for java CESA-2013:0274 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:881610", "href": "http://plugins.openvas.org/nasl.php?oid=881610", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2013:0274 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit.\n\n An improper permission check issue was discovered in the JMX component in\n OpenJDK. An untrusted Java application or applet could use this flaw to\n bypass Java sandbox restrictions. (CVE-2013-1486)\n \n It was discovered that OpenJDK leaked timing information when decrypting\n TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.\n A remote attacker could possibly use this flaw to retrieve plain text from\n the encrypted packets by using a TLS/SSL server as a padding oracle.\n (CVE-2013-0169)\n \n This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to\n the NEWS file, linked to in the References, for further information.\n \n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\";\n\n\ntag_affected = \"java on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-February/019255.html\");\n script_id(881610);\n script_version(\"$Revision: 6655 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:48:58 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:07:02 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2013:0274\");\n script_name(\"CentOS Update for java CESA-2013:0274 centos5 \");\n\n script_summary(\"Check for the Version of java\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-26T11:10:02", "description": "Check for the Version of java-1.6.0-openjdk", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "RedHat Update for java-1.6.0-openjdk RHSA-2013:0273-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2018-01-26T00:00:00", "id": "OPENVAS:870926", "href": "http://plugins.openvas.org/nasl.php?oid=870926", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for java-1.6.0-openjdk RHSA-2013:0273-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit.\n\n An improper permission check issue was discovered in the JMX component in\n OpenJDK. An untrusted Java application or applet could use this flaw to\n bypass Java sandbox restrictions. (CVE-2013-1486)\n\n It was discovered that OpenJDK leaked timing information when decrypting\n TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.\n A remote attacker could possibly use this flaw to retrieve plain text from\n the encrypted packets by using a TLS/SSL server as a padding oracle.\n (CVE-2013-0169)\n\n Note: If the web browser plug-in provided by the icedtea-web package was\n installed, CVE-2013-1486 could have been exploited without user interaction\n if a user visited a malicious website.\n\n This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to\n the NEWS file, linked to in the References, for further information.\n\n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\";\n\n\ntag_affected = \"java-1.6.0-openjdk on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00034.html\");\n script_id(870926);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:01:56 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_bugtraq_id(57778, 58029);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2013:0273-01\");\n script_name(\"RedHat Update for java-1.6.0-openjdk RHSA-2013:0273-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of java-1.6.0-openjdk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-02-05T11:10:29", "description": "Check for the Version of java-1.6.0-openjdk", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "RedHat Update for java-1.6.0-openjdk RHSA-2013:0274-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2018-02-03T00:00:00", "id": "OPENVAS:870924", "href": "http://plugins.openvas.org/nasl.php?oid=870924", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for java-1.6.0-openjdk RHSA-2013:0274-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit.\n\n An improper permission check issue was discovered in the JMX component in\n OpenJDK. An untrusted Java application or applet could use this flaw to\n bypass Java sandbox restrictions. (CVE-2013-1486)\n\n It was discovered that OpenJDK leaked timing information when decrypting\n TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.\n A remote attacker could possibly use this flaw to retrieve plain text from\n the encrypted packets by using a TLS/SSL server as a padding oracle.\n (CVE-2013-0169)\n\n This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to\n the NEWS file, linked to in the References, for further information.\n\n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\";\n\n\ntag_affected = \"java-1.6.0-openjdk on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00035.html\");\n script_id(870924);\n script_version(\"$Revision: 8650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:59 +0100 (Sat, 03 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:01:49 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_bugtraq_id(57778, 58029);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2013:0274-01\");\n script_name(\"RedHat Update for java-1.6.0-openjdk RHSA-2013:0274-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of java-1.6.0-openjdk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-1732-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2012-2686"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841378", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841378", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1732_3.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for openssl USN-1732-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1732-3/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841378\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-28 09:51:04 +0530 (Thu, 28 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2012-2686\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1732-3\");\n script_name(\"Ubuntu Update for openssl USN-1732-3\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|12\\.10)\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 12.10,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and\n CVE-2012-2686 was reverted in USN-1732-2 because of a regression. This\n update restores the security fix, and includes an extra fix from upstream\n to address the AES-NI regression. We apologize for the inconvenience.\n\n Original advisory details:\n\n Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly\n handled certain crafted CBC data when used with AES-NI. A remote attacker\n could use this issue to cause OpenSSL to crash, resulting in a denial of\n service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10.\n (CVE-2012-2686)\n Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as\n used\n in OpenSSL was vulnerable to a timing side-channel attack known as the\n 'Lucky Thirteen' issue. A remote attacker could use this issue to perform\n plaintext-recovery attacks via analysis of timing data. (CVE-2013-0169)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1-4ubuntu5.8\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1c-3ubuntu2.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-04-05T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-openssl FEDORA-2013-4403", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2012-4929"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865516", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865516", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-openssl FEDORA-2013-4403\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865516\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:43:08 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for mingw-openssl FEDORA-2013-4403\");\n script_xref(name:\"FEDORA\", value:\"2013-4403\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"mingw-openssl on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-openssl\", rpm:\"mingw-openssl~1.0.1e~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "CentOS Update for java CESA-2013:0273 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881606", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881606", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2013:0273 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"affected\", value:\"java on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit.\n\n An improper permission check issue was discovered in the JMX component in\n OpenJDK. An untrusted Java application or applet could use this flaw to\n bypass Java sandbox restrictions. (CVE-2013-1486)\n\n It was discovered that OpenJDK leaked timing information when decrypting\n TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.\n A remote attacker could possibly use this flaw to retrieve plain text from\n the encrypted packets by using a TLS/SSL server as a padding oracle.\n (CVE-2013-0169)\n\n Note: If the web browser plug-in provided by the icedtea-web package was\n installed, CVE-2013-1486 could have been exploited without user interaction\n if a user visited a malicious website.\n\n This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to\n the NEWS file, linked to in the References, for further information.\n\n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-February/019252.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881606\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:05:26 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2013:0273\");\n script_name(\"CentOS Update for java CESA-2013:0273 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "RedHat Update for java-1.6.0-openjdk RHSA-2013:0273-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870926", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870926", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for java-1.6.0-openjdk RHSA-2013:0273-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00034.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870926\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:01:56 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_bugtraq_id(57778, 58029);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2013:0273-01\");\n script_name(\"RedHat Update for java-1.6.0-openjdk RHSA-2013:0273-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1.6.0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"java-1.6.0-openjdk on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit.\n\n An improper permission check issue was discovered in the JMX component in\n OpenJDK. An untrusted Java application or applet could use this flaw to\n bypass Java sandbox restrictions. (CVE-2013-1486)\n\n It was discovered that OpenJDK leaked timing information when decrypting\n TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.\n A remote attacker could possibly use this flaw to retrieve plain text from\n the encrypted packets by using a TLS/SSL server as a padding oracle.\n (CVE-2013-0169)\n\n Note: If the web browser plug-in provided by the icedtea-web package was\n installed, CVE-2013-1486 could have been exploited without user interaction\n if a user visited a malicious website.\n\n This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to\n the NEWS file, linked to in the References, for further information.\n\n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "CentOS Update for java CESA-2013:0274 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881610", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881610", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2013:0274 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-February/019255.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881610\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:07:02 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2013:0274\");\n script_name(\"CentOS Update for java CESA-2013:0274 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"java on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit.\n\n An improper permission check issue was discovered in the JMX component in\n OpenJDK. An untrusted Java application or applet could use this flaw to\n bypass Java sandbox restrictions. (CVE-2013-1486)\n\n It was discovered that OpenJDK leaked timing information when decrypting\n TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.\n A remote attacker could possibly use this flaw to retrieve plain text from\n the encrypted packets by using a TLS/SSL server as a padding oracle.\n (CVE-2013-0169)\n\n This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to\n the NEWS file, linked to in the References, for further information.\n\n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:40:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-11T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for java-1_6_0-openjdk (openSUSE-SU-2013:0378-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850412", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850412", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850412\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:29:30 +0530 (Mon, 11 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:0378-1\");\n script_name(\"openSUSE: Security Advisory for java-1_6_0-openjdk (openSUSE-SU-2013:0378-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1_6_0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE11\\.4\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"java-1_6_0-openjdk on openSUSE 11.4\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"insight\", value:\"java-1_6_0-openjdk was updated to IcedTea 1.12.3\n (bnc#804654) containing security and bugfixes:\n\n * Security fixes\n\n - S8006446: Restrict MBeanServer access (CVE-2013-1486)\n\n - S8006777: Improve TLS handling of invalid messages\n Lucky 13 (CVE-2013-0169)\n\n - S8007688: Blacklist known bad certificate (issued by\n DigiCert)\n\n * Backports\n\n - S8007393: Possible race condition after JDK-6664509\n\n - S8007611: logging behavior in applet changed\n\n * Bug fixes\n\n - PR1319: Support GIF lib v5.\");\n\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-debuginfo\", rpm:\"java-1_6_0-openjdk-debuginfo~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-debugsource\", rpm:\"java-1_6_0-openjdk-debugsource~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo-debuginfo\", rpm:\"java-1_6_0-openjdk-demo-debuginfo~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel-debuginfo\", rpm:\"java-1_6_0-openjdk-devel-debuginfo~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:14", "description": "Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166\nOpenSSL does not properly perform signature verification for OCSP\nresponses, which allows remote attackers to cause a denial of\nservice via an invalid key.\n\nCVE-2013-0169A timing side channel attack has been found in CBC padding\nallowing an attacker to recover pieces of plaintext via statistical\nanalysis of crafted packages, known as the Lucky Thirteen\nissue.", "cvss3": {}, "published": "2013-02-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892621", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892621", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2621.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2621-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892621\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_name(\"Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-13 00:00:00 +0100 (Wed, 13 Feb 2013)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2621.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), these problems have been fixed in\nversion 0.9.8o-4squeeze14.\n\nFor the testing distribution (wheezy), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.1e-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166\nOpenSSL does not properly perform signature verification for OCSP\nresponses, which allows remote attackers to cause a denial of\nservice via an invalid key.\n\nCVE-2013-0169A timing side channel attack has been found in CBC padding\nallowing an attacker to recover pieces of plaintext via statistical\nanalysis of crafted packages, known as the Lucky Thirteen\nissue.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-4squeeze14\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-05T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2013-2834", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2013-2834\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099470.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865421\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-05 09:41:43 +0530 (Tue, 05 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2013-2834\");\n script_name(\"Fedora Update for openssl FEDORA-2013-2834\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~3.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T18:40:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-11T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for java-1_6_0-openjdk (openSUSE-SU-2013:0375-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850410", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850410", "sourceData": "# Copyright (C) 2013 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.850410\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:29:44 +0530 (Mon, 11 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:0375-1\");\n script_name(\"openSUSE: Security Advisory for java-1_6_0-openjdk (openSUSE-SU-2013:0375-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1_6_0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.1\");\n\n script_tag(name:\"affected\", value:\"java-1_6_0-openjdk on openSUSE 12.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"insight\", value:\"java-1_6_0-openjdk was updated to IcedTea 1.12.3\n (bnc#804654) containing security and bugfixes:\n\n * Security fixes\n\n - S8006446: Restrict MBeanServer access (CVE-2013-1486)\n\n - S8006777: Improve TLS handling of invalid messages\n Lucky 13 (CVE-2013-0169)\n\n - S8007688: Blacklist known bad certificate (issued by\n DigiCert)\n\n * Backports\n\n - S8007393: Possible race condition after JDK-6664509\n\n - S8007611: logging behavior in applet changed\n\n * Bug fixes\n\n - PR1319: Support GIF lib v5.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE12.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-debuginfo\", rpm:\"java-1_6_0-openjdk-debuginfo~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-debugsource\", rpm:\"java-1_6_0-openjdk-debugsource~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo-debuginfo\", rpm:\"java-1_6_0-openjdk-demo-debuginfo~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel-debuginfo\", rpm:\"java-1_6_0-openjdk-devel-debuginfo~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:28", "description": "VMware has updated the userworld OpenSSL library in vCenter Server\nto address multiple security vulnerabilities.", "cvss3": {}, "published": "2014-01-09T00:00:00", "type": "openvas", "title": "VMware Security Updates for vCenter Server (VMSA-2013-0009)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2018-08-24T00:00:00", "id": "OPENVAS:1361412562310103872", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103872", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_vcenter_VMSA-2013-0009.nasl 11108 2018-08-24 14:27:07Z mmartin $\n#\n# VMware Security Updates for vCenter Server (VMSA-2013-0009)\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103872\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 11108 $\");\n script_name(\"VMware Security Updates for vCenter Server (VMSA-2013-0009)\");\n\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2013-0009.html\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-24 16:27:07 +0200 (Fri, 24 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-09 12:04:01 +0100 (Thu, 09 Jan 2014)\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_vcenter_detect.nasl\");\n script_mandatory_keys(\"VMware_vCenter/version\", \"VMware_vCenter/build\");\n\n script_tag(name:\"vuldetect\", value:\"Check the build number.\");\n script_tag(name:\"insight\", value:\"The userworld OpenSSL library is updated to version\nopenssl-0.9.8y to resolve multiple security issues.\");\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"VMware has updated the userworld OpenSSL library in vCenter Server\nto address multiple security vulnerabilities.\");\n script_tag(name:\"affected\", value:\"VMware vCenter Server before 5.0 update 3\");\n\n exit(0);\n\n}\n\ninclude(\"vmware_esx.inc\");\n\nif ( ! vcenter_version = get_kb_item(\"VMware_vCenter/version\"))exit(0);\nif ( ! vcenter_build = get_kb_item(\"VMware_vCenter/build\"))exit(0);\n\nfixed_builds = make_array(\"5.0.0\",\"1300600\");\n\nif ( ! fixed_builds[ vcenter_version] ) exit( 0 );\n\nif ( int( vcenter_build ) < int( fixed_builds[ vcenter_version ] ) )\n{\n security_message( port:0, data: esxi_remote_report( ver:vcenter_version, build: vcenter_build, fixed_build: fixed_builds[vcenter_version], typ:'vCenter' ) );\n exit(0);\n}\n\nexit(99);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-02-06T13:10:14", "description": "Check for the Version of java-1_6_0-openjdk", "cvss3": {}, "published": "2013-03-11T00:00:00", "type": "openvas", "title": "SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0375-1 (java-1_6_0-openjdk)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2018-02-05T00:00:00", "id": "OPENVAS:850410", "href": "http://plugins.openvas.org/nasl.php?oid=850410", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_0375_1.nasl 8672 2018-02-05 16:39:18Z teissa $\n#\n# SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0375-1 (java-1_6_0-openjdk)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"java-1_6_0-openjdk was updated to IcedTea 1.12.3\n (bnc#804654) containing security and bugfixes:\n\n * Security fixes\n - S8006446: Restrict MBeanServer access (CVE-2013-1486)\n - S8006777: Improve TLS handling of invalid messages\n Lucky 13 (CVE-2013-0169)\n - S8007688: Blacklist known bad certificate (issued by\n DigiCert)\n * Backports\n - S8007393: Possible race condition after JDK-6664509\n - S8007611: logging behavior in applet changed\n * Bug fixes\n - PR1319: Support GIF lib v5.\";\n\n\ntag_affected = \"java-1_6_0-openjdk on openSUSE 12.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html\");\n script_id(850410);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:29:44 +0530 (Mon, 11 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:0375_1\");\n script_name(\"SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0375-1 (java-1_6_0-openjdk)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of java-1_6_0-openjdk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-debuginfo\", rpm:\"java-1_6_0-openjdk-debuginfo~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-debugsource\", rpm:\"java-1_6_0-openjdk-debugsource~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo-debuginfo\", rpm:\"java-1_6_0-openjdk-demo-debuginfo~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel-debuginfo\", rpm:\"java-1_6_0-openjdk-devel-debuginfo~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.6.0.0_b27.1.12.3~28.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "RedHat Update for java-1.6.0-openjdk RHSA-2013:0274-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870924", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870924", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for java-1.6.0-openjdk RHSA-2013:0274-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00035.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870924\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:01:49 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_bugtraq_id(57778, 58029);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2013:0274-01\");\n script_name(\"RedHat Update for java-1.6.0-openjdk RHSA-2013:0274-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1.6.0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"java-1.6.0-openjdk on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit.\n\n An improper permission check issue was discovered in the JMX component in\n OpenJDK. An untrusted Java application or applet could use this flaw to\n bypass Java sandbox restrictions. (CVE-2013-1486)\n\n It was discovered that OpenJDK leaked timing information when decrypting\n TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.\n A remote attacker could possibly use this flaw to retrieve plain text from\n the encrypted packets by using a TLS/SSL server as a padding oracle.\n (CVE-2013-0169)\n\n This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to\n the NEWS file, linked to in the References, for further information.\n\n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.35.1.11.8.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-02-06T13:10:42", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2013-03-05T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2013-2834", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2018-02-05T00:00:00", "id": "OPENVAS:865421", "href": "http://plugins.openvas.org/nasl.php?oid=865421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2013-2834\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"openssl on Fedora 18\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099470.html\");\n script_id(865421);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-05 09:41:43 +0530 (Tue, 05 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2013-2834\");\n script_name(\"Fedora Update for openssl FEDORA-2013-2834\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~3.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:08:38", "description": "Check for the Version of mingw-openssl", "cvss3": {}, "published": "2013-04-05T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-openssl FEDORA-2013-4403", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2012-4929"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:865516", "href": "http://plugins.openvas.org/nasl.php?oid=865516", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-openssl FEDORA-2013-4403\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\n\n This package contains Windows (MinGW) libraries and development tools.\";\n\n\ntag_affected = \"mingw-openssl on Fedora 18\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865516);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:43:08 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for mingw-openssl FEDORA-2013-4403\");\n\n script_xref(name: \"FEDORA\", value: \"2013-4403\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of mingw-openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-openssl\", rpm:\"mingw-openssl~1.0.1e~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:51:29", "description": "Check for the Version of java", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "CentOS Update for java CESA-2013:0273 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:881606", "href": "http://plugins.openvas.org/nasl.php?oid=881606", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2013:0273 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit.\n\n An improper permission check issue was discovered in the JMX component in\n OpenJDK. An untrusted Java application or applet could use this flaw to\n bypass Java sandbox restrictions. (CVE-2013-1486)\n \n It was discovered that OpenJDK leaked timing information when decrypting\n TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.\n A remote attacker could possibly use this flaw to retrieve plain text from\n the encrypted packets by using a TLS/SSL server as a padding oracle.\n (CVE-2013-0169)\n \n Note: If the web browser plug-in provided by the icedtea-web package was\n installed, CVE-2013-1486 could have been exploited without user interaction\n if a user visited a malicious website.\n \n This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to\n the NEWS file, linked to in the References, for further information.\n \n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\";\n\n\ntag_solution = \"Please Install the Updated Packages.\";\ntag_affected = \"java on CentOS 6\";\n\n\n\n\nif(description)\n{\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-February/019252.html\");\n script_id(881606);\n script_version(\"$Revision: 6655 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:48:58 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:05:26 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2013:0273\");\n script_name(\"CentOS Update for java CESA-2013:0273 centos6 \");\n\n script_summary(\"Check for the Version of java\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.56.1.11.8.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-02-06T13:10:43", "description": "Check for the Version of java-1_6_0-openjdk", "cvss3": {}, "published": "2013-03-11T00:00:00", "type": "openvas", "title": "SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0378-1 (java-1_6_0-openjdk)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2018-02-05T00:00:00", "id": "OPENVAS:850412", "href": "http://plugins.openvas.org/nasl.php?oid=850412", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_0378_1.nasl 8672 2018-02-05 16:39:18Z teissa $\n#\n# SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0378-1 (java-1_6_0-openjdk)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"java-1_6_0-openjdk was updated to IcedTea 1.12.3\n (bnc#804654) containing security and bugfixes:\n\n * Security fixes\n - S8006446: Restrict MBeanServer access (CVE-2013-1486)\n - S8006777: Improve TLS handling of invalid messages\n Lucky 13 (CVE-2013-0169)\n - S8007688: Blacklist known bad certificate (issued by\n DigiCert)\n * Backports\n - S8007393: Possible race condition after JDK-6664509\n - S8007611: logging behavior in applet changed\n * Bug fixes\n - PR1319: Support GIF lib v5.\";\n\n\ntag_solution = \"Please Install the Updated Packages.\";\ntag_affected = \"java-1_6_0-openjdk on openSUSE 11.4\";\n\n\n\n\nif(description)\n{\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_xref(name : \"URL\" , value : \"http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html\");\n script_id(850412);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:29:30 +0530 (Mon, 11 Mar 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:0378_1\");\n script_name(\"SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0378-1 (java-1_6_0-openjdk)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of java-1_6_0-openjdk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.4\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-debuginfo\", rpm:\"java-1_6_0-openjdk-debuginfo~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-debugsource\", rpm:\"java-1_6_0-openjdk-debugsource~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo-debuginfo\", rpm:\"java-1_6_0-openjdk-demo-debuginfo~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel-debuginfo\", rpm:\"java-1_6_0-openjdk-devel-debuginfo~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.6.0.0_b27.1.12.3~29.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-17T23:02:30", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-163)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120390", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120390", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120390\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:25:15 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-163)\");\n script_tag(name:\"insight\", value:\"An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486 )It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169 )\");\n script_tag(name:\"solution\", value:\"Run yum update java-1.6.0-openjdk to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-163.html\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~56.1.11.8.51.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~56.1.11.8.51.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~56.1.11.8.51.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~56.1.11.8.51.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~56.1.11.8.51.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.0~56.1.11.8.51.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-31T10:49:12", "description": "VMware has updated the userworld OpenSSL library in vCenter Server\nto address multiple security vulnerabilities.", "cvss3": {}, "published": "2014-01-09T00:00:00", "type": "openvas", "title": "VMware Security Updates for vCenter Server (VMSA-2013-0009)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2017-07-14T00:00:00", "id": "OPENVAS:103872", "href": "http://plugins.openvas.org/nasl.php?oid=103872", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_vcenter_VMSA-2013-0009.nasl 6724 2017-07-14 09:57:17Z teissa $\n#\n# VMware Security Updates for vCenter Server (VMSA-2013-0009)\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"VMware has updated the userworld OpenSSL library in vCenter Server\nto address multiple security vulnerabilities.\";\n\ntag_solution = \"Apply the missing patch(es).\";\ntag_affected = \"VMware vCenter Server before 5.0 update 3\";\ntag_vuldetect = \"Check the build number.\";\n\ntag_insight = \"The userworld OpenSSL library is updated to version\nopenssl-0.9.8y to resolve multiple security issues.\";\n\nif (description)\n{\n script_id(103872);\n script_cve_id(\"CVE-2013-0169\",\"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version (\"$Revision: 6724 $\");\n script_name(\"VMware Security Updates for vCenter Server (VMSA-2013-0009)\");\n\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2013-0009.html\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-14 11:57:17 +0200 (Fri, 14 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-09 12:04:01 +0100 (Thu, 09 Jan 2014)\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_vcenter_detect.nasl\");\n script_mandatory_keys(\"VMware_vCenter/version\",\"VMware_vCenter/build\");\n\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n\n exit(0);\n\n}\n\ninclude(\"vmware_esx.inc\");\n\nif ( ! vcenter_version = get_kb_item(\"VMware_vCenter/version\"))exit(0);\nif ( ! vcenter_build = get_kb_item(\"VMware_vCenter/build\"))exit(0);\n\nfixed_builds = make_array(\"5.0.0\",\"1300600\");\n\nif ( ! fixed_builds[ vcenter_version] ) exit( 0 );\n\nif ( int( vcenter_build ) < int( fixed_builds[ vcenter_version ] ) )\n{\n security_message( port:0, data: esxi_remote_report( ver:vcenter_version, build: vcenter_build, fixed_build: fixed_builds[vcenter_version], typ:'vCenter' ) );\n exit(0);\n} \n\nexit(99);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2022-03-26T20:11:39", "description": "Package : polarssl\nVersion : 1.3.9-2.1+deb8u4\nCVE ID : CVE-2013-0169 CVE-2018-0497 CVE-2018-0498 CVE-2018-9988 \n CVE-2018-9989\nDebian Bug : \n\n\nTwo vulnerabilities were discovered in polarssl, a lightweight crypto and\nSSL/TLS library (nowadays continued under the name mbedtls) which could\nresult in plain text recovery via side-channel attacks.\n\nTwo other minor vulnerabilities were discovered in polarssl which could\nresult in arithmetic overflow errors.\n\nCVE-2018-0497\n\n As a protection against the Lucky Thirteen attack, the TLS code for\n CBC decryption in encrypt-then-MAC mode performs extra MAC\n calculations to compensate for variations in message size due to\n padding. The amount of extra MAC calculation to perform was based on\n the assumption that the bulk of the time is spent in processing\n 64-byte blocks, which is correct for most supported hashes but not for\n SHA-384. Correct the amount of extra work for SHA-384 (and SHA-512\n which is currently not used in TLS, and MD2 although no one should\n care about that).\n\n This is a regression fix for what CVE-2013-0169 had been fixed this.\n\nCVE-2018-0498\n\n The basis for the Lucky 13 family of attacks is for an attacker to be\n able to distinguish between (long) valid TLS-CBC padding and invalid\n TLS-CBC padding. Since our code sets padlen = 0 for invalid padding,\n the length of the input to the HMAC function gives information about\n that.\n\n Information about this length (modulo the MD/SHA block size) can be\n deduced from how much MD/SHA padding (this is distinct from TLS-CBC\n padding) is used. If MD/SHA padding is read from a (static) buffer, a\n local attacker could get information about how much is used via a\n cache attack targeting that buffer.\n\n Let's get rid of this buffer. Now the only buffer used is the\n internal MD/SHA one, which is always read fully by the process()\n function.\n\n\nCVE-2018-9988\n\n Prevent arithmetic overflow on bounds check and add bound check\n before signature length read in ssl_parse_server_key_exchange().\n\nCVE-2018-9989\n\n Prevent arithmetic overflow on bounds check and add bound check\n before length read in ssl_parse_server_psk_hint()\n\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.3.9-2.1+deb8u4.\n\nWe recommend that you upgrade your polarssl packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \n\nmike gabriel aka sunweaver (Debian Developer)\nfon: +49 (1520) 1976 148\n\nGnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31\nmail: sunweaver@debian.org, http://sunweavers.net\n\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-25T12:26:52", "type": "debian", "title": "[SECURITY] [DLA 1518-1] polarssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2018-0497", "CVE-2018-0498", "CVE-2018-9988", "CVE-2018-9989"], "modified": "2018-09-25T12:26:52", "id": "DEBIAN:DLA-1518-1:EF500", "href": "https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-22T12:50:05", "description": "Package : polarssl\nVersion : 1.3.9-2.1+deb8u4\nCVE ID : CVE-2013-0169 CVE-2018-0497 CVE-2018-0498 CVE-2018-9988 \n CVE-2018-9989\nDebian Bug : \n\n\nTwo vulnerabilities were discovered in polarssl, a lightweight crypto and\nSSL/TLS library (nowadays continued under the name mbedtls) which could\nresult in plain text recovery via side-channel attacks.\n\nTwo other minor vulnerabilities were discovered in polarssl which could\nresult in arithmetic overflow errors.\n\nCVE-2018-0497\n\n As a protection against the Lucky Thirteen attack, the TLS code for\n CBC decryption in encrypt-then-MAC mode performs extra MAC\n calculations to compensate for variations in message size due to\n padding. The amount of extra MAC calculation to perform was based on\n the assumption that the bulk of the time is spent in processing\n 64-byte blocks, which is correct for most supported hashes but not for\n SHA-384. Correct the amount of extra work for SHA-384 (and SHA-512\n which is currently not used in TLS, and MD2 although no one should\n care about that).\n\n This is a regression fix for what CVE-2013-0169 had been fixed this.\n\nCVE-2018-0498\n\n The basis for the Lucky 13 family of attacks is for an attacker to be\n able to distinguish between (long) valid TLS-CBC padding and invalid\n TLS-CBC padding. Since our code sets padlen = 0 for invalid padding,\n the length of the input to the HMAC function gives information about\n that.\n\n Information about this length (modulo the MD/SHA block size) can be\n deduced from how much MD/SHA padding (this is distinct from TLS-CBC\n padding) is used. If MD/SHA padding is read from a (static) buffer, a\n local attacker could get information about how much is used via a\n cache attack targeting that buffer.\n\n Let's get rid of this buffer. Now the only buffer used is the\n internal MD/SHA one, which is always read fully by the process()\n function.\n\n\nCVE-2018-9988\n\n Prevent arithmetic overflow on bounds check and add bound check\n before signature length read in ssl_parse_server_key_exchange().\n\nCVE-2018-9989\n\n Prevent arithmetic overflow on bounds check and add bound check\n before length read in ssl_parse_server_psk_hint()\n\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.3.9-2.1+deb8u4.\n\nWe recommend that you upgrade your polarssl packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \n\nmike gabriel aka sunweaver (Debian Developer)\nfon: +49 (1520) 1976 148\n\nGnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31\nmail: sunweaver@debian.org, http://sunweavers.net\n\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-09-25T12:26:52", "type": "debian", "title": "[SECURITY] [DLA 1518-1] polarssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2018-0497", "CVE-2018-0498", "CVE-2018-9988", "CVE-2018-9989"], "modified": "2018-09-25T12:26:52", "id": "DEBIAN:DLA-1518-1:A6705", "href": "https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-04T15:15:46", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4296-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 16, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : mbedtls\nCVE ID : CVE-2018-0497 CVE-2018-0498\n\nTwo vulnerabilities were discovered in mbedtls, a lightweight crypto and\nSSL/TLS library which could result in plain text recovery via\nside-channel attacks.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.4.2-1+deb9u3.\n\nWe recommend that you upgrade your mbedtls packages.\n\nFor the detailed security status of mbedtls please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/mbedtls\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-16T20:58:39", "type": "debian", "title": "[SECURITY] [DSA 4296-1] mbedtls security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497", "CVE-2018-0498"], "modified": "2018-09-16T20:58:39", "id": "DEBIAN:DSA-4296-1:E5BF9", "href": "https://lists.debian.org/debian-security-announce/2018/msg00227.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-12-26T21:08:49", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2826-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Emilio Pozuelo Monfort\nNovember 23, 2021 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : mbedtls\nVersion : 2.4.2-1+deb9u4\nCVE ID : CVE-2018-9988 CVE-2018-9989 CVE-2020-36475 CVE-2020-36476\n CVE-2020-36478 CVE-2021-24119\n\nSeveral vulnerabilities were discovered in mbed TLS, a lightweight crypto\nand SSL/TLS library, which could result in denial of service, information\ndisclosure or side-channel attacks.\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.4.2-1+deb9u4.\n\nWe recommend that you upgrade your mbedtls packages.\n\nFor the detailed security status of mbedtls please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/mbedtls\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-11-23T13:36:24", "type": "debian", "title": "[SECURITY] [DLA 2826-1] mbedtls security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9988", "CVE-2018-9989", "CVE-2020-36475", "CVE-2020-36476", "CVE-2020-36478", "CVE-2021-24119"], "modified": "2021-11-23T13:36:24", "id": "DEBIAN:DLA-2826-1:14CB9", "href": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-02T17:09:57", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2621-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nFebruary 13, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-0166 CVE-2013-0169\nDebian Bug : 699889\n\nMultiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166\n\n OpenSSL does not properly perform signature verification for OCSP\n responses, which allows remote attackers to cause a denial of\n service via an invalid key.\n\nCVE-2013-0169\n\n A timing side channel attack has been found in CBC padding\n allowing an attacker to recover pieces of plaintext via statistical\n analysis of crafted packages, known as the "Lucky Thirteen" issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.9.8o-4squeeze14.\n\nFor the testing distribution (wheezy), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.1e-1.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-02-13T20:07:41", "type": "debian", "title": "[SECURITY] [DSA 2621-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-02-13T20:07:41", "id": "DEBIAN:DSA-2621-1:52BC0", "href": "https://lists.debian.org/debian-security-announce/2013/msg00026.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2023-05-18T14:26:54", "description": "This update for mbedtls fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-9988: Fixed buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input (boo#1089022).\n\n - CVE-2018-9989: Fixed buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input (boo#1089021).", "cvss3": {}, "published": "2018-04-23T00:00:00", "type": "nessus", "title": "openSUSE Security Update : mbedtls (openSUSE-2018-382)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-9988", "CVE-2018-9989"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libmbedtls9", "p-cpe:/a:novell:opensuse:libmbedtls9-32bit", "p-cpe:/a:novell:opensuse:libmbedtls9-debuginfo", "p-cpe:/a:novell:opensuse:libmbedtls9-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mbedtls-debugsource", "p-cpe:/a:novell:opensuse:mbedtls-devel", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-382.NASL", "href": "https://www.tenable.com/plugins/nessus/109237", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-382.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109237);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-9988\", \"CVE-2018-9989\");\n\n script_name(english:\"openSUSE Security Update : mbedtls (openSUSE-2018-382)\");\n script_summary(english:\"Check for the openSUSE-2018-382 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mbedtls fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-9988: Fixed buffer over-read in\n ssl_parse_server_key_exchange() that could cause a crash\n on invalid input (boo#1089022).\n\n - CVE-2018-9989: Fixed buffer over-read in\n ssl_parse_server_psk_hint() that could cause a crash on\n invalid input (boo#1089021).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1089021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1089022\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mbedtls packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmbedtls9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmbedtls9-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmbedtls9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmbedtls9-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mbedtls-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mbedtls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libmbedtls9-1.3.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libmbedtls9-debuginfo-1.3.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mbedtls-debugsource-1.3.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mbedtls-devel-1.3.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libmbedtls9-32bit-1.3.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libmbedtls9-debuginfo-32bit-1.3.19-24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmbedtls9 / libmbedtls9-32bit / libmbedtls9-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:40:04", "description": "Simon Butcher reports :\n\n- When using a CBC based ciphersuite, a remote attacker can partially recover the plaintext.\n\n- When using a CBC based ciphersuite, an attacker with the ability to execute arbitrary code on the machine under attack can partially recover the plaintext by use of cache based side-channels.", "cvss3": {}, "published": "2018-08-13T00:00:00", "type": "nessus", "title": "FreeBSD : mbed TLS -- plaintext recovery vulnerabilities (f4876dd4-9ca8-11e8-aa17-0011d823eebd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497", "CVE-2018-0498"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:mbedtls", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_F4876DD49CA811E8AA170011D823EEBD.NASL", "href": "https://www.tenable.com/plugins/nessus/111659", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111659);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:47\");\n\n script_cve_id(\"CVE-2018-0497\", \"CVE-2018-0498\");\n\n script_name(english:\"FreeBSD : mbed TLS -- plaintext recovery vulnerabilities (f4876dd4-9ca8-11e8-aa17-0011d823eebd)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Simon Butcher reports :\n\n- When using a CBC based ciphersuite, a remote attacker can partially\nrecover the plaintext.\n\n- When using a CBC based ciphersuite, an attacker with the ability to\nexecute arbitrary code on the machine under attack can partially\nrecover the plaintext by use of cache based side-channels.\"\n );\n # https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec6b7b20\"\n );\n # https://vuxml.freebsd.org/freebsd/f4876dd4-9ca8-11e8-aa17-0011d823eebd.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8b4ae5e5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mbedtls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mbedtls<2.12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:40:28", "description": "Two vulnerabilities were discovered in mbedtls, a lightweight crypto and SSL/TLS library which could result in plain text recovery via side-channel attacks.", "cvss3": {}, "published": "2018-09-17T00:00:00", "type": "nessus", "title": "Debian DSA-4296-1 : mbedtls - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497", "CVE-2018-0498"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:mbedtls", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4296.NASL", "href": "https://www.tenable.com/plugins/nessus/117506", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4296. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117506);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-0497\", \"CVE-2018-0498\");\n script_xref(name:\"DSA\", value:\"4296\");\n\n script_name(english:\"Debian DSA-4296-1 : mbedtls - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were discovered in mbedtls, a lightweight crypto\nand SSL/TLS library which could result in plain text recovery via\nside-channel attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/mbedtls\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/mbedtls\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4296\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mbedtls packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2.4.2-1+deb9u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mbedtls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libmbedcrypto0\", reference:\"2.4.2-1+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libmbedtls-dev\", reference:\"2.4.2-1+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libmbedtls-doc\", reference:\"2.4.2-1+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libmbedtls10\", reference:\"2.4.2-1+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libmbedx509-0\", reference:\"2.4.2-1+deb9u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:49", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2826 advisory.\n\n - ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input. (CVE-2018-9988)\n\n - ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input. (CVE-2018-9989)\n\n - An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs. (CVE-2020-36475)\n\n - An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.\n (CVE-2020-36476)\n\n - An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid. (CVE-2020-36478)\n\n - In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled- channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. (CVE-2021-24119)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-23T00:00:00", "type": "nessus", "title": "Debian DLA-2826-1 : mbedtls - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-9988", "CVE-2018-9989", "CVE-2020-36475", "CVE-2020-36476", "CVE-2020-36478", "CVE-2021-24119"], "modified": "2021-11-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libmbedcrypto0", "p-cpe:/a:debian:debian_linux:libmbedtls-dev", "p-cpe:/a:debian:debian_linux:libmbedtls10", "p-cpe:/a:debian:debian_linux:libmbedx509-0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2826.NASL", "href": "https://www.tenable.com/plugins/nessus/155683", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2826. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155683);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/23\");\n\n script_cve_id(\n \"CVE-2018-9988\",\n \"CVE-2018-9989\",\n \"CVE-2020-36475\",\n \"CVE-2020-36476\",\n \"CVE-2020-36478\",\n \"CVE-2021-24119\"\n );\n\n script_name(english:\"Debian DLA-2826-1 : mbedtls - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2826 advisory.\n\n - ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in\n ssl_parse_server_key_exchange() that could cause a crash on invalid input. (CVE-2018-9988)\n\n - ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in\n ssl_parse_server_psk_hint() that could cause a crash on invalid input. (CVE-2018-9989)\n\n - An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The\n calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters\n could lead to denial of service when generating Diffie-Hellman key pairs. (CVE-2020-36475)\n\n - An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is\n missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.\n (CVE-2020-36476)\n\n - An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL\n algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is\n considered valid. However, if the parameters do not match in any way, then the certificate should be\n considered invalid. (CVE-2020-36478)\n\n - In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows\n system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-\n channel and side-channel attack on software running in isolated environments that can be single stepped,\n especially Intel SGX. (CVE-2021-24119)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/mbedtls\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-9988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2018-9989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-36475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-36476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-36478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-24119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/mbedtls\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the mbedtls packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 2.4.2-1+deb9u4.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-36478\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmbedcrypto0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmbedtls-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmbedtls10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmbedx509-0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'libmbedcrypto0', 'reference': '2.4.2-1+deb9u4'},\n {'release': '9.0', 'prefix': 'libmbedtls-dev', 'reference': '2.4.2-1+deb9u4'},\n {'release': '9.0', 'prefix': 'libmbedtls10', 'reference': '2.4.2-1+deb9u4'},\n {'release': '9.0', 'prefix': 'libmbedx509-0', 'reference': '2.4.2-1+deb9u4'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libmbedcrypto0 / libmbedtls-dev / libmbedtls10 / libmbedx509-0');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:16:29", "description": "It was discovered that mbedtls has a bounds-check bypass through an integer overflow that can be used by an attacked to execute arbitrary code or cause a denial of service. (CVE-2017-18187)\n\nIt was discovered that mbedtls has a vulnerability where an attacker could execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.\n(CVE-2018-0487)\n\nIt was discovered that mbedtls has a vulnerability where an attacker could execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session. (CVE-2018-0488)\n\nIt was discovered that mbedtls has a vulnerability that allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. (CVE-2018-0497)\n\nIt was discovered that mbedtls has a vulnerability that allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. (CVE-2018-0498).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : mbedtls vulnerabilities (USN-4267-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18187", "CVE-2018-0487", "CVE-2018-0488", "CVE-2018-0497", "CVE-2018-0498"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libmbedcrypto0", "p-cpe:/a:canonical:ubuntu_linux:libmbedtls10", "p-cpe:/a:canonical:ubuntu_linux:libmbedx509-0", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4267-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133521", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4267-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133521);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2017-18187\", \"CVE-2018-0487\", \"CVE-2018-0488\", \"CVE-2018-0497\", \"CVE-2018-0498\");\n script_xref(name:\"USN\", value:\"4267-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : mbedtls vulnerabilities (USN-4267-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that mbedtls has a bounds-check bypass through an\ninteger overflow that can be used by an attacked to execute arbitrary\ncode or cause a denial of service. (CVE-2017-18187)\n\nIt was discovered that mbedtls has a vulnerability where an attacker\ncould execute arbitrary code or cause a denial of service (buffer\noverflow) via a crafted certificate chain that is mishandled during\nRSASSA-PSS signature verification within a TLS or DTLS session.\n(CVE-2018-0487)\n\nIt was discovered that mbedtls has a vulnerability where an attacker\ncould execute arbitrary code or cause a denial of service (heap\ncorruption) via a crafted application packet within a TLS or DTLS\nsession. (CVE-2018-0488)\n\nIt was discovered that mbedtls has a vulnerability that allows remote\nattackers to achieve partial plaintext recovery (for a CBC based\nciphersuite) via a timing-based side-channel attack. (CVE-2018-0497)\n\nIt was discovered that mbedtls has a vulnerability that allows local\nusers to achieve partial plaintext recovery (for a CBC based\nciphersuite) via a cache-based side-channel attack. (CVE-2018-0498).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4267-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected libmbedcrypto0, libmbedtls10 and / or\nlibmbedx509-0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmbedcrypto0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmbedtls10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmbedx509-0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmbedcrypto0\", pkgver:\"2.2.1-2ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmbedtls10\", pkgver:\"2.2.1-2ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmbedx509-0\", pkgver:\"2.2.1-2ubuntu0.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmbedcrypto0 / libmbedtls10 / libmbedx509-0\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:06", "description": "- Update to 2.13.0\n\n - CVE-2018-0497\n\nRelease notes:\nhttps://tls.mbed.org/tech-updates/releases/mbedtls-2.13.0-2.7.6-and-2.\n1.15-released\n\nSecurity Advisory:\nhttps://tls.mbed.org/tech-updates/security-advisories/mbedtls-security\n-advisory-2018-02\n\n----\n\nMake package installable again by fixing Requires.\n\n----\n\nNew upstream release.\n\n----\n\nMake package installable again by fixing Requires.\n\n----\n\nNew upstream release.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : dislocker / dolphin-emu / julia / mbedtls / nekovm / nng (2018-c6b5117772)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:dislocker", "p-cpe:/a:fedoraproject:fedora:dolphin-emu", "p-cpe:/a:fedoraproject:fedora:julia", "p-cpe:/a:fedoraproject:fedora:mbedtls", "p-cpe:/a:fedoraproject:fedora:nekovm", "p-cpe:/a:fedoraproject:fedora:nng", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-C6B5117772.NASL", "href": "https://www.tenable.com/plugins/nessus/120776", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-c6b5117772.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120776);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-0497\");\n script_xref(name:\"FEDORA\", value:\"2018-c6b5117772\");\n\n script_name(english:\"Fedora 29 : dislocker / dolphin-emu / julia / mbedtls / nekovm / nng (2018-c6b5117772)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 2.13.0\n\n - CVE-2018-0497\n\nRelease notes:\nhttps://tls.mbed.org/tech-updates/releases/mbedtls-2.13.0-2.7.6-and-2.\n1.15-released\n\nSecurity Advisory:\nhttps://tls.mbed.org/tech-updates/security-advisories/mbedtls-security\n-advisory-2018-02\n\n----\n\nMake package installable again by fixing Requires.\n\n----\n\nNew upstream release.\n\n----\n\nMake package installable again by fixing Requires.\n\n----\n\nNew upstream release.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-c6b5117772\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dislocker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dolphin-emu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:julia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mbedtls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nekovm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nng\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"dislocker-0.7.1-10.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"dolphin-emu-5.0-25.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"julia-1.0.1-3.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mbedtls-2.13.0-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"nekovm-2.2.0-8.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"nng-1.0.1-2.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dislocker / dolphin-emu / julia / mbedtls / nekovm / nng\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:44", "description": "- Update to 2.13.0\n\n - CVE-2018-0497\n\nRelease notes:\nhttps://tls.mbed.org/tech-updates/releases/mbedtls-2.13.0-2.7.6-and-2.\n1.15-released\n\nSecurity Advisory:\nhttps://tls.mbed.org/tech-updates/security-advisories/mbedtls-security\n-advisory-2018-02\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : dislocker / dolphin-emu / mbedtls / nekovm (2018-5d6e80ab82)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0497"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:dislocker", "p-cpe:/a:fedoraproject:fedora:dolphin-emu", "p-cpe:/a:fedoraproject:fedora:mbedtls", "p-cpe:/a:fedoraproject:fedora:nekovm", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-5D6E80AB82.NASL", "href": "https://www.tenable.com/plugins/nessus/120456", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-5d6e80ab82.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120456);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-0497\");\n script_xref(name:\"FEDORA\", value:\"2018-5d6e80ab82\");\n\n script_name(english:\"Fedora 28 : dislocker / dolphin-emu / mbedtls / nekovm (2018-5d6e80ab82)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 2.13.0\n\n - CVE-2018-0497\n\nRelease notes:\nhttps://tls.mbed.org/tech-updates/releases/mbedtls-2.13.0-2.7.6-and-2.\n1.15-released\n\nSecurity Advisory:\nhttps://tls.mbed.org/tech-updates/security-advisories/mbedtls-security\n-advisory-2018-02\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-5d6e80ab82\"\n );\n # https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec6b7b20\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dislocker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dolphin-emu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mbedtls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nekovm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"dislocker-0.7.1-10.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"dolphin-emu-5.0-25.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"mbedtls-2.13.0-1.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"nekovm-2.2.0-8.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dislocker / dolphin-emu / mbedtls / nekovm\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:36", "description": "The remote host appears to be running Ipswitch IMail Server 11.x or 12.x older than version 12.3 and is, therefore, affected by an information disclosure vulnerability due to the included OpenSSL version.\n\nAn error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks.", "cvss3": {}, "published": "2014-07-14T00:00:00", "type": "nessus", "title": "Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ipswitch:imail"], "id": "IPSWITCH_IMAIL_12_3.NASL", "href": "https://www.tenable.com/plugins/nessus/76489", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76489);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CERT\", value:\" 737740\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote mail server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host appears to be running Ipswitch IMail Server 11.x or\n12.x older than version 12.3 and is, therefore, affected by an\ninformation disclosure vulnerability due to the included OpenSSL\nversion.\n\nAn error exists related to the SSL/TLS/DTLS protocols, CBC mode\nencryption and response time. An attacker could obtain plaintext\ncontents of encrypted traffic via timing attacks.\");\n # https://docs.ipswitch.com/_Messaging/IMailServer/v12.3/ReleaseNotes/index.htm\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9b35fe05\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imailserver.com/imail-software-upgrades\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20130205.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Ipswitch IMail Server version 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ipswitch:imail\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smtpserver_detect.nasl\", \"popserver_detect.nasl\", \"imap4_banner.nasl\");\n script_require_ports(\"Services/smtp\", 25, \"Services/pop3\", 110, \"Services/imap\", 143);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"imap_func.inc\");\ninclude(\"pop3_func.inc\");\ninclude(\"smtp_func.inc\");\n\nver = NULL;\nservice = NULL;\nsource = NULL;\n\n# - SMTP.\nports = get_kb_list(\"Services/smtp\");\nif (isnull(ports)) ports = make_list(25);\nforeach port (ports)\n{\n if (get_port_state(port) && !get_kb_item('SMTP/'+port+'/broken'))\n {\n banner = get_smtp_banner(port:port);\n # At least keep trying to find a banner\n if (isnull(banner) || strlen(banner) == 0) continue;\n\n if (\" (IMail \" >< banner)\n {\n pat = \"^[0-9][0-9][0-9] .+ \$IMail ([0-9.]+) [0-9]+-[0-9]+\$ NT-ESMTP Server\";\n matches = egrep(pattern:pat, string:banner);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n ver = item[1];\n service = \"SMTP\";\n source = match;\n break;\n }\n }\n }\n if (isnull(ver) && !thorough_tests) audit(AUDIT_SERVICE_VER_FAIL, \"IMail SMTP\", port);\n }\n else\n if (!thorough_tests) audit(AUDIT_NOT_LISTEN, \"IMail SMTP\", port);\n }\n}\n\n# - IMAP.\nif (isnull(ver))\n{\n ports = get_kb_list(\"Services/imap\");\n if (isnull(ports)) ports = make_list(143);\n foreach port (ports)\n {\n if (get_port_state(port))\n {\n banner = get_imap_banner(port:port);\n # At least keep trying to find a banner\n if (isnull(banner) || strlen(banner) == 0) continue;\n\n if (\" (IMail \" >< banner)\n {\n pat = \"IMAP4 Server[^(]+\$IMail ([0-9.]+) *([0-9]+-[0-9]+)?\$\";\n matches = egrep(pattern:pat, string:banner);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n ver = item[1];\n service = \"IMAP\";\n source = match;\n break;\n }\n }\n }\n if (isnull(ver) && !thorough_tests) audit(AUDIT_SERVICE_VER_FAIL, \"IMail IMAP\", port);\n }\n else\n if (!thorough_tests) audit(AUDIT_NOT_LISTEN, \"IMail IMAP\", port);\n }\n }\n}\n\n# - POP3\nif (isnull(ver))\n{\n ports = get_kb_list(\"Services/pop3\");\n if (isnull(ports)) ports = make_list(110);\n foreach port (ports)\n {\n if (get_port_state(port))\n {\n banner = get_pop3_banner(port:port);\n # At least keep trying to find a banner\n if (isnull(banner) || strlen(banner) == 0) continue;\n\n if (\" (IMail \" >< banner)\n {\n pat = \"NT-POP3 Server .+ \$IMail ([0-9.]+) [0-9]+-[0-9]+\$\";\n matches = egrep(pattern:pat, string:banner);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n ver = item[1];\n service = \"POP3\";\n source = match;\n break;\n }\n }\n }\n if (isnull(ver) && !thorough_tests) audit(AUDIT_SERVICE_VER_FAIL, \"IMail POP3\", port);\n }\n else\n if (!thorough_tests) audit(AUDIT_NOT_LISTEN, \"IMail POP3\", port);\n }\n }\n}\n\nif (isnull(ver)) audit(AUDIT_SERVICE_VER_FAIL, \"Ipswitch IMail Server\", port);\n\n# There's a problem if the version is < 12.3\nif (\n ver =~ \"^(11|12)\\.\" &&\n ver_compare(ver:ver, fix:'12.3', strict:FALSE) < 0\n)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Service : ' + service +\n '\\n Version source : ' + source +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : 12.3' +\n '\\n';\n security_note(port:port,extra:report);\n }\n else security_note(port);\n\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Ipswitch IMail Server\", port, ver);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:10", "description": "The version of IBM Tivoli Storage Manager installed on the remote host is 6.3.x prior to 6.3.4.200. It is, therefore, affected by a vulnerability that could allow a remote attacker to perform a statistical timing attack known as 'Lucky Thirteen'.", "cvss3": {}, "published": "2014-08-11T00:00:00", "type": "nessus", "title": "IBM Tivoli Storage Manager Server 6.3.x < 6.3.4.200 Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:tivoli_storage_manager"], "id": "IBM_TSM_SERVER_6_3_4_200.NASL", "href": "https://www.tenable.com/plugins/nessus/77120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77120);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM Tivoli Storage Manager Server 6.3.x < 6.3.4.200 Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote backup service is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM Tivoli Storage Manager installed on the remote host\nis 6.3.x prior to 6.3.4.200. It is, therefore, affected by a\nvulnerability that could allow a remote attacker to perform a\nstatistical timing attack known as 'Lucky Thirteen'.\");\n # http://www-01.ibm.com/support/docview.wss?uid=swg21672363\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9986de60\");\n # https://www.ibm.com/blogs/psirt/ibm-security-bulletin-tivoli-storage-manager-server-gskit-lucky-13-vulnerability-cve-2013-0169/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?002f4534\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM Tivoli Storage Manager 6.3.4.200 or later or disable\nSSL.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_storage_manager\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_tsm_detect.nasl\");\n script_require_keys(\"installed_sw/IBM Tivoli Storage Manager\");\n script_require_ports(\"Services/tsm-agent\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"install_func.inc\");\n\nport = get_service(svc:\"tsm-agent\",exit_on_fail:TRUE);\nprod = \"IBM Tivoli Storage Manager\";\nget_install_count(app_name:prod, exit_if_zero:TRUE);\ninstall = get_single_install(app_name:prod, port:port);\n\n# Install data\nversion = install[\"version\"];\n# We are only concerned with 6.3 specifically\nif(version !~ \"^6\\.3(\\.|$)\") audit(AUDIT_NOT_LISTEN, prod+\" 6.3\", port);\n\n# See if SSL is on for the port we're checking\nsslon = get_kb_item(\"Transports/TCP/\"+port);\nsslon = (sslon && sslon > ENCAPS_IP);\n\n# Work around is to turn SSL off\nif(!sslon && report_paranoia < 2) audit(AUDIT_LISTEN_NOT_VULN, prod, port);\n\nfix = \"6.3.4.200\";\nif(ver_compare(ver:version,fix:fix,strict:FALSE) < 0)\n{\n\n if(report_verbosity > 0)\n {\n report =\n '\\n Product : ' + prod +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_note(port:port,extra:report);\n } else security_note(port);\n} else audit(AUDIT_LISTEN_NOT_VULN, prod, port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:08:58", "description": "The remote host is running a version of IBM Tivoli Directory Server and a version of IBM Global Security Kit (GSKit) that is affected by an information disclosure vulnerability. The Transport Layer Security (TLS) protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets. This type of exploitation is known as the 'Lucky Thirteen' attack.", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "nessus", "title": "IBM Tivoli Directory Server < 6.0.0.72 / 6.1.0.55 / 6.2.0.30 / 6.3.0.22 with GSKit < 7.0.4.45 / 8.0.14.27 TLS Side-Channel Timing Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:tivoli_directory_server", "cpe:/a:ibm:global_security_kit"], "id": "TIVOLI_DIRECTORY_SVR_SWG21638270.NASL", "href": "https://www.tenable.com/plugins/nessus/80481", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80481);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM Tivoli Directory Server < 6.0.0.72 / 6.1.0.55 / 6.2.0.30 / 6.3.0.22 with GSKit < 7.0.4.45 / 8.0.14.27 TLS Side-Channel Timing Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a library installed that is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of IBM Tivoli Directory Server\nand a version of IBM Global Security Kit (GSKit) that is affected by\nan information disclosure vulnerability. The Transport Layer Security\n(TLS) protocol does not properly consider timing side-channel attacks,\nwhich allows remote attackers to conduct distinguishing attacks and\nplain-text recovery attacks via statistical analysis of timing data\nfor crafted packets. This type of exploitation is known as the 'Lucky\nThirteen' attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21638270\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate fix based on the vendor's advisory :\n\n - 6.0.0.72-ISS-ITDS\n - 6.1.0.55-ISS-ITDS\n - 6.2.0.30-ISS-ITDS\n - 6.3.0.22-ISS-ITDS\n\nAlternatively, upgrade GSKit to 7.0.4.45 or 8.0.50.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:global_security_kit\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_gskit_installed.nasl\", \"tivoli_directory_svr_installed.nasl\");\n script_require_keys(\"installed_sw/IBM GSKit\", \"installed_sw/IBM Security Directory Server\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\n\ntds_name = \"IBM Security Directory Server\";\ntds_install = get_single_install(app_name:tds_name, exit_if_unknown_ver:TRUE);\n\ntds_ver = tds_install['version'];\ntds_path = tds_install['path'];\n\ntds_fix = NULL;\ntds_patch = NULL;\ngsk_ver_regex = NULL;\ngsk_fix = NULL;\n\n# Ensure that TDS version is affected.\nif (tds_ver =~ \"^6\\.0\\.\")\n{\n tds_fix = \"6.0.0.72\";\n tds_patch = \"6.0.0.72-ISS-ITDS\";\n gsk_ver_regex = \"^7\\.\";\n gsk_fix = '7.0.4.45';\n}\nelse if (tds_ver =~ \"^6\\.1\\.\")\n{\n tds_fix = \"6.1.0.55\";\n tds_patch = \"6.1.0.55-ISS-ITDS\";\n gsk_ver_regex = \"^7\\.\";\n gsk_fix = '7.0.4.45';\n}\nelse if (tds_ver =~ \"^6\\.2\\.\")\n{\n tds_fix = \"6.2.0.30\";\n tds_patch = \"6.2.0.30-ISS-ITDS\";\n gsk_ver_regex = \"^7\\.\";\n gsk_fix = '7.0.4.45';\n}\nelse if (tds_ver =~ \"^6\\.3\\.0($|[^0-9])\")\n{\n tds_fix = \"6.3.0.22\";\n tds_patch = \"6.3.0.22-ISS-ITDS\";\n gsk_ver_regex = \"^8\\.\";\n gsk_fix = '8.0.14.27 / 8.0.50.4';\n}\n\n# If the IF has been installed or the branch is not affected, exit.\nif (isnull(tds_fix) || ver_compare(ver:tds_ver, fix:tds_fix, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, tds_name, tds_ver, tds_path);\n\n# If we got this far, we need to look at GSKit.\ngsk_app = \"IBM GSKit\";\n\n# We don't bother to exit if we can't detect any GSKit installations\ngsk_installs = get_installs(app_name:gsk_app);\ngsk_report = NULL;\ngsk_vuln = 0;\n\nforeach gsk_install (gsk_installs[1])\n{\n gsk_ver = gsk_install['version'];\n gsk_path = gsk_install['path'];\n\n # There can only be a single install per major version. So we will\n # have at most one vulnerable install.\n if (gsk_ver !~ gsk_ver_regex) continue;\n\n if (\n (gsk_ver =~ \"^8\\.0\\.50\\.\"\n && ver_compare(ver:gsk_ver, fix:\"8.0.50.4\", strict:FALSE) == -1) ||\n (gsk_ver =~ \"^8\\.0\\.14\\.\"\n && ver_compare(ver:gsk_ver, fix:\"8.0.14.27\", strict:FALSE) == -1) ||\n (gsk_ver =~ \"^7\\.0\\.\"\n && ver_compare(ver:gsk_ver, fix:\"7.0.4.45\", strict:FALSE) == -1)\n )\n {\n gsk_report +=\n '\\n Path : ' + gsk_path +\n '\\n Installed GSKit Version : ' + gsk_ver +\n '\\n Fixed GSKit Version : ' + gsk_fix +\n '\\n';\n\n gsk_vuln++;\n }\n}\n\nport = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nif (report_verbosity > 0)\n{\n report =\n '\\nThe install of ' + tds_name + ' is vulnerable :' +\n '\\n' +\n '\\n Path : ' + tds_path +\n '\\n Installed version : ' + tds_ver +\n '\\n Fixed version : ' + tds_fix +\n '\\n' +\n '\\nInstall ' + tds_patch + ' to update installation.' +\n '\\n';\n\n if (!isnull(gsk_report))\n {\n instance = \" instance \"; is_are = \" is \";\n\n if (gsk_vuln > 1) {instance = \" instances \"; is_are = \" are \";}\n\n report +=\n '\\nAlso, the following vulnerable'+instance+'of '+gsk_app+is_are+'installed on the'+\n '\\nremote host :' +\n '\\n' +\n gsk_report;\n }\n\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:22:22", "description": "The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the 'Lucky Thirteen' issue.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-15T00:00:00", "type": "nessus", "title": "IBM HTTP Server 8.5.0.0 <= 8.5.0.2 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.27 / 6.1.0.0 <= 6.1.0.45 (491407)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:http_server"], "id": "IBM_HTTP_SERVER_491407.NASL", "href": "https://www.tenable.com/plugins/nessus/144298", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144298);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM HTTP Server 8.5.0.0 <= 8.5.0.2 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.27 / 6.1.0.0 <= 6.1.0.45 (491407)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The TLS protocol 1.1 and 1.2\nand the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider\ntiming side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows\nremote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing\ndata for crafted packets, aka the 'Lucky Thirteen' issue.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/491407\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM HTTP Server version 8.5.5.0, 8.0.0.7, 7.0.0.29, 6.1.0.47 or later. Alternatively, upgrade to the minimal\nfix pack level required by the interim fix and then apply Interim Fix PI09443.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_http_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM HTTP Server (IHS)\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'IBM HTTP Server (IHS)';\nfix = 'Interim Fix PI09443';\n\napp_info = vcf::get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n if ('PI09443' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n { 'min_version' : '8.5.0.0', 'max_version' : '8.5.0.2', 'fixed_display' : '8.5.5.0 or Interim Fix PI09443'},\n { 'min_version' : '8.0.0.0', 'max_version' : '8.0.0.6', 'fixed_display' : '8.0.0.7 or Interim Fix PI09443'},\n { 'min_version' : '7.0.0.0', 'max_version' : '7.0.0.27', 'fixed_display' : '7.0.0.29 or Interim Fix PI09443'},\n { 'min_version' : '6.1.0.0', 'max_version' : '6.1.0.45', 'fixed_display' : '6.1.0.47 or Interim Fix PI09443'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_NOTE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:37:51", "description": "The version of IBM Global Security Kit (GSKit) installed on the remote host is 7.0.x prior to 7.0.4.45 or 8.0.14.x prior to 8.0.14.27.\nIt is, therefore, affected by an information disclosure vulnerability.\nThe Transport Layer Security (TLS) protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets. This type of exploitation is known as the 'Lucky Thirteen' attack.", "cvss3": {}, "published": "2013-07-10T00:00:00", "type": "nessus", "title": "IBM GSKit 7.x < 7.0.4.45 / 8.0.14.x < 8.0.14.27 TLS Side-Channel Timing Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:global_security_kit"], "id": "IBM_GSKIT_SWG21638270.NASL", "href": "https://www.tenable.com/plugins/nessus/67231", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67231);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM GSKit 7.x < 7.0.4.45 / 8.0.14.x < 8.0.14.27 TLS Side-Channel Timing Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a library installed that is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM Global Security Kit (GSKit) installed on the\nremote host is 7.0.x prior to 7.0.4.45 or 8.0.14.x prior to 8.0.14.27.\nIt is, therefore, affected by an information disclosure vulnerability.\nThe Transport Layer Security (TLS) protocol does not properly\nconsider timing side-channel attacks, which allows remote attackers\nto conduct distinguishing attacks and plain-text recovery attacks via\nstatistical analysis of timing data for crafted packets. This type of\nexploitation is known as the 'Lucky Thirteen' attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21638270\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to GSKit 7.0.4.45 / 8.0.14.27 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/10\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:global_security_kit\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_gskit_installed.nasl\", \"ibm_gskit_installed_nix.nbin\");\n script_require_keys(\"installed_sw/IBM GSKit\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = \"IBM GSKit\";\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nversion = install['version'];\npath = install['path'];\nfix = NULL;\n\nif (version =~ '^7\\\\.0\\\\.' && ver_compare(ver:version, fix:'7.0.4.45') < 0)\n fix = '7.0.4.45';\nelse if (version =~ '^8\\\\.0\\\\.14\\\\.' && ver_compare(ver:version, fix:'8.0.14.27') < 0)\n fix = '8.0.14.27';\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n\n# Default to Linux unless the RPM is not set\nport = 0;\nif (isnull(install['RPM']))\n{\n port = get_kb_item('SMB/transport');\n if (!port) port = 445;\n}\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix + '\\n';\n\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:13", "description": "According to its banner, the remote web server is running a version of OpenSSL 1.0.1 prior to 1.0.1e. The OpenSSL library is, therefore, reportedly affected by an incomplete fix for CVE-2013-0169.\n\nAn error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks.", "cvss3": {}, "published": "2013-02-13T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.1 < 1.0.1e Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_1E.NASL", "href": "https://www.tenable.com/plugins/nessus/64620", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64620);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"OpenSSL 1.0.1 < 1.0.1e Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server is running a version of\nOpenSSL 1.0.1 prior to 1.0.1e. The OpenSSL library is, therefore,\nreportedly affected by an incomplete fix for CVE-2013-0169.\n\nAn error exists related to the SSL/TLS/DTLS protocols, CBC mode\nencryption and response time. An attacker could obtain plaintext\ncontents of encrypted traffic via timing attacks.\");\n # https://www.mail-archive.com/openssl-announce@openssl.org/msg00125.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9167fa5f\");\n # https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0c4b72e9c0e3a75e0b89166540396dc3b58138b8\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a7f8a0c1\");\n # https://git.openssl.org/gitweb/?p=openssl-web.git;a=commitdiff;h=3668d99f1db0410ccd43b5edb88651ccf6e9ac48\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ecf84273\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.1e or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.1e', min:\"1.0.1\", severity:SECURITY_NOTE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:16", "description": "A vulnerability exists in the TLS and DTLS protocols that may allow an attacker to recover plaintext from TLS/DTLS connections that use CBC-mode encryption. (CVE-2013-0169)\n\nNote: Stream ciphers, such as RC4, are not vulnerable to this issue.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TLS/DTLS 'Lucky 13' vulnerability (K14190)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL14190.NASL", "href": "https://www.tenable.com/plugins/nessus/78142", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K14190.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78142);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"F5 Networks BIG-IP : TLS/DTLS 'Lucky 13' vulnerability (K14190)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A vulnerability exists in the TLS and DTLS protocols that may allow an\nattacker to recover plaintext from TLS/DTLS connections that use\nCBC-mode encryption. (CVE-2013-0169)\n\nNote: Stream ciphers, such as RC4, are not vulnerable to this issue.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K14190\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K14190.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K14190\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\",\"10.0.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\",\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.4.0-11.6.3\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\",\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\",\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"11.3.0\",\"11.2.1-11.2.1HF15\",\"10.2.1-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.4.0-11.4.1\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"11.2.1HF16\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"11.3.0\",\"11.2.1-11.2.1HF15\",\"10.2.1-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"11.2.1HF16\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"11.3.0\",\"11.2.1-11.2.1HF15\",\"10.2.1-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"11.2.1HF16\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_note(port:0, extra:bigip_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:37:02", "description": "Versions of OpenSSL prior to 0.9.8y are reportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response verification that could allow denial of service attacks. (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)", "cvss3": {}, "published": "2013-06-11T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8y / 1.0.1d / 1.0.0k Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-06-11T00:00:00", "cpe": [], "id": "801052.PRM", "href": "https://www.tenable.com/plugins/lce/801052", "sourceData": "Binary data 801052.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:53", "description": "A flaw in the OpenSSL handling of OCSP response verification could be exploited to cause a denial of service attack.\n\nOpenSSL has a weakness in the handling of CBC ciphersuites in SSL, TLS and DTLS. The weakness could reveal plaintext in a timing attack.", "cvss3": {}, "published": "2013-04-08T00:00:00", "type": "nessus", "title": "FreeBSD : FreeBSD -- OpenSSL multiple vulnerabilities (69bfc852-9bd0-11e2-a7be-8c705af55518)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:freebsd", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_69BFC8529BD011E2A7BE8C705AF55518.NASL", "href": "https://www.tenable.com/plugins/nessus/65842", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65842);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_xref(name:\"FreeBSD\", value:\"SA-13:03.openssl\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"FreeBSD : FreeBSD -- OpenSSL multiple vulnerabilities (69bfc852-9bd0-11e2-a7be-8c705af55518)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"A flaw in the OpenSSL handling of OCSP response verification could be\nexploited to cause a denial of service attack.\n\nOpenSSL has a weakness in the handling of CBC ciphersuites in SSL, TLS\nand DTLS. The weakness could reveal plaintext in a timing attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20130205.txt\");\n # https://vuxml.freebsd.org/freebsd/69bfc852-9bd0-11e2-a7be-8c705af55518.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6aa5fbcb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:FreeBSD\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=8.3<8.3_7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=9.0<9.0_7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=9.1<9.1_2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:15", "description": "Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, CVE-2013-1486 could have been exploited without user interaction if a user visited a malicious website.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-02-21T00:00:00", "type": "nessus", "title": "CentOS 6 : java-1.6.0-openjdk (CESA-2013:0273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:java-1.6.0-openjdk", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-src", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2013-0273.NASL", "href": "https://www.tenable.com/plugins/nessus/64730", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0273 and \n# CentOS Errata and Security Advisory 2013:0273 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64730);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"RHSA\", value:\"2013:0273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"CentOS 6 : java-1.6.0-openjdk (CESA-2013:0273)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component\nin OpenJDK. An untrusted Java application or applet could use this\nflaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher\nsuites were used. A remote attacker could possibly use this flaw to\nretrieve plain text from the encrypted packets by using a TLS/SSL\nserver as a padding oracle. (CVE-2013-0169)\n\nNote: If the web browser plug-in provided by the icedtea-web package\nwas installed, CVE-2013-1486 could have been exploited without user\ninteraction if a user visited a malicious website.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\");\n # https://lists.centos.org/pipermail/centos-announce/2013-February/019252.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34909601\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.6.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-1486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:30:21", "description": "The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-2116"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:f5:big-ip:acceleration_manager", "cpe:/a:f5:big-ip:access_policy_manager", "cpe:/a:f5:big-ip:advanced_firewall_manager", "cpe:/a:f5:big-ip:application_security_manager", "cpe:/a:f5:big-ip:application_visibility_and_reporting", "cpe:/a:f5:big-ip:global_traffic_manager", "cpe:/a:f5:big-ip:link_controller", "cpe:/a:f5:big-ip:local_traffic_manager", "cpe:/a:f5:big-ip:policy_enforcement_manager", "cpe:/a:f5:big-ip:protocol_security_manager", "cpe:/a:f5:big-ip:wan_optimization_manager", "cpe:/a:f5:big-ip:web_accelerator_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL15637.NASL", "href": "https://www.tenable.com/plugins/nessus/78199", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL15637.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78199);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-2116\");\n script_bugtraq_id(57778, 60215);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in\nGnuTLS 2.12.23 allows remote attackers to cause a denial of service\n(buffer over-read and crash) via a crafted padding length. NOTE: this\nmight be due to an incorrect fix for CVE-2013-0169.\");\n # http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15637.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?86d6ebf4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL15637.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:web_accelerator_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL15637\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.4.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.4.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.4.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:17:09", "description": "The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. (CVE-2013-1620)", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TLS in Mozilla NSS vulnerability (K15630)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1620"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL15630.NASL", "href": "https://www.tenable.com/plugins/nessus/78198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K15630.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78198);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1620\");\n script_bugtraq_id(57777, 57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"F5 Networks BIG-IP : TLS in Mozilla NSS vulnerability (K15630)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The TLS implementation in Mozilla Network Security Services (NSS) does\nnot properly consider timing side-channel attacks on a noncompliant\nMAC check operation during the processing of malformed CBC padding,\nwhich allows remote attackers to conduct distinguishing attacks and\nplaintext-recovery attacks via statistical analysis of timing data for\ncrafted packets, a related issue to CVE-2013-0169. (CVE-2013-1620)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K15630\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K15630.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K15630\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.5.3\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.5.3\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.0.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.5.3\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:36", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.\n (CVE-2013-0166)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the 'Lucky Thirteen' issue. (CVE-2013-0169)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : openssl (lucky_thirteen_vulnerability_in_solaris)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:openssl"], "id": "SOLARIS11_OPENSSL_20130716.NASL", "href": "https://www.tenable.com/plugins/nessus/80719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80719);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : openssl (lucky_thirteen_vulnerability_in_solaris)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1\n before 1.0.1d does not properly perform signature\n verification for OCSP responses, which allows remote\n OCSP servers to cause a denial of service (NULL pointer\n dereference and application crash) via an invalid key.\n (CVE-2013-0166)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing\n side-channel attacks on a MAC check requirement during\n the processing of malformed CBC padding, which allows\n remote attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the 'Lucky\n Thirteen' issue. (CVE-2013-0169)\");\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a913f44\");\n # https://blogs.oracle.com/sunsecurity/lucky-thirteen-vulnerability-in-solaris-openssl\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d8ba7ad\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Solaris 11.1.7.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^openssl$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.7.0.5.0\", sru:\"SRU 11.1.7.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : openssl\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"openssl\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:33:58", "description": "Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues :\n\n - CVE-2013-0166 OpenSSL does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid key.\n\n - CVE-2013-0169 A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the 'Lucky Thirteen' issue.", "cvss3": {}, "published": "2013-02-14T00:00:00", "type": "nessus", "title": "Debian DSA-2621-1 : openssl - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2621.NASL", "href": "https://www.tenable.com/plugins/nessus/64623", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2621. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64623);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57755, 57778);\n script_xref(name:\"DSA\", value:\"2621\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Debian DSA-2621-1 : openssl - several vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues\n:\n\n - CVE-2013-0166\n OpenSSL does not properly perform signature verification\n for OCSP responses, which allows remote attackers to\n cause a denial of service via an invalid key.\n\n - CVE-2013-0169\n A timing side channel attack has been found in CBC\n padding allowing an attacker to recover pieces of\n plaintext via statistical analysis of crafted packages,\n known as the 'Lucky Thirteen' issue.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-0166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-0169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/squeeze/openssl\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2013/dsa-2621\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.9.8o-4squeeze14.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcrypto0.9.8-udeb\", reference:\"0.9.8o-4squeeze14\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl-dev\", reference:\"0.9.8o-4squeeze14\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8o-4squeeze14\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8o-4squeeze14\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"openssl\", reference:\"0.9.8o-4squeeze14\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:14", "description": "Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-02-27T00:00:00", "type": "nessus", "title": "CentOS 5 : java-1.6.0-openjdk (CESA-2013:0274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:java-1.6.0-openjdk", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-src", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2013-0274.NASL", "href": "https://www.tenable.com/plugins/nessus/64896", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0274 and \n# CentOS Errata and Security Advisory 2013:0274 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64896);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"RHSA\", value:\"2013:0274\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"CentOS 5 : java-1.6.0-openjdk (CESA-2013:0274)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component\nin OpenJDK. An untrusted Java application or applet could use this\nflaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher\nsuites were used. A remote attacker could possibly use this flaw to\nretrieve plain text from the encrypted packets by using a TLS/SSL\nserver as a padding oracle. (CVE-2013-0169)\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\");\n # https://lists.centos.org/pipermail/centos-announce/2013-February/019255.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2590176d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.6.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-1486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:25", "description": "The version of OpenSSL running on the remote host is affected by the following vulnerabilities :\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side- channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the 'Lucky Thirteen' issue. (CVE-2013-0169)\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.\n (CVE-2013-0166)", "cvss3": {}, "published": "2014-04-16T00:00:00", "type": "nessus", "title": "AIX OpenSSL Advisory : openssl_advisory5.asc", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2023-04-21T00:00:00", "cpe": ["cpe:/o:ibm:aix"], "id": "AIX_OPENSSL_ADVISORY5.NASL", "href": "https://www.tenable.com/plugins/nessus/73563", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory openssl_advisory5.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73563);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/21\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n script_xref(name:\"CERT\", value:\"737740\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"AIX OpenSSL Advisory : openssl_advisory5.asc\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host is running a vulnerable version of OpenSSL.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of OpenSSL running on the remote host is affected by the\nfollowing vulnerabilities :\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing side-\n channel attacks on a MAC check requirement during the\n processing of malformed CBC padding, which allows\n remote attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the 'Lucky\n Thirteen' issue. (CVE-2013-0169)\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1\n before 1.0.1d does not properly perform signature\n verification for OCSP responses, which allows remote\n attackers to cause a denial of service (NULL pointer\n dereference and application crash) via an invalid key.\n (CVE-2013-0166)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\");\n script_set_attribute(attribute:\"solution\", value:\n\"A fix is available, and it can be downloaded from the AIX website.\n\nTo extract the fixes from the tar file :\n\n zcat openssl-0.9.8.2500.tar.Z | tar xvf -\n or\n zcat openssl-fips-12.9.8.2500.tar.Z | tar xvf -\n\nIMPORTANT : If possible, it is recommended that a mksysb backup of\nthe system be created. Verify it is both bootable and readable\nbefore proceeding.\n\nTo preview the fix installation :\n\n installp -apYd . openssl\n\nTo install the fix package :\n\n installp -aXYd . openssl\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"AIX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\ninclude(\"aix.inc\");\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item_or_exit(\"Host/AIX/version\");\nif ( oslevel != \"AIX-5.3\" && oslevel != \"AIX-6.1\" && oslevel != \"AIX-7.1\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 5.3 / 6.1 / 7.1\", oslevel);\n}\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.2400\", fixpackagever:\"0.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.2400\", fixpackagever:\"0.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.2400\", fixpackagever:\"0.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"5.3\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.2400\", fixpackagever:\"12.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.2400\", fixpackagever:\"12.9.8.2500\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.2400\", fixpackagever:\"12.9.8.2500\") > 0) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl.base / openssl-fips.base\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:39", "description": "java-1_6_0-openjdk was updated to IcedTea 1.12.3 (bnc#804654) containing security and bugfixes :\n\n - Security fixes\n\n - S8006446: Restrict MBeanServer access (CVE-2013-1486)\n\n - S8006777: Improve TLS handling of invalid messages Lucky 13 (CVE-2013-0169)\n\n - S8007688: Blacklist known bad certificate (issued by DigiCert)\n\n - Backports\n\n - S8007393: Possible race condition after JDK-6664509\n\n - S8007611: logging behavior in applet changed\n\n - Bug fixes\n\n - PR1319: Support GIF lib v5.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0375-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_6_0-openjdk", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-debuginfo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-debugsource", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo-debuginfo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2013-164.NASL", "href": "https://www.tenable.com/plugins/nessus/74906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-164.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74906);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0375-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"java-1_6_0-openjdk was updated to IcedTea 1.12.3 (bnc#804654)\ncontaining security and bugfixes :\n\n - Security fixes\n\n - S8006446: Restrict MBeanServer access (CVE-2013-1486)\n\n - S8006777: Improve TLS handling of invalid messages Lucky\n 13 (CVE-2013-0169)\n\n - S8007688: Blacklist known bad certificate (issued by\n DigiCert)\n\n - Backports\n\n - S8007393: Possible race condition after JDK-6664509\n\n - S8007611: logging behavior in applet changed\n\n - Bug fixes\n\n - PR1319: Support GIF lib v5.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=804654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2013-03/msg00001.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1_6_0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_6_0-openjdk\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:33:33", "description": "According to its banner, the remote web server is running a version of OpenSSL 1.0.0 prior to 1.0.0k. The OpenSSL library is, therefore, reportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)", "cvss3": {}, "published": "2013-02-09T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.0 < 1.0.0k Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_0K.NASL", "href": "https://www.tenable.com/plugins/nessus/64533", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64533);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"OpenSSL 1.0.0 < 1.0.0k Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server is running a version\nof OpenSSL 1.0.0 prior to 1.0.0k. The OpenSSL library is, therefore,\nreportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20130204.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.0k or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.0k', min:\"1.0.0\", severity:SECURITY_NOTE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:38:33", "description": "From Red Hat Security Advisory 2013:0273 :\n\nUpdated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, CVE-2013-1486 could have been exploited without user interaction if a user visited a malicious website.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2013-0273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:java-1.6.0-openjdk", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-demo", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-devel", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-javadoc", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-src", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2013-0273.NASL", "href": "https://www.tenable.com/plugins/nessus/68734", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0273 and \n# Oracle Linux Security Advisory ELSA-2013-0273 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68734);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_bugtraq_id(57778, 58029);\n script_xref(name:\"RHSA\", value:\"2013:0273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2013-0273)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2013:0273 :\n\nUpdated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component\nin OpenJDK. An untrusted Java application or applet could use this\nflaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher\nsuites were used. A remote attacker could possibly use this flaw to\nretrieve plain text from the encrypted packets by using a TLS/SSL\nserver as a padding oracle. (CVE-2013-0169)\n\nNote: If the web browser plug-in provided by the icedtea-web package\nwas installed, CVE-2013-1486 could have been exploited without user\ninteraction if a user visited a malicious website.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2013-February/003265.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.6.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:33:36", "description": "Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, CVE-2013-1486 could have been exploited without user interaction if a user visited a malicious website.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-02-21T00:00:00", "type": "nessus", "title": "RHEL 6 : java-1.6.0-openjdk (RHSA-2013:0273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-debuginfo", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2013-0273.NASL", "href": "https://www.tenable.com/plugins/nessus/64746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0273. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64746);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"RHSA\", value:\"2013:0273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"RHEL 6 : java-1.6.0-openjdk (RHSA-2013:0273)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component\nin OpenJDK. An untrusted Java application or applet could use this\nflaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher\nsuites were used. A remote attacker could possibly use this flaw to\nretrieve plain text from the encrypted packets by using a TLS/SSL\nserver as a padding oracle. (CVE-2013-0169)\n\nNote: If the web browser plug-in provided by the icedtea-web package\nwas installed, CVE-2013-1486 could have been exploited without user\ninteraction if a user visited a malicious website.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\");\n # http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.8/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?501e0ece\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2013:0273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2013-0169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2013-1486\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0273\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:42", "description": "Multiple vulnerabilities has been found and corrected in openssl :\n\nOpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key (CVE-2013-0166).\n\nThe TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue (CVE-2013-0169).\n\nThe updated packages have been upgraded to the 1.0.0k version which is not vulnerable to these issues.", "cvss3": {}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : openssl (MDVSA-2013:052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64openssl-devel", "p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl-static-devel", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0", "p-cpe:/a:mandriva:linux:openssl", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-052.NASL", "href": "https://www.tenable.com/plugins/nessus/66066", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:052. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66066);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n script_xref(name:\"MDVSA\", value:\"2013:052\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openssl (MDVSA-2013:052)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities has been found and corrected in openssl :\n\nOpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d\ndoes not properly perform signature verification for OCSP responses,\nwhich allows remote attackers to cause a denial of service (NULL\npointer dereference and application crash) via an invalid key\n(CVE-2013-0166).\n\nThe TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as\nused in OpenSSL, OpenJDK, PolarSSL, and other products, do not\nproperly consider timing side-channel attacks on a MAC check\nrequirement during the processing of malformed CBC padding, which\nallows remote attackers to conduct distinguishing attacks and\nplaintext-recovery attacks via statistical analysis of timing data for\ncrafted packets, aka the Lucky Thirteen issue (CVE-2013-0169).\n\nThe updated packages have been upgraded to the 1.0.0k version which is\nnot vulnerable to these issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20130204.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-devel-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-engines1.0.0-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-static-devel-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"openssl-1.0.0k-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:49", "description": "Update to 1.0.1e\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-04-03T00:00:00", "type": "nessus", "title": "Fedora 18 : mingw-openssl-1.0.1e-1.fc18 (2013-4403)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-openssl", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-4403.NASL", "href": "https://www.tenable.com/plugins/nessus/65776", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-4403.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65776);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0169\");\n script_xref(name:\"FEDORA\", value:\"2013-4403\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 18 : mingw-openssl-1.0.1e-1.fc18 (2013-4403)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Update to 1.0.1e\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=920868\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1a03210e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected mingw-openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"mingw-openssl-1.0.1e-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:27", "description": "Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-04T00:00:00", "type": "nessus", "title": "Fedora 18 : openssl-1.0.1e-3.fc18 (2013-2834)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-2834.NASL", "href": "https://www.tenable.com/plugins/nessus/64982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-2834.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64982);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57755, 57778);\n script_xref(name:\"FEDORA\", value:\"2013-2834\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 18 : openssl-1.0.1e-3.fc18 (2013-2834)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=839735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=907589\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=908052\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099470.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e08fe822\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"openssl-1.0.1e-3.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:18", "description": "java-1_6_0-openjdk has been updated to IcedTea 1.12.3 (bnc#804654) which contains security and bugfixes :\n\n - Security fixes\n\n - S8006446: Restrict MBeanServer access. (CVE-2013-1486)\n\n - S8006777: Improve TLS handling of invalid messages Lucky 13. (CVE-2013-0169)\n\n - S8007688: Blacklist known bad certificate (issued by DigiCert)\n\n - Backports\n\n - S8007393: Possible race condition after JDK-6664509\n\n - S8007611: logging behavior in applet changed\n\n - Bug fixes\n\n - PR1319: Support GIF lib v5.", "cvss3": {}, "published": "2013-02-24T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : Java (SAT Patch Number 7385)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk", "p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk-demo", "p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk-devel", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_JAVA-1_6_0-OPENJDK-130221.NASL", "href": "https://www.tenable.com/plugins/nessus/64863", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64863);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"SuSE 11.2 Security Update : Java (SAT Patch Number 7385)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SuSE 11 host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"java-1_6_0-openjdk has been updated to IcedTea 1.12.3 (bnc#804654)\nwhich contains security and bugfixes :\n\n - Security fixes\n\n - S8006446: Restrict MBeanServer access. (CVE-2013-1486)\n\n - S8006777: Improve TLS handling of invalid messages Lucky\n 13. (CVE-2013-0169)\n\n - S8007688: Blacklist known bad certificate (issued by\n DigiCert)\n\n - Backports\n\n - S8007393: Possible race condition after JDK-6664509\n\n - S8007611: logging behavior in applet changed\n\n - Bug fixes\n\n - PR1319: Support GIF lib v5.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=804654\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2013-0169.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2013-1486.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply SAT patch number 7385.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:java-1_6_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"java-1_6_0-openjdk-1.6.0.0_b27.1.12.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"java-1_6_0-openjdk-1.6.0.0_b27.1.12.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.3-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:37:05", "description": "Versions of OpenSSL prior to 0.9.8y are reportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response verification that could allow denial of service attacks. (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)", "cvss3": {}, "published": "2013-06-11T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8y / 1.0.1d / 1.0.0k Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "6868.PRM", "href": "https://www.tenable.com/plugins/nnm/6868", "sourceData": "Binary data 6868.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:38:03", "description": "According to its self-reported version number, the remote Junos device is using an outdated version of OpenSSL, which has multiple vulnerabilities including (but not limited to) :\n\n - An error exists related to the handling of OCSP response verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)", "cvss3": {}, "published": "2013-07-16T00:00:00", "type": "nessus", "title": "Juniper Junos OpenSSL Multiple Vulnerabilities (JSA10575)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:juniper:junos"], "id": "JUNIPER_JSA10575.NASL", "href": "https://www.tenable.com/plugins/nessus/68908", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68908);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Juniper Junos OpenSSL Multiple Vulnerabilities (JSA10575)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote Junos device\nis using an outdated version of OpenSSL, which has multiple\nvulnerabilities including (but not limited to) :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10575\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the relevant Junos upgrade referenced in Juniper advisory\nJSA10575.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:juniper:junos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Junos Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"junos_version.nasl\");\n script_require_keys(\"Host/Juniper/JUNOS/Version\", \"Host/Juniper/JUNOS/BuildDate\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"junos.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');\nbuild_date = get_kb_item_or_exit('Host/Juniper/JUNOS/BuildDate');\n\nif (compare_build_dates(build_date, '2013-06-13') >= 0)\n audit(AUDIT_INST_VER_NOT_VULN, 'Junos', ver + ' (build date ' + build_date + ')');\n\nfixes['11.4'] = '11.4R8';\nfixes['12.1'] = '12.1R6';\nfixes['12.2'] = '12.2R4';\nfixes['12.3'] = '12.3R3';\nfixes['13.1'] = '13.1R2';\nfix = check_junos(ver:ver, fixes:fixes, exit_on_fail:TRUE);\n\nif (report_verbosity > 0)\n{\n report = get_report(ver:ver, fix:fix);\n security_warning(port:0, extra:report);\n}\nelse security_warning(0);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:19:30", "description": "According to its banner, the remote web server is running a version of OpenSSL prior to 0.9.8y. The OpenSSL library is, therefore, reportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)", "cvss3": {}, "published": "2013-02-09T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8y Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_8Y.NASL", "href": "https://www.tenable.com/plugins/nessus/64532", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64532);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"OpenSSL < 0.9.8y Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host may be affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server is running a version\nof OpenSSL prior to 0.9.8y. The OpenSSL library is, therefore,\nreportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response\n verification that could allow denial of service attacks.\n (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols,\n CBC mode encryption and response time. An attacker\n could obtain plaintext contents of encrypted traffic via\n timing attacks. (CVE-2013-0169)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20130204.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 0.9.8y or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'0.9.8y', severity:SECURITY_NOTE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:11:22", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.\n (CVE-2013-1620)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : nss (cve_2013_1620_lucky_thirteen)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1620"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:nss"], "id": "SOLARIS11_NSS_20140809.NASL", "href": "https://www.tenable.com/plugins/nessus/80713", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80713);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-1620\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : nss (cve_2013_1620_lucky_thirteen)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The TLS implementation in Mozilla Network Security\n Services (NSS) does not properly consider timing\n side-channel attacks on a noncompliant MAC check\n operation during the processing of malformed CBC\n padding, which allows remote attackers to conduct\n distinguishing attacks and plaintext-recovery attacks\n via statistical analysis of timing data for crafted\n packets, a related issue to CVE-2013-0169.\n (CVE-2013-1620)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2013-1620-lucky-thirteen-vulnerability-in-nss\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a0b29b49\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.20.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:nss\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^nss$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.20.0.5.0\", sru:\"SRU 11.1.20.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : nss\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"nss\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:25:26", "description": "From Red Hat Security Advisory 2013:0274 :\n\nUpdated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2013-0274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:java-1.6.0-openjdk", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-demo", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-devel", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-javadoc", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-src", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2013-0274.NASL", "href": "https://www.tenable.com/plugins/nessus/68735", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0274 and \n# Oracle Linux Security Advisory ELSA-2013-0274 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68735);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_bugtraq_id(57778, 58029);\n script_xref(name:\"RHSA\", value:\"2013:0274\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2013-0274)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2013:0274 :\n\nUpdated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component\nin OpenJDK. An untrusted Java application or applet could use this\nflaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher\nsuites were used. A remote attacker could possibly use this flaw to\nretrieve plain text from the encrypted packets by using a TLS/SSL\nserver as a padding oracle. (CVE-2013-0169)\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2013-February/003271.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.6.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.35.1.11.8.0.1.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.35.1.11.8.0.1.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.35.1.11.8.0.1.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.35.1.11.8.0.1.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.35.1.11.8.0.1.el5_9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:20:53", "description": "Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "nessus", "title": "Fedora 17 : openssl-1.0.0k-1.fc17 (2013-2793)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-2793.NASL", "href": "https://www.tenable.com/plugins/nessus/65081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-2793.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65081);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57755, 57778);\n script_xref(name:\"FEDORA\", value:\"2013-2793\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 17 : openssl-1.0.0k-1.fc17 (2013-2793)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=839735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=907589\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=908052\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099759.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?883de014\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"openssl-1.0.0k-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:54", "description": "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session, NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169. (CVE-2016-2107)", "cvss3": {}, "published": "2016-11-21T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : OpenSSL vulnerability (K93600123)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2016-2107"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL93600123.NASL", "href": "https://www.tenable.com/plugins/nessus/94986", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K93600123.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94986);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2016-2107\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"F5 Networks BIG-IP : OpenSSL vulnerability (K93600123)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before\n1.0.2h does not consider memory allocation during a certain padding\ncheck, which allows remote attackers to obtain sensitive cleartext\ninformation via a padding-oracle attack against an AES CBC session,\nNOTE: this vulnerability exists because of an incorrect fix for\nCVE-2013-0169. (CVE-2016-2107)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K93600123\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K93600123.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/21\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K93600123\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2HF1\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2HF1\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2HF1\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.1HF2\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2HF1\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2HF1\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.1HF1\",\"11.5.4HF3\",\"11.6.1HF1\",\"11.5.4HF3\",\"11.6.1HF1\",\"11.5.4HF3\",\"11.6.1HF1\",\"11.5.4HF3\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2HF1\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2HF1\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.5.0-11.5.4\",\"12.0.0-12.1.1\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2HF1\",\"11.6.1HF1\",\"11.5.4HF3\",\"13.0.0\",\"12.1.2\",\"11.6.1HF1\",\"11.5.4HF3\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_note(port:0, extra:bigip_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:11", "description": "Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-02-21T00:00:00", "type": "nessus", "title": "RHEL 5 : java-1.6.0-openjdk (RHSA-2013:0274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-debuginfo", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.9"], "id": "REDHAT-RHSA-2013-0274.NASL", "href": "https://www.tenable.com/plugins/nessus/64747", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0274. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64747);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"RHSA\", value:\"2013:0274\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"RHEL 5 : java-1.6.0-openjdk (RHSA-2013:0274)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component\nin OpenJDK. An untrusted Java application or applet could use this\nflaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher\nsuites were used. A remote attacker could possibly use this flaw to\nretrieve plain text from the encrypted packets by using a TLS/SSL\nserver as a padding oracle. (CVE-2013-0169)\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\");\n # http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.8/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?501e0ece\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2013:0274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2013-0169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2013-1486\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0274\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.35.1.11.8.el5_9\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:23:28", "description": "An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-163)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:java-1.6.0-openjdk", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-debuginfo", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-demo", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-devel", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-javadoc", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-src", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-163.NASL", "href": "https://www.tenable.com/plugins/nessus/69722", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-163.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69722);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"ALAS\", value:\"2013-163\");\n script_xref(name:\"RHSA\", value:\"2013:0273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-163)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An improper permission check issue was discovered in the JMX component\nin OpenJDK. An untrusted Java application or applet could use this\nflaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher\nsuites were used. A remote attacker could possibly use this flaw to\nretrieve plain text from the encrypted packets by using a TLS/SSL\nserver as a padding oracle. (CVE-2013-0169)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2013-163.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update java-1.6.0-openjdk' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-1.6.0.0-56.1.11.8.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.0-56.1.11.8.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-56.1.11.8.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-56.1.11.8.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-56.1.11.8.51.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-56.1.11.8.51.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:53", "description": "USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and CVE-2012-2686 was reverted in USN-1732-2 because of a regression.\nThis update restores the security fix, and includes an extra fix from upstream to address the AES-NI regression. We apologize for the inconvenience.\n\nAdam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2012-2686)\n\nNadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenSSL was vulnerable to a timing side-channel attack known as the 'Lucky Thirteen' issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.\n(CVE-2013-0169).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-26T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 12.10 : openssl vulnerability (USN-1732-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2686", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10"], "id": "UBUNTU_USN-1732-3.NASL", "href": "https://www.tenable.com/plugins/nessus/65684", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1732-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65684);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2012-2686\", \"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"USN\", value:\"1732-3\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 12.10 : openssl vulnerability (USN-1732-3)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169\nand CVE-2012-2686 was reverted in USN-1732-2 because of a regression.\nThis update restores the security fix, and includes an extra fix from\nupstream to address the AES-NI regression. We apologize for the\ninconvenience.\n\nAdam Langley and Wolfgang Ettlingers discovered that OpenSSL\nincorrectly handled certain crafted CBC data when used with AES-NI. A\nremote attacker could use this issue to cause OpenSSL to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n12.04 LTS and Ubuntu 12.10. (CVE-2012-2686)\n\nNadhem Alfardan and Kenny Paterson discovered that the TLS\nprotocol as used in OpenSSL was vulnerable to a timing\nside-channel attack known as the 'Lucky Thirteen' issue. A\nremote attacker could use this issue to perform\nplaintext-recovery attacks via analysis of timing data.\n(CVE-2013-0169).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/1732-3/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libssl1.0.0 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2022 Canonical, Inc. / NASL script (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1-4ubuntu5.8\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1c-3ubuntu2.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl1.0.0\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "mageia": [{"lastseen": "2023-06-07T16:39:17", "description": "CVE-2018-9988: ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input. CVE-2018-9989: ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-24T16:30:31", "type": "mageia", "title": "Updated mbedtls packages fix security issues\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9988", "CVE-2018-9989"], "modified": "2018-05-24T16:30:31", "id": "MGASA-2018-0253", "href": "https://advisories.mageia.org/MGASA-2018-0253.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-06T16:28:09", "description": "Updated mbedtls package fixes security vulnerabilities: Fixed a vulnerability in the TLS ciphersuites based on use of CBC and SHA-384 in DTLS/TLS 1.0 to 1.2, that allowed an active network attacker to partially recover the plaintext of messages under certains conditions by exploiting timing side-channels (CVE-2018-0497). Fixed a vulnerability in TLS ciphersuites based on CBC, in DTLS/TLS 1.0 to 1.2, that allowed a local attacker, with the ability to execute code on the local machine as well as to manipulate network packets, to partially recover the plaintext of messages under certain conditions (CVE-2018-0498). Fixed an issue in the X.509 module which could lead to a buffer overread during certificate extensions parsing (no CVE assigned). \n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-03T11:55:18", "type": "mageia", "title": "Updated mbedtls packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497", "CVE-2018-0498"], "modified": "2018-11-03T11:55:18", "id": "MGASA-2018-0432", "href": "https://advisories.mageia.org/MGASA-2018-0432.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "freebsd": [{"lastseen": "2023-06-06T20:25:55", "description": "\n\nSimon Butcher reports:\n\n\nWhen using a CBC based ciphersuite, a remote attacker can\n\t partially recover the plaintext.\nWhen using a CBC based ciphersuite, an attacker with the\n\t ability to execute arbitrary code on the machine under attack\n\t can partially recover the plaintext by use of cache based\n\t side-channels.\n\n\n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-24T00:00:00", "type": "freebsd", "title": "mbed TLS -- plaintext recovery vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497", "CVE-2018-0498"], "modified": "2018-07-24T00:00:00", "id": "F4876DD4-9CA8-11E8-AA17-0011D823EEBD", "href": "https://vuxml.freebsd.org/freebsd/f4876dd4-9ca8-11e8-aa17-0011d823eebd.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T15:28:29", "description": "\n\n\nA flaw in the OpenSSL handling of OCSP response\n\t verification could be exploited to cause a denial of\n\t service attack.\nOpenSSL has a weakness in the handling of CBC\n\t ciphersuites in SSL, TLS and DTLS. The weakness could reveal\n\t plaintext in a timing attack.\n\n\n", "cvss3": {}, "published": "2013-04-02T00:00:00", "type": "freebsd", "title": "FreeBSD -- OpenSSL multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2016-08-09T00:00:00", "id": "69BFC852-9BD0-11E2-A7BE-8C705AF55518", "href": "https://vuxml.freebsd.org/freebsd/69bfc852-9bd0-11e2-a7be-8c705af55518.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2023-06-06T18:11:30", "description": "ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-28T17:29:00", "type": "debiancve", "title": "CVE-2018-0497", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2018-0497"], "modified": "2018-07-28T17:29:00", "id": "DEBIANCVE:CVE-2018-0497", "href": "https://security-tracker.debian.org/tracker/CVE-2018-0497", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-07T18:14:44", "description": "ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T19:29:00", "type": "debiancve", "title": "CVE-2018-9988", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9988"], "modified": "2018-04-10T19:29:00", "id": "DEBIANCVE:CVE-2018-9988", "href": "https://security-tracker.debian.org/tracker/CVE-2018-9988", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-07T18:14:44", "description": "ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T19:29:00", "type": "debiancve", "title": "CVE-2018-9989", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9989"], "modified": "2018-04-10T19:29:00", "id": "DEBIANCVE:CVE-2018-9989", "href": "https://security-tracker.debian.org/tracker/CVE-2018-9989", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-06T18:11:30", "description": "ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-28T17:29:00", "type": "debiancve", "title": "CVE-2018-0498", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0498"], "modified": "2018-07-28T17:29:00", "id": "DEBIANCVE:CVE-2018-0498", "href": "https://security-tracker.debian.org/tracker/CVE-2018-0498", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:53:26", "description": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", "cvss3": {}, "published": "2013-02-08T19:55:00", "type": "debiancve", "title": "CVE-2013-0169", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2013-02-08T19:55:00", "id": "DEBIANCVE:CVE-2013-0169", "href": "https://security-tracker.debian.org/tracker/CVE-2013-0169", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-03T14:42:12", "description": "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-05T01:59:00", "type": "debiancve", "title": "CVE-2016-2107", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2016-2107"], "modified": "2016-05-05T01:59:00", "id": "DEBIANCVE:CVE-2016-2107", "href": "https://security-tracker.debian.org/tracker/CVE-2016-2107", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:57:44", "description": "The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.", "cvss3": {}, "published": "2013-02-08T19:55:00", "type": "debiancve", "title": "CVE-2013-1620", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1620"], "modified": "2013-02-08T19:55:00", "id": "DEBIANCVE:CVE-2013-1620", "href": "https://security-tracker.debian.org/tracker/CVE-2013-1620", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:55:18", "description": "The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.", "cvss3": {}, "published": "2013-02-08T19:55:00", "type": "debiancve", "title": "CVE-2013-1619", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1619"], "modified": "2013-02-08T19:55:00", "id": "DEBIANCVE:CVE-2013-1619", "href": "https://security-tracker.debian.org/tracker/CVE-2013-1619", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}], "cve": [{"lastseen": "2023-06-06T15:30:19", "description": "ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-28T17:29:00", "type": "cve", "title": "CVE-2018-0497", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2018-0497"], "modified": "2020-02-10T16:15:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-0497", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0497", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T15:16:29", "description": "ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T19:29:00", "type": "cve", "title": "CVE-2018-9988", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9988"], "modified": "2021-11-30T21:43:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:arm:mbed_tls:2.8.0"], "id": "CVE-2018-9988", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9988", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:arm:mbed_tls:2.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T15:16:27", "description": "ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T19:29:00", "type": "cve", "title": "CVE-2018-9989", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9989"], "modified": "2021-11-30T19:40:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:arm:mbed_tls:2.8.0"], "id": "CVE-2018-9989", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9989", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:arm:mbed_tls:2.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T15:30:21", "description": "ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-28T17:29:00", "type": "cve", "title": "CVE-2018-0498", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0498"], "modified": "2020-02-10T16:15:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-0498", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0498", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:03:18", "description": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", "cvss3": {}, "published": "2013-02-08T19:55:00", "type": "cve", "title": "CVE-2013-0169", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2023-05-12T12:58:00", "cpe": ["cpe:/a:polarssl:polarssl:1.1.0", "cpe:/a:polarssl:polarssl:0.14.2", "cpe:/a:polarssl:polarssl:0.10.1", "cpe:/a:polarssl:polarssl:0.14.0", "cpe:/a:polarssl:polarssl:1.1.2", "cpe:/a:oracle:openjdk:1.6.0", "cpe:/a:polarssl:polarssl:0.12.0", "cpe:/a:polarssl:polarssl:0.12.1", "cpe:/a:oracle:openjdk:1.7.0", "cpe:/a:openssl:openssl:0.9.8x", "cpe:/a:polarssl:polarssl:1.1.3", "cpe:/a:openssl:openssl:1.0.1d", "cpe:/a:polarssl:polarssl:0.14.3", "cpe:/a:polarssl:polarssl:0.11.1", "cpe:/a:polarssl:polarssl:0.13.1", "cpe:/a:polarssl:polarssl:0.11.0", "cpe:/a:polarssl:polarssl:1.1.4", "cpe:/a:polarssl:polarssl:0.10.0", "cpe:/a:polarssl:polarssl:0.99", "cpe:/a:openssl:openssl:1.0.0j", "cpe:/a:polarssl:polarssl:1.0.0", "cpe:/a:polarssl:polarssl:1.1.1"], "id": "CVE-2013-0169", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0169", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:openjdk:1.7.0:update6:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:-:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update35:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update12:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update19:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update26:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update17:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update1:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update31:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update10:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update10:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update32:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update7:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update2:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update29:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.3:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update11:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update15:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update9:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update23:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre4:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update24:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update4:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update14:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update38:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update13:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update7:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update20:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update2:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update37:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre5:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre3:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:update13:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update16:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update33:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update21:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update18:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update34:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update30:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update27:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update1:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update4:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update5:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update6:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:-:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update11:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update22:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre1:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update25:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:update3:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-03T14:29:09", "description": "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-05T01:59:00", "type": "cve", "title": "CVE-2016-2107", "cwe": ["CWE-200", "CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2016-2107"], "modified": "2022-12-13T12:15:00", "cpe": ["cpe:/o:google:android:4.4.2", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.2", "cpe:/o:google:android:4.0.4", "cpe:/a:hp:helion_openstack:2.1.2", "cpe:/o:google:android:4.1.2", "cpe:/a:openssl:openssl:1.0.2a", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:google:android:4.0", "cpe:/o:google:android:4.3", "cpe:/a:openssl:openssl:1.0.2f", "cpe:/o:google:android:4.4.3", "cpe:/o:google:android:5.1", "cpe:/o:google:android:4.1", "cpe:/o:redhat:enterprise_linux_hpc_node_eus:7.2", "cpe:/o:google:android:4.4", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:opensuse:opensuse:13.2", "cpe:/o:opensuse:leap:42.1", "cpe:/a:nodejs:node.js:4.1.2", "cpe:/o:redhat:enterprise_linux_hpc_node:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.2", "cpe:/o:google:android:4.0.1", "cpe:/a:nodejs:node.js:6.0.0", "cpe:/a:hp:helion_openstack:2.1.4", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/a:openssl:openssl:1.0.1s", "cpe:/a:openssl:openssl:1.0.2d", "cpe:/o:google:android:4.0.2", "cpe:/o:google:android:4.2", "cpe:/o:google:android:4.3.1", "cpe:/a:hp:helion_openstack:2.1", "cpe:/a:openssl:openssl:1.0.2", "cpe:/a:hp:helion_openstack:2.0", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:google:android:4.2.1", "cpe:/o:google:android:4.0.3", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:google:android:5.0.1", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:google:android:4.2.2", "cpe:/a:openssl:openssl:1.0.2e", "cpe:/a:openssl:openssl:1.0.2b", "cpe:/o:google:android:5.1.0", "cpe:/o:redhat:enterprise_linux_hpc_node:6.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:google:android:5.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:openssl:openssl:1.0.2g", "cpe:/o:google:android:4.4.1", "cpe:/a:openssl:openssl:1.0.2c"], "id": "CVE-2016-2107", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2107", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:-:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:helion_openstack:2.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:hp:helion_openstack:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:hp:helion_openstack:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:hp:helion_openstack:2.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:11:46", "description": "Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169.", "cvss3": {}, "published": "2013-02-08T19:55:00", "type": "cve", "title": "CVE-2013-1621", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1621"], "modified": "2013-03-08T04:12:00", "cpe": ["cpe:/a:polarssl:polarssl:1.1.0", "cpe:/a:polarssl:polarssl:0.14.2", "cpe:/a:polarssl:polarssl:0.10.1", "cpe:/a:polarssl:polarssl:0.14.0", "cpe:/a:polarssl:polarssl:1.1.2", "cpe:/a:polarssl:polarssl:0.12.0", "cpe:/a:polarssl:polarssl:1.1.5", "cpe:/a:polarssl:polarssl:1.2.3", "cpe:/a:polarssl:polarssl:1.2.4", "cpe:/a:polarssl:polarssl:0.12.1", "cpe:/a:polarssl:polarssl:1.2.1", "cpe:/a:polarssl:polarssl:1.1.3", "cpe:/a:polarssl:polarssl:0.14.3", "cpe:/a:polarssl:polarssl:0.11.1", "cpe:/a:polarssl:polarssl:1.2.0", "cpe:/a:polarssl:polarssl:0.11.0", "cpe:/a:polarssl:polarssl:0.13.1", "cpe:/a:polarssl:polarssl:1.1.4", "cpe:/a:polarssl:polarssl:1.2.2", "cpe:/a:polarssl:polarssl:0.99", "cpe:/a:polarssl:polarssl:0.10.0", "cpe:/a:polarssl:polarssl:1.0.0", "cpe:/a:polarssl:polarssl:1.1.1"], "id": "CVE-2013-1621", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1621", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:polarssl:polarssl:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.3:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre4:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre5:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre3:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre1:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:14:22", "description": "The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169.", "cvss3": {}, "published": "2013-07-03T18:55:00", "type": "cve", "title": "CVE-2013-2116", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-2116"], "modified": "2023-02-13T00:28:00", "cpe": ["cpe:/a:gnu:gnutls:2.12.23"], "id": "CVE-2013-2116", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2116", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnu:gnutls:2.12.23:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:11:38", "description": "The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.", "cvss3": {}, "published": "2013-02-08T19:55:00", "type": "cve", "title": "CVE-2013-1618", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1618"], "modified": "2013-03-08T04:12:00", "cpe": ["cpe:/a:opera:opera_browser:12.10", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:12.11", "cpe:/a:opera:opera_browser:12.12"], "id": "CVE-2013-1618", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1618", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:opera:opera_browser:12.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:12.11:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:12.10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:12.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:12.10:beta:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:12.12:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:12.00:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:12.00:beta:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:11:39", "description": "The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.", "cvss3": {}, "published": "2013-02-08T19:55:00", "type": "cve", "title": "CVE-2013-1619", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1619"], "modified": "2014-03-26T04:46:00", "cpe": ["cpe:/a:gnu:gnutls:2.1.0", "cpe:/a:gnu:gnutls:2.6.1", "cpe:/a:gnu:gnutls:2.12.16", "cpe:/a:gnu:gnutls:2.12.10", "cpe:/a:gnu:gnutls:2.8.0", "cpe:/a:gnu:gnutls:2.10.1", "cpe:/a:gnu:gnutls:2.1.6", "cpe:/a:gnu:gnutls:2.12.1", "cpe:/a:gnu:gnutls:3.0.9", "cpe:/a:gnu:gnutls:3.0.21", "cpe:/a:gnu:gnutls:2.8.3", "cpe:/a:gnu:gnutls:2.12.2", "cpe:/a:gnu:gnutls:2.4.3", "cpe:/a:gnu:gnutls:2.3.3", "cpe:/a:gnu:gnutls:2.1.7", "cpe:/a:gnu:gnutls:2.2.4", "cpe:/a:gnu:gnutls:3.0.26", "cpe:/a:gnu:gnutls:2.6.3", "cpe:/a:gnu:gnutls:2.1.1", "cpe:/a:gnu:gnutls:2.12.4", "cpe:/a:gnu:gnutls:2.12.9", "cpe:/a:gnu:gnutls:2.0.4", "cpe:/a:gnu:gnutls:2.4.0", "cpe:/a:gnu:gnutls:3.0.24", "cpe:/a:gnu:gnutls:2.0.2", "cpe:/a:gnu:gnutls:2.12.0", "cpe:/a:gnu:gnutls:2.7.4", "cpe:/a:gnu:gnutls:2.12.8", "cpe:/a:gnu:gnutls:3.0.6", "cpe:/a:gnu:gnutls:3.0.1", "cpe:/a:gnu:gnutls:2.10.3", "cpe:/a:gnu:gnutls:3.0.13", "cpe:/a:gnu:gnutls:3.0.5", "cpe:/a:gnu:gnutls:2.6.6", "cpe:/a:gnu:gnutls:2.6.4", "cpe:/a:gnu:gnutls:2.0.3", "cpe:/a:gnu:gnutls:3.1.2", "cpe:/a:gnu:gnutls:2.12.18", "cpe:/a:gnu:gnutls:2.1.8", "cpe:/a:gnu:gnutls:2.10.4", "cpe:/a:gnu:gnutls:3.0.11", "cpe:/a:gnu:gnutls:2.8.5", "cpe:/a:gnu:gnutls:2.3.0", "cpe:/a:gnu:gnutls:3.0.18", "cpe:/a:gnu:gnutls:2.2.0", "cpe:/a:gnu:gnutls:2.12.21", "cpe:/a:gnu:gnutls:2.4.2", "cpe:/a:gnu:gnutls:3.0.12", "cpe:/a:gnu:gnutls:2.12.6", "cpe:/a:gnu:gnutls:3.1.6", "cpe:/a:gnu:gnutls:2.3.6", "cpe:/a:gnu:gnutls:2.12.12", "cpe:/a:gnu:gnutls:2.2.1", "cpe:/a:gnu:gnutls:3.0", "cpe:/a:gnu:gnutls:2.12.5", "cpe:/a:gnu:gnutls:3.0.15", "cpe:/a:gnu:gnutls:2.4.1", "cpe:/a:gnu:gnutls:3.0.23", "cpe:/a:gnu:gnutls:2.8.6", "cpe:/a:gnu:gnutls:2.6.5", "cpe:/a:gnu:gnutls:2.10.2", "cpe:/a:gnu:gnutls:3.1.4", "cpe:/a:gnu:gnutls:3.0.19", "cpe:/a:gnu:gnutls:3.0.20", "cpe:/a:gnu:gnutls:3.0.27", "cpe:/a:gnu:gnutls:3.0.0", "cpe:/a:gnu:gnutls:3.0.17", "cpe:/a:gnu:gnutls:2.3.8", "cpe:/a:gnu:gnutls:3.0.2", "cpe:/a:gnu:gnutls:3.0.25", "cpe:/a:gnu:gnutls:2.1.2", "cpe:/a:gnu:gnutls:2.2.3", "cpe:/a:gnu:gnutls:3.0.7", "cpe:/a:gnu:gnutls:2.3.2", "cpe:/a:gnu:gnutls:2.3.7", "cpe:/a:gnu:gnutls:2.8.2", "cpe:/a:gnu:gnutls:2.12.13", "cpe:/a:gnu:gnutls:2.12.22", "cpe:/a:gnu:gnutls:2.6.2", "cpe:/a:gnu:gnutls:2.3.10", "cpe:/a:gnu:gnutls:2.1.3", "cpe:/a:gnu:gnutls:2.8.4", "cpe:/a:gnu:gnutls:2.0.0", "cpe:/a:gnu:gnutls:3.1.1", "cpe:/a:gnu:gnutls:3.0.8", "cpe:/a:gnu:gnutls:3.0.16", "cpe:/a:gnu:gnutls:3.0.4", "cpe:/a:gnu:gnutls:3.0.10", "cpe:/a:gnu:gnutls:3.0.14", "cpe:/a:gnu:gnutls:2.12.15", "cpe:/a:gnu:gnutls:2.6.0", "cpe:/a:gnu:gnutls:2.12.20", "cpe:/a:gnu:gnutls:3.1.5", "cpe:/a:gnu:gnutls:2.0.1", "cpe:/a:gnu:gnutls:2.3.11", "cpe:/a:gnu:gnutls:2.12.14", "cpe:/a:gnu:gnutls:3.0.3", "cpe:/a:gnu:gnutls:2.5.0", "cpe:/a:gnu:gnutls:2.1.4", "cpe:/a:gnu:gnutls:2.2.5", "cpe:/a:gnu:gnutls:2.3.9", "cpe:/a:gnu:gnutls:2.1.5", "cpe:/a:gnu:gnutls:2.3.4", "cpe:/a:gnu:gnutls:2.12.7", "cpe:/a:gnu:gnutls:2.8.1", "cpe:/a:gnu:gnutls:2.3.5", "cpe:/a:gnu:gnutls:2.2.2", "cpe:/a:gnu:gnutls:2.10.5", "cpe:/a:gnu:gnutls:2.12.6.1", "cpe:/a:gnu:gnutls:2.12.17", "cpe:/a:gnu:gnutls:2.12.19", "cpe:/a:gnu:gnutls:2.10.0", "cpe:/a:gnu:gnutls:3.1.0", "cpe:/a:gnu:gnutls:2.12.3", "cpe:/a:gnu:gnutls:3.1.3", "cpe:/a:gnu:gnutls:3.0.22", "cpe:/a:gnu:gnutls:2.12.11", "cpe:/a:gnu:gnutls:2.3.1"], "id": "CVE-2013-1619", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1619", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:gnu:gnutls:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.22:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.20:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.12.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-06-07T14:18:48", "description": "ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote\nattackers to achieve partial plaintext recovery (for a CBC based\nciphersuite) via a timing-based side-channel attack. This vulnerability\nexists because of an incorrect fix (with a wrong SHA-384 calculation) for\nCVE-2013-0169.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904821>\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-28T00:00:00", "type": "ubuntucve", "title": "CVE-2018-0497", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2018-0497"], "modified": "2018-07-28T00:00:00", "id": "UB:CVE-2018-0497", "href": "https://ubuntu.com/security/CVE-2018-0497", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-07T14:22:33", "description": "ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer\nover-read in ssl_parse_server_key_exchange() that could cause a crash on\ninvalid input.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T00:00:00", "type": "ubuntucve", "title": "CVE-2018-9988", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9988"], "modified": "2018-04-10T00:00:00", "id": "UB:CVE-2018-9988", "href": "https://ubuntu.com/security/CVE-2018-9988", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-07T14:22:31", "description": "ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer\nover-read in ssl_parse_server_psk_hint() that could cause a crash on\ninvalid input.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T00:00:00", "type": "ubuntucve", "title": "CVE-2018-9989", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9989"], "modified": "2018-04-10T00:00:00", "id": "UB:CVE-2018-9989", "href": "https://ubuntu.com/security/CVE-2018-9989", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-07T14:18:48", "description": "ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local\nusers to achieve partial plaintext recovery (for a CBC based ciphersuite)\nvia a cache-based side-channel attack.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904821>\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-28T00:00:00", "type": "ubuntucve", "title": "CVE-2018-0498", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0498"], "modified": "2018-07-28T00:00:00", "id": "UB:CVE-2018-0498", "href": "https://ubuntu.com/security/CVE-2018-0498", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:42:38", "description": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in\nOpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider\ntiming side-channel attacks on a MAC check requirement during the\nprocessing of malformed CBC padding, which allows remote attackers to\nconduct distinguishing attacks and plaintext-recovery attacks via\nstatistical analysis of timing data for crafted packets, aka the \"Lucky\nThirteen\" issue.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0169>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699889>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | 1.0.1d has incorrect fix. Use 1.0.1e: \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | regression bug: http://rt.openssl.org/Ticket/Display.html?id=2975&user=guest&pass=guest 1.0.1e still contains another regression: another regression: http://rt.openssl.org/Ticket/Display.html?id=2984&user=guest&pass=guest OpenSSL fix reverted by 1732-2 because of regression (see: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1133333) (see: http://rt.openssl.org/Ticket/Display.html?id=3002) (see: bugs.debian.org/cgi-bin/bugreport.cgi?bug=701868)\n", "cvss3": {}, "published": "2013-02-08T00:00:00", "type": "ubuntucve", "title": "CVE-2013-0169", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2013-02-08T00:00:00", "id": "UB:CVE-2013-0169", "href": "https://ubuntu.com/security/CVE-2013-0169", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-04T14:18:13", "description": "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h\ndoes not consider memory allocation during a certain padding check, which\nallows remote attackers to obtain sensitive cleartext information via a\npadding-oracle attack against an AES CBC session. NOTE: this vulnerability\nexists because of an incorrect fix for CVE-2013-0169.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-03T00:00:00", "type": "ubuntucve", "title": "CVE-2016-2107", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2016-2107"], "modified": "2016-05-03T00:00:00", "id": "UB:CVE-2016-2107", "href": "https://ubuntu.com/security/CVE-2016-2107", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:40:56", "description": "The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS\n2.12.23 allows remote attackers to cause a denial of service (buffer\nover-read and crash) via a crafted padding length. NOTE: this might be due\nto an incorrect fix for CVE-2013-0169.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | introduced by Lucky 13 fix, only on 2.x\n", "cvss3": {}, "published": "2013-05-29T00:00:00", "type": "ubuntucve", "title": "CVE-2013-2116", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-2116"], "modified": "2013-05-29T00:00:00", "id": "UB:CVE-2013-2116", "href": "https://ubuntu.com/security/CVE-2013-2116", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-06T14:42:38", "description": "The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not\nproperly consider timing side-channel attacks on a noncompliant MAC check\noperation during the processing of malformed CBC padding, which allows\nremote attackers to conduct distinguishing attacks and plaintext-recovery\nattacks via statistical analysis of timing data for crafted packets, a\nrelated issue to CVE-2013-0169.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699886>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | no updates from upstream at this time \n[seth-arnold](<https://launchpad.net/~seth-arnold>) | not mentioned in April CPU, but the code fixed in the Debian bug report is present, looks fixed\n", "cvss3": {}, "published": "2013-02-08T00:00:00", "type": "ubuntucve", "title": "CVE-2013-1623", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1623"], "modified": "2013-02-08T00:00:00", "id": "UB:CVE-2013-1623", "href": "https://ubuntu.com/security/CVE-2013-1623", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:42:40", "description": "The TLS implementation in Mozilla Network Security Services (NSS) does not\nproperly consider timing side-channel attacks on a noncompliant MAC check\noperation during the processing of malformed CBC padding, which allows\nremote attackers to conduct distinguishing attacks and plaintext-recovery\nattacks via statistical analysis of timing data for crafted packets, a\nrelated issue to CVE-2013-0169.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699888>\n", "cvss3": {}, "published": "2013-02-08T00:00:00", "type": "ubuntucve", "title": "CVE-2013-1620", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1620"], "modified": "2013-02-08T00:00:00", "id": "UB:CVE-2013-1620", "href": "https://ubuntu.com/security/CVE-2013-1620", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:42:37", "description": "Array index error in the SSL module in PolarSSL before 1.2.5 might allow\nremote attackers to cause a denial of service via vectors involving a\ncrafted padding-length value during validation of CBC padding in a TLS\nsession, a different vulnerability than CVE-2013-0169.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699887>\n", "cvss3": {}, "published": "2013-02-08T00:00:00", "type": "ubuntucve", "title": "CVE-2013-1621", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1621"], "modified": "2013-02-08T00:00:00", "id": "UB:CVE-2013-1621", "href": "https://ubuntu.com/security/CVE-2013-1621", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-06T14:42:37", "description": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C#\nlibrary before 1.8 does not properly consider timing side-channel attacks\non a noncompliant MAC check operation during the processing of malformed\nCBC padding, which allows remote attackers to conduct distinguishing\nattacks and plaintext-recovery attacks via statistical analysis of timing\ndata for crafted packets, a related issue to CVE-2013-0169.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699885>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | list of commits may be incomplete \n[seth-arnold](<https://launchpad.net/~seth-arnold>) | I read all diffs in crypto/tls/ directory since Lucky 13 patches, the two listed here were the only ones that looked related to this problem, the other updates were mostly for style fixes. \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | no reverse depends in main in precise+\n", "cvss3": {}, "published": "2013-02-08T00:00:00", "type": "ubuntucve", "title": "CVE-2013-1624", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1624"], "modified": "2013-02-08T00:00:00", "id": "UB:CVE-2013-1624", "href": "https://ubuntu.com/security/CVE-2013-1624", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-06T14:42:37", "description": "The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and\n3.1.x before 3.1.7 does not properly consider timing side-channel attacks\non a noncompliant MAC check operation during the processing of malformed\nCBC padding, which allows remote attackers to conduct distinguishing\nattacks and plaintext-recovery attacks via statistical analysis of timing\ndata for crafted packets, a related issue to CVE-2013-0169.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1166634>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | LP: #1166634 is reported as a regression\n", "cvss3": {}, "published": "2013-02-08T00:00:00", "type": "ubuntucve", "title": "CVE-2013-1619", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-1619"], "modified": "2013-02-08T00:00:00", "id": "UB:CVE-2013-1619", "href": "https://ubuntu.com/security/CVE-2013-1619", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}], "alpinelinux": [{"lastseen": "2023-06-07T19:05:28", "description": "ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-06-07T19:04:11", "type": "alpinelinux", "title": "CVE-2018-0497", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2018-0497"], "modified": "2023-06-07T19:04:11", "id": "ALPINE:CVE-2018-0497", "href": "https://security.alpinelinux.org/vuln/CVE-2018-0497", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-07T19:05:28", "description": "ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-06-07T19:04:11", "type": "alpinelinux", "title": "CVE-2018-0498", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0498"], "modified": "2023-06-07T19:04:11", "id": "ALPINE:CVE-2018-0498", "href": "https://security.alpinelinux.org/vuln/CVE-2018-0498", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}], "ubuntu": [{"lastseen": "2023-06-06T15:49:42", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * mbedtls \\- lightweight crypto and SSL/TLS library - crypto library\n\nIt was discovered that mbedtls has a bounds-check bypass through an integer \noverflow that can be used by an attacked to execute arbitrary code or cause a \ndenial of service. \n(CVE-2017-18187)\n\nIt was discovered that mbedtls has a vulnerability where an attacker could \nexecute arbitrary code or cause a denial of service (buffer overflow) \nvia a crafted certificate chain that is mishandled during RSASSA-PSS \nsignature verification within a TLS or DTLS session. \n(CVE-2018-0487)\n\nIt was discovered that mbedtls has a vulnerability where an attacker could \nexecute arbitrary code or cause a denial of service (heap corruption) via a \ncrafted application packet within a TLS or DTLS session. \n(CVE-2018-0488)\n\nIt was discovered that mbedtls has a vulnerability that allows remote \nattackers to achieve partial plaintext recovery (for a CBC based ciphersuite) \nvia a timing-based side-channel attack. \n(CVE-2018-0497)\n\nIt was discovered that mbedtls has a vulnerability that allows local users to \nachieve partial plaintext recovery (for a CBC based ciphersuite) via a \ncache-based side-channel attack. \n(CVE-2018-0498)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-05T00:00:00", "type": "ubuntu", "title": "ARM mbed TLS vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18187", "CVE-2018-0487", "CVE-2018-0488", "CVE-2018-0497", "CVE-2018-0498"], "modified": "2020-02-05T00:00:00", "id": "USN-4267-1", "href": "https://ubuntu.com/security/notices/USN-4267-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cnvd": [{"lastseen": "2022-11-05T10:54:28", "description": "ARM mbed TLS (formerly known as PolarSSL) is a product from ARM UK that provides secure communication and encryption for mbed products. ARM mbed TLS versions prior to 2.12.0, 2.7.5, and 2.1.14 contain a security vulnerability. An attacker could exploit the vulnerability to obtain sensitive information.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-30T00:00:00", "type": "cnvd", "title": "Unspecified vulnerability in ARM mbed TLS (CNVD-2021-59609)", "bulletinFamily": "cnvd", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0498"], "modified": "2021-08-09T00:00:00", "id": "CNVD-2021-59609", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-59609", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2021-07-28T14:46:50", "description": "Dislocker has been designed to read BitLocker encrypted partitions (\"drives \") under a Linux system. The driver has the capability to read/write partitions encrypted using Microsoft Windows Vista, 7, 8, 8.1 and 10 (AES-CBC, AES-XTS, 128 or 256 bits, with or without the Elephant diffuser, encrypted partition s); BitLocker-To-Go encrypted partitions (USB/FAT32 partitions). The file name where the BitLocker encrypted partition will be decrypted nee ds to be given. This may take a long time, depending on the size of the encryp ted partition. But afterward, once the partition is decrypted, the access to the NTFS partition will be faster than with FUSE. Another thing to think about is the size of the disk (same size as the volume that is tried to be decrypted ). Nevertheless, once the partition is decrypted, the file can be mounted as a ny NTFS partition and won't have any link to the original BitLocker partition. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-09T00:08:01", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: dislocker-0.7.1-10.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-09T00:08:01", "id": "FEDORA:30021603E85E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZRA7K6AC6UUF3P6DX462MRBIVVHEHB45/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Neko is a high-level dynamically typed programming language which can also be used as an embedded scripting language. It has been designed to provide a common run-time for several different languages. Neko is not only very easy to learn and use, but also has the flexibility of being able to extend the language with C libraries. You can even write generators from your own language to Neko and then use the Neko run-time to compile, run, and access existing libraries. If you need to add a scripting language to your application, Neko provides one of the best trade-offs available between simplicity, extensibility and speed. Neko allows the language designer to focus on design whilst reusing a fast and well constructed run-time, as well as existing libraries for accessing file system, network, databases, XML... Neko has a compiler and virtual machine. The Virtual Machine is both very lightweight and extremely well optimized so that it can run very quickly. The VM can be easily embedded into any application and your libraries are directly accessible using the C foreign function interface. The compiler converts a source .neko file into a byte-code .n file that can be executed with the Virtual Machine. Although the compiler is written in Neko itself, it is still very fast. You can use the compiler as standalone command-line executable separated from the VM, or as a Neko library to perform compile-and-run for interactive languages. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-09T00:08:02", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: nekovm-2.2.0-8.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-09T00:08:02", "id": "FEDORA:67F53603E84F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XXBVW3ECDKZGJOYEME5FRPAABZ3P6I6B/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. FOSS License Exception: https://tls.mbed.org/foss-license-exception ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-09T00:08:02", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: mbedtls-2.13.0-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-09T00:08:02", "id": "FEDORA:4C97C603E84D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GSKUEFPIXVIUJG72JQOELRL2WOKASKTA/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "nng (nanomsg next generation) is a socket library that provides several common communication patterns. It aims to make the networking layer fast, scalable, and easy to use. Implemented in C, it works on a wide range of operating systems with no further dependencies. The communication patterns, also called \"scalability protocols\", are basic blocks for building distributed systems. By combining them you can create a vast array of distributed applications. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-09T00:08:02", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: nng-1.0.1-2.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-09T00:08:02", "id": "FEDORA:8C663603E856", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XRGH3QG6QN7CN37YT5QNCEF7MRVNZOHQ/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Dolphin is a Gamecube, Wii and Triforce (the arcade machine based on the Gamecube) emulator, which supports full HD video with several enhancements such as compatibility with all PC controllers, turbo speed, networked multiplaye r, and more. Most games run perfectly or with minor bugs. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-12T20:17:52", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: dolphin-emu-5.0-25.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-12T20:17:52", "id": "FEDORA:08FDA6048FC4", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WMG4NHFLYC6SCJDSSRT7HV7IRI2D4DZU/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Neko is a high-level dynamically typed programming language which can also be used as an embedded scripting language. It has been designed to provide a common run-time for several different languages. Neko is not only very easy to learn and use, but also has the flexibility of being able to extend the language with C libraries. You can even write generators from your own language to Neko and then use the Neko run-time to compile, run, and access existing libraries. If you need to add a scripting language to your application, Neko provides one of the best trade-offs available between simplicity, extensibility and speed. Neko allows the language designer to focus on design whilst reusing a fast and well constructed run-time, as well as existing libraries for accessing file system, network, databases, XML... Neko has a compiler and virtual machine. The Virtual Machine is both very lightweight and extremely well optimized so that it can run very quickly. The VM can be easily embedded into any application and your libraries are directly accessible using the C foreign function interface. The compiler converts a source .neko file into a byte-code .n file that can be executed with the Virtual Machine. Although the compiler is written in Neko itself, it is still very fast. You can use the compiler as standalone command-line executable separated from the VM, or as a Neko library to perform compile-and-run for interactive languages. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-12T20:17:52", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: nekovm-2.2.0-8.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-12T20:17:52", "id": "FEDORA:3F0A060CEC5C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MYA4SSIXNC5CV3ZEAFZ4ERI24JOO3IBN/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Dislocker has been designed to read BitLocker encrypted partitions (\"drives \") under a Linux system. The driver has the capability to read/write partitions encrypted using Microsoft Windows Vista, 7, 8, 8.1 and 10 (AES-CBC, AES-XTS, 128 or 256 bits, with or without the Elephant diffuser, encrypted partition s); BitLocker-To-Go encrypted partitions (USB/FAT32 partitions). The file name where the BitLocker encrypted partition will be decrypted nee ds to be given. This may take a long time, depending on the size of the encryp ted partition. But afterward, once the partition is decrypted, the access to the NTFS partition will be faster than with FUSE. Another thing to think about is the size of the disk (same size as the volume that is tried to be decrypted ). Nevertheless, once the partition is decrypted, the file can be mounted as a ny NTFS partition and won't have any link to the original BitLocker partition. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-12T20:17:51", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: dislocker-0.7.1-10.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-12T20:17:51", "id": "FEDORA:C308C6048D23", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6NNIXS7UKQLOJUG7FEVPT6VW2CUKQ65S/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. FOSS License Exception: https://tls.mbed.org/foss-license-exception ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-12T20:17:52", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: mbedtls-2.13.0-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-12T20:17:52", "id": "FEDORA:2554F6051CC0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UM23BJMRSZYYR22JLDBTPXOMVSJXVHTZ/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Dolphin is a Gamecube, Wii and Triforce (the arcade machine based on the Gamecube) emulator, which supports full HD video with several enhancements such as compatibility with all PC controllers, turbo speed, networked multiplaye r, and more. Most games run perfectly or with minor bugs. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-09T00:08:02", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: dolphin-emu-5.0-25.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-09T00:08:02", "id": "FEDORA:11FDB603B260", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/T4WU6JBW6TGO3I6L4GEEDLOCITPZPMUN/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Julia is a high-level, high-performance dynamic programming language for technical computing, with syntax that is familiar to users of other technical computing environments. It provides a sophisticated compiler, distributed parallel execution, numerical accuracy, and an extensive mathematical function library. The library, largely written in Julia itself, also integrates mature, best-of-breed C and Fortran libraries for linear algebra, random number generation, signal processing, and string processing. This package only contains the essential parts of the Julia environment: the julia executable and the standard library. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-09T00:08:02", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: julia-1.0.1-3.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497"], "modified": "2018-10-09T00:08:02", "id": "FEDORA:2DB19603E84B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SKIA2R2APJSC7EEVR7KOCZTOWQNIE5HK/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. FOSS License Exception: https://tls.mbed.org/foss-license-exception ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-17T02:28:21", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: mbedtls-2.14.1-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0497", "CVE-2018-19608"], "modified": "2018-12-17T02:28:21", "id": "FEDORA:10FC06048FEE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3YRNPONBFEIO4HMSVRBOW7CDQLWTSN56/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2013-03-02T19:55:52", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: openssl-1.0.1e-3.fc18", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-03-02T19:55:52", "id": "FEDORA:C041720764", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/36JSQCGSMPFINTJKUA4U4UHCCI5MYGP5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows (MinGW) libraries and development tools. ", "cvss3": {}, "published": "2013-04-03T04:51:11", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: mingw-openssl-1.0.1e-1.fc18", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929", "CVE-2013-0169"], "modified": "2013-04-03T04:51:11", "id": "FEDORA:BA848210A3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VLH4H7XTTHPNKWYNK2JACLQO4IFDJGPJ/", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "ibm": [{"lastseen": "2023-02-20T21:37:38", "description": "## Summary\n\nSSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169)\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVEID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>)\n\n \n \n**Description:** \nA weakness in the handling of CBC cipher suites in SSL, TLS and DTLS exploits timing differences arising during MAC processing. OpenSSL versions affected include 1.0.1c, 1.0.0j and 0.9.8x. \n\n**Note: ** This vulnerability is only partially mitigated when OpenSSL is used in conjunction with the OpenSSL FIPS Object Module and the FIPS mode of operation is enabled.\n\n \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> for the current score. \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Rational Build Forge version 8.0 and all earlier versions.\n\n## Remediation/Fixes\n\nUpgrade to [Rational Build Forge Fix Pack 1 (8.0.0.1) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24035921>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:47:31", "type": "ibm", "title": "Security Bulletin: Rational Build Forge Security Advisory (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-06-17T04:47:31", "id": "B2A692687E0D397416E3549B4377E5B3319BF086A451607250B307F6DEECCF53", "href": "https://www.ibm.com/support/pages/node/231539", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:35:20", "description": "## Summary\n\nThe IBM GSKit component used in Rational ClearCase is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVE ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n \n**Description: **The IBM GSKit component used in Rational ClearCase is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets. \n \nThe IBM GSKit is used if ClearCase on Windows platforms is configured to integrate with IBM Rational ClearQuest with communication over SSL (https). This applies to Base CC/CQ integrations using Change Management Interface (CMI) and to UCM-enabled CQ integration via OSLC. If your ClearCase deployment is not using these integrations with ClearQuest, or not using SSL with the integrations, then your deployment is not sensitive to this attack. The UCM-enabled CQ integration without using OSLC (SQUID) is not sensitive to this attack. \n \nIf your deployment does not use ClearCase on Windows, it is not sensitive to this attack. \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational ClearCase 7.1 through 7.1.2.11, 8.0 through 8.0.0.7, and 8.0.1\n\n## Remediation/Fixes\n\nUpgrade to one of the below versions of IBM Rational ClearCase \n\n * [Rational ClearCase Fix Pack 1 (8.0.1.1) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24035657>)\n * [Rational ClearCase Fix Pack 8 (8.0.0.8) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24035655>)\n * 7.1.2.12: Upgrade to 8.0.0.8 or 8.0.1.1 [](<http://www.ibm.com/support/docview.wss?&uid=swg24035652>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Rational ClearCase (GSKit component) with potential for TLS Attack (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-07-10T08:34:12", "id": "0CA57BDC2A5B29D7A05B000C9F4660CECD108471C93FE144B5B5B7B541E5DB80", "href": "https://www.ibm.com/support/pages/node/232881", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:37:36", "description": "## Summary\n\nPrevious releases of IBM Rational Automation Framework are affected by a vulnerability in Java that may allow remote attackers to execute plaintext-recovery attacks.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n \n**CVE ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n** \nDescription: **Unspecified vulnerability in IBM Java Runtime Environment may allow remote attackers to conduct distinguishing attacks and plaintext-recovery via statistical analysis of timing data for crafted packets. \n \nNote that despite the public disclosure, the issue is largely theoretical and very difficult to exploit in real world scenarios. \n_ \n_**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational Automation Framework 3.0.1 and earlier on all supported platforms.\n\n## Remediation/Fixes\n\nUpgrade to [Rational Automation Framework Fix Pack 1 (3.0.1.1) for 3.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24035725>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:48:04", "type": "ibm", "title": "Security Bulletin: Java Vulnerability in Rational Automation Framework (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-06-17T04:48:04", "id": "17F2DE1F272EBF8E1F0E16B3A3D0C121D7F53002360A33B2E318E8910C665E9D", "href": "https://www.ibm.com/support/pages/node/234127", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:37:35", "description": "## Summary\n\nThe IBM GSKit component used in Rational RequisitePro is susceptible to a Transport Layer Security protocol vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVEID: **[CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n \n**Description: **The IBM GSKit component used in Rational RequisitePro is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets. \n \nThe IBM GSKit is used if RequisitePro is configured to use LDAP authentication using SSL. If your RequisitePro deployment is not using LDAP configured with SSL, then your deployment is not sensitive to this attack when authenticating to the LDAP server. \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector: **(AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational RequisitePro 7.1.1.x \nRational RequisitePro 7.1.2.x \nRational RequisitePro 7.1.3.7 and previous versions \nRational RequisitePro 7.1.4.0\n\n## Remediation/Fixes\n\nUpgrade to one of the below versions of IBM Rational RequisitePro \n\n * 7.1.4.x: [Rational RequisitePro Fix Pack 1 (7.1.4.1) for 7.1.4](<http://www.ibm.com/support/docview.wss?uid=swg24035667>)\n * 7.1.3.x: [Rational RequisitePro Fix Pack 8 (7.1.3.8) for 7.1.3](<http://www.ibm.com/support/docview.wss?uid=swg24035666>)\n * 7.1.2.x: Upgrade to 7.1.3.8 or 7.1.4.1\n * 7.1.1.x: Upgrade to 7.1.3.8 or 7.1.4.1\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:48:08", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Rational RequisitePro with a potential for a TLS attack (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-06-17T04:48:08", "id": "3258D879016CCEB97F8F543943D502B2C423771C5D452641CB88919F035248B5", "href": "https://www.ibm.com/support/pages/node/234337", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T17:45:45", "description": "## Summary\n\nThe Lucky Thirteen attack is a cryptographic timing attack against implementations of the Transport Layer Security (TLS) protocol that use the CBC mode of operation. An attacker could perform main in the middle attacks to successfully obtain plain text from the secure channel. \n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nTNPM Wireline| 1.4.0 \nTNPM Wireline| 1.4.1 \nTNPM Wireline| 1.4.2 \nTNPM Wireline| 1.4.3 \nTNPM Wireline| 1.4.4 \nTNPM Wireline| 1.4.5 \n \n## Remediation/Fixes\n\nRefer to the following security bulletin for vulnerability details and information about fixes addressed by WebSphere Application Server shipped with Tivoli Netcool Performance Manager for Wireline.\n\n<https://www.ibm.com/support/pages/node/227769>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-05-07T04:56:20", "type": "ibm", "title": "Security Bulletin: A security vulnerability in IBM Websphere affects IBM Tivoli Netcool Performance Manager for Wireline (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2020-05-07T04:56:20", "id": "FFCC3373408F02CC542763623853BD92D404CF7A56813566A2A692A6EC5C572D", "href": "https://www.ibm.com/support/pages/node/6206785", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-29T18:26:30", "description": "## Abstract\n\nThe IBM JRE that is embedded in the InfoSphere Data Replication Dashboard has a security vulnerability that affects SSL connections to the dashboard web server.\n\n## Content\n\n**VULNERABILITY**** DETAILS:** \n \n**CVE ID: CVE-2013-0169** \n \n**DESCRIPTION: **The TLS protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks by using statistical analysis of timing data for crafted packets, also known as the \"Lucky Thirteen\" issue. \n \n**CVSS:** \nCVSS Base Score: 4.3 \n_CVSS Temporal Score: See _[__https://exchange.xforce.ibmcloud.com/vulnerabilities/81902__](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)_ for the current score CVSS Environmental Score*: Undefined_ \n_CVSS Vector: ___(AV:N/AC:H/Au:N/C:P/I:N/A:N)__ \n \n**AFFECTED PRODUCTS:** \nVersions 10.2, 10.1 and 9.7 of InfoSphere Data Replication Dashboard are affected. \n \n**REMEDIATION:** \nThe recommended solution is to upgrade the product to the latest version. \n \n**FIX:** \nThe vulnerability fixes require upgrading the product to version 10.2.1.0-b343 or higher. Download the latest version of InfoSphere Data Replication Dashboard from [_http://www-01.ibm.com/support/docview.wss?uid=swg24023065_](<http://www-01.ibm.com/support/docview.wss?uid=swg24023065>) \n \n**WORKAROUND:** \nNone known. \n \n**MITIGATION:** \nNone known. \n \n**REFERENCES:** \n[_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[_X-Force Vulnerability Database_](<http://xforce.iss.net/>) \n[_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal_](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>)** ** \n \n**CHANGE HISTORY**: \n25-Oct-2013: Original version published \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSDP5R\",\"label\":\"InfoSphere Replication Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Monitoring\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1;10.2;9.7\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2022-09-25T22:39:39", "type": "ibm", "title": "Security Bulletin: InfoSphere Data Replication Dashboard is affected by a vulnerability in the IBM JRE (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T22:39:39", "id": "C4FDDC1384D8FD0DDE8B004DBBC87A757834460AE92B55B9C87335F27F45968F", "href": "https://www.ibm.com/support/pages/node/500021", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:26:02", "description": "## Abstract\n\nCVE-2013-0169 - The Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \n \n**CVE-2013-0169** \nA weakness in the handling of cipher-block chaining (CBC) ciphersuites in Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) could lead to plaintext recovery of sensitive information by exploiting timing differences arising during message authentication codes (MAC) processing. The CVSS score is based on IBM X-Force rankings, which sets the access complexity for this vulnerability as Medium. \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit may have a limited impact on the confidentiality of information but neither the integrity of data nor the availability of the system would be compromised.** \n \n** \n**CVEID:** \nCVE-2013-0169 \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nIBM Tivoli Key Lifecycle Manager v1, v2 and v2.0.1 \n \n \n**REMEDIATION: ** \nApply the latest Interim Fix for the Websphere Application Server (WAS) v6.1 used with Tivoli Key Lifecycle Manager: \n[_PM87524: SHIP SDK 5 SR16 FP2 FOR WSAS V6.1.0.X_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034996>) \n \nMore information on this Interim Fix can be found in the following security bulletin: \n \n[_Security Bulletin: WebSphere Application Server - Oracle CPU April 2013_](<http://www-01.ibm.com/support/docview.wss?uid=swg21635983&myns=swgws&mynp=OCSSEQTP&mync=E>) \n \n \n \n**_Workaround(s):_** \nNone \n \n**_Mitigation(s):_** \nNone \n \n**REFERENCES: ** \n[\u00b7 __Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>) \n[\u00b7 __On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _ \n[\u00b7 __CVE-2013-0169__](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n[\u00b7 _https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[\u00b7 _PM87524: SHIP SDK 5 SR16 FP2 FOR WSAS V6.1.0.X_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034996>) \n[\u00b7 _Security Bulletin: WebSphere Application Server - Oracle CPU April 2013_](<http://www-01.ibm.com/support/docview.wss?uid=swg21635983&myns=swgws&mynp=OCSSEQTP&mync=E>) \n \n \n \n**RELATED INFORMATION: ** \n[\u00b7 _IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[\u00b7 _IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**ACKNOWLEDGEMENT** \nNone \n \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSWPVP\",\"label\":\"IBM Security Key Lifecycle Manager\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"1.0;2.0;2.0.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2022-09-25T23:13:40", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Key Lifecycle Manager can be affected by a vulnerability in the IBM Java Runtime Environment (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T23:13:40", "id": "511A2CEA23CFB8B15C62F78EE3A158E3C8F986D7D0E152D292B641365BBD08F1", "href": "https://www.ibm.com/support/pages/node/496033", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:05", "description": "## Abstract\n\nThe IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. Oracle has released April 2013 critical patch updates (CPU) which contain security vulnerability fixes and the IBM Java SDK that WebSphere Partner Gateway ships is affected.\n\n## Content\n\n**VULNERABILITY DETAILS** \n \nCVE-2013-0169 - The TLS protocol does not properly consider timing side-channel attacks, which could allow remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**DESCRIPTION:** \nThis Security Bulletin addresses the security vulnerabilities that have shipped with the IBM SDK and is part of the Oracle April 2013 critical patch updates (CPU). For details on these updates please refer to the Reference section of this bulletin. \n \n**Versions Affected.** \n \nWebSphere Partner Gateway Express Edition Versions 6.0 through 6.0.0.3 \n \n \n**REMEDIATION: **\n\nWebSphere Application Server JRE has to be updated to 1.4.2 SR13-FP17. Please contact IBM support to avail the IFix.\n\n**REFERENCES: **\n\n* [_IBM Security Alerts_](<http://www.ibm.com/developerworks/java/jdk/alerts>)\n* [_Oracle Java SE Critical Patch Update Advisory - April 2013_](<http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html>)\n* [_Java on IBM i_](<https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en>)\n* [_Complete CVSS Guide _](<http://www.first.org/cvss/v2/guide>)\n* [_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n* [_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) [_xforce.iss.net/xforce/xfdb/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)\n* [_WebSphere Application Server Recommended Fixes Page _](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n\n**RELATED INFORMATION: **\n\n \nNone \n \n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSDKML\",\"label\":\"WebSphere Partner Gateway - Express\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"6.0.0.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Express for the Oracle CPU April 2013.", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "476070037D8C6B95A023CADE7B7B8E36D86FE85A0AE9BDFC8D5FB131FC5DB6F9", "href": "https://www.ibm.com/support/pages/node/230325", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:25:57", "description": "## Abstract\n\nCVE-2013-0169 - The Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \n \nCVE-2013-0169 \n**The Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. ** \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit may impact the confidentiality of information but the integrity of data, or the availability of the system would not be compromised. \n \n**CVEID:** \nCVE-2013-0169 \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> \nCVSS Environmental Score*: Undefined \n**_CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_** \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nTFIM v6.2, 6.2.1, 6.2.2 \nTFIMBG v6.2, 6.2.1, 6.2.2 \n \n**REMEDIATION: ** \nThe vulnerability is fixed in the following versions of the IBM GSKit libraries. \n \n\u2022 GSKit v7 service stream build 7.0.4.45 \n \nContact your IBM Level 2 support team to obtain the fixed version of the IBM GSKit library. \n \n**_Workaround(s):_** \nNone \n \n**_Mitigation(s):_** \nNone \n \n**REFERENCES: ** \n[\uf0b7 __Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>) \n[\uf0b7 __On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[\uf0b7 __CVE-2013-0169__](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n[\uf0b7 _https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[\uf0b7 _IBM Security Alerts_](<https://www.ibm.com/developerworks/java/jdk/alerts/>) \n \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n \n \n**ACKNOWLEDGEMENT** \nNone \n \n \n \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._ \n \n\n\n[{\"Product\":{\"code\":\"SSZSXU\",\"label\":\"Tivoli Federated Identity Manager\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"}],\"Version\":\"6.2;6.2.1;6.2.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}},{\"Product\":{\"code\":\"SS4J57\",\"label\":\"Tivoli Federated Identity Manager Business Gateway\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"6.2;6.2.1;6.2.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":null,\"label\":null}}]", "cvss3": {}, "published": "2022-09-25T23:13:40", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway can be affected by a vulnerability in the IBM GSKit library (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T23:13:40", "id": "76B052C00B7D3B7660A204A6BD72087C4E84FB5E8C7CEA95BE48BBACC2FC5AD0", "href": "https://www.ibm.com/support/pages/node/489993", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:35:22", "description": "## Summary\n\nIBM Rational ClearCase includes an IBM Java SDK that is based on the Oracle JDK. Oracle has released April 2013 critical patch updates (CPU) which contain security vulnerability fixes and the IBM Java SDK has been updated to incorporate those updates.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVE ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n \n**Description:** The TLS protocol does not properly consider timing side-channel attacks, which could allow remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector: **(AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational ClearCase, Remote Client, 7.1 through 7.1.2.11, 8.0 through 8.0.0.7, and 8.0.1 \n \n**Note:** The vulnerability only affects ClearCase Remote Client. \n\n * If your deployment does not use ClearCase Remote Client, it is _not vulnerable_. \n * If your deployment does not use SSL (https) between ClearCase Remote Client and CM Server or CCRC WAN Server, it is _not vulnerable_.\n\n## Remediation/Fixes\n\nUpgrade to one of the below versions of IBM Rational ClearCase: \n\n\n * [Rational ClearCase Fix Pack 1 (8.0.1.1) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24035657>)\n * [Rational ClearCase Fix Pack 8 (8.0.0.8) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24035655>)\n * [Rational ClearCase Fix Pack 12 (7.1.2.12) for 7.1.2](<http://www.ibm.com/support/docview.wss?uid=swg24035653>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Rational ClearCase (Java component) with potential for TLS Attack (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-07-10T08:34:12", "id": "9767587F564D9C9625F74EB5AC595ABB7605EE6BA3253E7CAEBC767879A17130", "href": "https://www.ibm.com/support/pages/node/232887", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:45:38", "description": "## Abstract\n\nThe Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \nCVE-2013-0169 \n \n**DESCRIPTION: ** \n \nA weakness in the handling of cipher-block chaining (CBC) ciphersuites in Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) could lead to plaintext recovery of sensitive information by exploiting timing differences arising during message authentication codes (MAC) processing. The CVSS score is based on IBM X-Force rankings, which sets the access complexity for this vulnerability as Medium. \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit may impact the confidentiality of information but the integrity of data, or the availability of the system would not be compromised. \n \n**CVEID:** \nCVE-2013-0169 \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \n**_CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_** \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nPRODUCT VERSIONS AFFECTED \n \n\n\nPRODUCT version| GSKit Version \n---|--- \nTivoli Directory Server V6.0 \nTivoli Directory Server V6.1 \nTivoli Directory Server V6.2| GSKit 7.0 \nTivoli Directory Server V6.3| GSKit 8.0 \n \n \n**REMEDIATION: ** \nThe vulnerability is fixed in the following versions of the IBM GSKit libraries. \n\n* GSKit v8 Common Criteria stream build 8.0.14.27\n* GSKit v8 service stream build 8.0.50.4\n* GSKit v7 service stream build 7.0.4.45\n \n \nTivoli Directory Server fixes for entitled customers on Fix Central provide access to the latest GSKit build available as of their publication. \n \nFor access to GSKit 8.0.14.27: \n* [_Upgrade to Tivoli Directory Server 6.3.0.22_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.3.0.22&platform=All&function=all>)\n \n \nFor access to GSKit 7.0.4.45: \n* [_Upgrade to Tivoli Directory Server 6.2.0.30_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.2.0.30&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.1.0.55_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.1.0.55&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.0.0.72_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.0.0.72&platform=All&function=all>)\n \n \n \n**_Workaround(s):_** \nNone \n \n**_Mitigation(s):_** \nNone \n \n**REFERENCES: **\n* [__Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>)\n* [__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n* [__CVE-2013-0169__](<https://vulners.com/cve/CVE-2013-0169>)\n* [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)\n* [_IBM Security Alerts_](<https://www.ibm.com/developerworks/java/jdk/alerts/>)\n* [_Upgrade to Tivoli Directory Server 6.3.0.22_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.3.0.22&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.2.0.30_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.2.0.30&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.1.0.55_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.1.0.55&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.0.0.72_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.0.0.72&platform=All&function=all>) \n\n \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n \n \n**ACKNOWLEDGEMENT** \nNone \n \n \n \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSVJJU\",\"label\":\"IBM Security Directory Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"6.0;6.1;6.2;6.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2022-09-26T05:45:55", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Directory Server can be affected by a vulnerability in the IBM GSKit library (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-26T05:45:55", "id": "236329FBB4C57928A51AF5989855EBBE8AEFC2496ED2345E1CE8C703B7EA9BD5", "href": "https://www.ibm.com/support/pages/node/493881", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:44:48", "description": "## Abstract\n\nPotential Security Exposure with IBM HTTP Server for WebSphere Application Server\n\n## Content\n\n**VULNERABILITY DETAILS: **\n\n**CVE ID: ****_CVE-2013-0169 (PM85211) _**** \n \nDESCRIPTION: **The TLS protocol in the GSKIT component of the IBM HTTP Server does not properly consider timing side-channel attacks, which could allow a remote attacker to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. ** \n \nCVSS:** _ \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_** \n \nAFFECTED VERSIONS: **This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: \n\u00b7 Version 8.5 \n\u00b7 Version 8 \n\u00b7 Version 7 \n\u00b7 Version 6.1 \n\n**REMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical \n\n**_Fix:_** Apply a Fix Pack or PTF containing this APAR PM85211, as noted below: \n\n**For affected versions of IBM HTTP Server for WebSphere Application Server:**\n\n**For V8.5.0.0 through 8.5.0.2 Full Profile:**\n\n* Apply Interim Fix [PM85211](<http://www-01.ibm.com/support/docview.wss?uid=swg24035061>)\n \n\\--OR-- \n* Apply Fix Pack 8.5.5.0 or later.\n\n** For V8.0.0.0 through 8.0.0.6:**\n\n* Apply Interim Fix [PM85211](<http://www-01.ibm.com/support/docview.wss?uid=swg24035061>)\n \n\\--OR-- \n* Apply Fix Pack 8.0.0.7 or later.\n* \n**For V7.0.0.0 through 7.0.0.27:**\n* Apply Interim Fix [PM85211](<http://www-01.ibm.com/support/docview.wss?uid=swg24035061>)\n \n\\--OR-- \n* Apply Fix Pack 7.0.0.29 or later.\n \n \n**For V6.1.0.0 through 6.1.0.45:**\n* Apply Interim Fix [PM85211](<http://www-01.ibm.com/support/docview.wss?uid=swg24035061>)\n \n\\--OR-- \n* Apply Fix Pack 6.1.0.47 or later.\n\n\u00b7 **_Workaround(s):_** None \n \n\u00b7 **_Mitigation(s):_** None\n\n \n \n**Important note: **IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [_System z Security web site_](<http://www-03.ibm.com/systems/z/solutions/security_subintegrity.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk. \n \n \nFor additional details and information on WebSphere Application Server product updates: \n* For Distributed, see [_Recommended fixes for WebSphere Application Server._](<http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n* For z/OS, see [_APAR/PTF Tables by version for IBM WebSphere Application Server for z/OS_](<http://www.ibm.com/support/docview.wss?uid=swg27006970>). \n \n\n\n**REFERENCES:**_ \n_[](<https://www-304.ibm.com/support/docview.wss?uid=swg21496117&wv=1>)[_\u00b7 ___Complete CVSS Guide__](<https://www.first.org/cvss/v2/guide>)_ _[](<http://www.first.org/cvss/cvss-guide.html>)_ __ \n_[_\u00b7 ___On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _[](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _ \n[](<https://www-304.ibm.com/support/docview.wss?uid=swg21496117&wv=1>)[_\u00b7 ___CVE-2013-0169__](<https://vulners.com/cve/CVE-2013-0169>)[](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-xxxx>)[](<http://www.first.org/cvss/cvss-guide.html>)_ _[_xforce.iss.net/xforce/xfdb/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)_ __ \n_\n\n \n \n \n\n\n**CHANGE HISTORY:** \n\u00b7 _30 May 2013: Original copy published_\n\n \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n**_ \nNote: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSEQTP\",\"label\":\"WebSphere Application Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Security\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"8.5;8.0;7.0;6.1\",\"Edition\":\"Base;Developer;Express;Network Deployment\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSEQTJ\",\"label\":\"IBM HTTP Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Base Server\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"8.5;8.0;7.0;6.1\",\"Edition\":\"All Editions\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-09-25T23:13:40", "type": "ibm", "title": "Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169 PM85211", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T23:13:40", "id": "3F34D8EA25B1CFED1F77BE0A29D70083D293CF0532267E430A4F453410CE1576", "href": "https://www.ibm.com/support/pages/node/491407", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:44:43", "description": "## Abstract\n\nDownload an update to the TS3310 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL.\n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \nA security vulnerability was found in OpenSSL version 1.0.1c (along with other earlier versions). For a complete list of OpenSSL Vulnerabilities by version, please refer to: [_http://www.openssl.org/news/vulnerabilities.html_](<http://www.openssl.org/news/vulnerabilities.html>) \n \nThe IBM TS3310 tape library firmware has been updated to contain a newer version of OpenSSL. \n \n \n**CVEID: **CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nAll TS3310 tape libraries with firmware versions lower than 636G. \n \n \n**REMEDIATION: ** \nThe recommended solution involves applying the fix, which is contained in firmware version 636G and above. The fix remediates the vulnerability by updating OpenSSL to version 1.0.1d. \n \n \n**Fix:** \nApply firmware version 636G or later, available from IBM Fix Central [_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>) \n \n \n**Workaround(s):** \nNone \n \n**Mitigation(s):** \nConnect the library directly to a workstation or private network that is trusted (i.e., access to the workstation or network is controlled or limited to persons that would all have administrator privileges or persons that can be trusted not to attempt to hack into the library). \n \n**REFERENCES**\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/v2/guide>)\n * [__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _\n * [__CVE-2013-0169____ __](<https://vulners.com/cve/CVE-2013-0169>)\n * _X-Force Vulnerability Database_ [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>)\n * \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**ACKNOWLEDGEMENT** \nNone \n \n**CHANGE HISTORY** \n17 May 2013: Original Copy Published \n10 June 2013: Updated CVSS Base Score and CVSS Vector \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY_\n\n[{\"Product\":{\"code\":\"STCXRHW\",\"label\":\"TS3310 Tape Library (3576)\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"\",\"label\":\"N\\/A\"}],\"Version\":\"Not Applicable\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB26\",\"label\":\"Storage\"}}]", "cvss3": {}, "published": "2022-09-26T04:23:14", "type": "ibm", "title": "Security Bulletin: IBM TS3310 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-26T04:23:14", "id": "618A72A7D08892ADCD819AD422F802E0F22DD66F0926AF2D81288E8865A68EFC", "href": "https://www.ibm.com/support/pages/node/689167", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:44:48", "description": "## Abstract\n\nGSKit is used by IBM DB2 for SSL support. The version of GSKit iused by DB2 is vulnerable to the \u201cLucky Thirteen\u201d security vulnerability. By default, DB2 does not use SSL for client-server communication and therefore DB2 is vulnerable only if SSL is enabled.\n\n## Content\n\n**VULNERABILITY DETAILS** \n \n \n**CVE ID: CVE-2013-0169** \n \n**Description:** \n \nThe Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit may impact the confidentiality of information but the integrity of data, or the availability of the system would not be compromised. \n \n \n**CVSS:** \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PLATFORMS:** \n \nThe following IBM DB2 and DB2 Connect V9.1, V9.5, V9.7 and V10.1 editions running on AIX, Linux, HP, Solaris and Windows. \n \nIBM\u00ae DB2\u00ae Express Edition \nIBM\u00ae DB2\u00ae Workgroup Server Edition \nIBM\u00ae DB2\u00ae Enterprise Server Edition \nIBM\u00ae DB2\u00ae Advanced Enterprise Server Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Application Server Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Enterprise Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Unlimited Edition for System i\u00ae \nIBM\u00ae DB2\u00ae Connect\u2122 Unlimited Edition for System z\u00ae \n \nThe following IBM V9.8 editions running on AIX and Linux: \n \nIBM\u00ae DB2\u00ae pureScale\u2122 Feature for Enterprise Server Edition \n \n \n**REMEDIATION: ** \n \nThe recommended solution is to apply the appropriate fix for this vulnerability. \n \n \n**FIX:** \nThe fix for this vulnerability is available for download for DB2 and DB2 Connect release V9.7 FP9 and V10.1 FP3a/FP4. \n \nFor DB2 and DB2 Connect V9.5 and V9.8, the fix is planned to be made available in future fix packs. \n \nDB2 and DB2 Connect V9.1 are no longer supported and therefore no patch will be made available. Please upgrade to a supported version of DB2 or DB2 Connect, as applicable, and apply the fix. Customers who have an extended support contract for this version may contact support to request a fix under the terms of their contract. \n \nA special build with an interim patch for this issue may be requested for DB2 and DB2 Connect V9.5 FP9 & FP10 and V9.8 FP5. Please contact your service representative to request the special build and reference the APAR number for the release you want. \n\n\n \n**Release**| **APAR**| **Download URL** \n---|---|--- \nV9.5 | [_IC90385_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90385>)| Not available. Please contact technical support. \nV9.7 FP9 | [_IC90395_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90395>)| <http://www.ibm.com/support/docview.wss?uid=swg24036646> \nV9.8| [_IC90396_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90396>)| Not available. Please contact technical support. \nV10.1 FP3a| [_IC90397_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90397>)| <http://www.ibm.com/support/docview.wss?uid=swg24037557> \nV10.1 FP4| [_IC90397_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90397>)| <http://www.ibm.com/support/docview.wss?uid=swg24037466> \n \n \n \n**Contact Technical Support:**\n\nIn the United States and Canada dial **1-800-IBM-SERV** \nView the support [_contacts for other countries_](<http://www.ibm.com/planetwide/>) outside of the United States. \nElectronically [_open a Service Request_](<http://www.ibm.com/software/data/db2/support/db2_9/probsub.html>) with DB2 Technical Support. \n\n \n \n \n\n\n**WORKAROUND:**\n\nNone.\n\n \n\n\n**MITIGATION:**\n\nNone.\n\n \n \n \n**REFERENCES**: \n[\uf0b7__Complete CVSS v2 Guide__](<http://www.first.org/cvss/v2/guide>) \n[\uf0b7__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[\uf0b7__X-Force Vulnerability Database - 81902__](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[\uf0b7__CVE-2013-0169__](<https://vulners.com/cve/CVE-2013-0169>) \n \n \n[](<http://www.appsecinc.com/resources/alerts/>) \n**CHANGE HISTORY: ** \nMay 31, 2013: Original version published. \nDecember 16, 2013: Added V9.7 FP9 download URL. \nMarch 19, 2014: Updated V10.1 special build fix pack level to FP2 & FP3. \nJune 6, 2014: Updated V10.1 FP3a and FP4 download URL. \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS_ \n \n**_Note:_**_ IBM\u2019s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM\u2019s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion._\n\n[{\"Product\":{\"code\":\"SSEPGG\",\"label\":\"Db2 for Linux, UNIX and Windows\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\"Security \\/ Plug-Ins - Security Vulnerability\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"9.8;9.7;9.5;9.1;10.1\",\"Edition\":\"Advanced Enterprise Server;Enterprise Server;Express;Express-C;Personal;Workgroup Server\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}},{\"Product\":{\"code\":\"SSEPDU\",\"label\":\"Db2 Connect\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2022-09-25T23:13:40", "type": "ibm", "title": "Security Bulletin: IBM DB2 is impacted by a vulnerability in the IBM GSKit library (CVE-2013-0169).", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T23:13:40", "id": "AD3DEE6A50AC4F6651955CE510E56DC0170683854BF573E9389CCA2769B638B1", "href": "https://www.ibm.com/support/pages/node/494939", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:37", "description": "## Abstract\n\nPotential security vulnerabilities exist in the IBM Java SDK that is shipped with the IBM FileNet Business Process Manager.\n\n## Content\n\nThe products that are listed below can be affected by security vulnerabilities as reported by Oracle April 2013 Critical Patch updates: \n \n\u00b7 IBM FileNet Business Process Manager 4.5.1, 5.0.0/5.1.0 \n \n**Vulnerability details: ** \n \nThe following security vulnerabilities exist in the IBM Java SDK shipped with IBM Business Process Manager 4.5.1, 5.0.0/5.1.0 \n \n**CVSS:** \nCVEID: CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**Affected products and versions: ** \nProduct: IBM Business Process Manager 4.5.1, 5.0.0/5.1.0 \u2013 including all fix packs \n \n**Remediation: ** \n \n_Apply the following fixes:_\n\n**_Fix*_**| **_Component-VRMF_**| **_How to acquire fix_** \n---|---|--- \n_4.5.1 interim fix_| _4.5.1.4-P8PE_ \n_4.5.1.2-P8PS_ \n_4.5.1.3-P8PA_| [_4.5.1.4-P8PE-IF002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Engine&release=4.5.1.4&platform=All&function=all>) \n[_4.5.1.2-P8PS-IF002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Simulator&release=4.5.1.2&platform=All&function=all>) \n[_4.5.1.3-P8PA-IF002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Analyzer&release=4.5.1.3&platform=All&function=all>) \n_5.0.0/5.1.0 GA fix pack_| _5.0.0.5-P8PE_ \n_5.0.0.2-P8PS_ \n_5.0.0.4-P8CA_| [_5.0.0.5-P8PE-FP005_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Engine&release=5.0.0.0&platform=All&function=all>) \n[_5.0.0.2-P8PS-FP002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Simulator&release=5.0.0.0&platform=All&function=all>) \n[_5.0.0.4-P8CA-FP004_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/Case+Analyzer&release=5.0.0.3&platform=All&function=all>) \n \nNote: BPM 5.0 and BPM 5.1 are patched by the same 5.0.0.x patch streams. \n \n**_Workaround(s):_** \n**None** \n \n**_Mitigation(s):_** \n**None** \n \n**References: ** \n[__Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>)_ _ \n[__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n \n \n**Related information: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n\n\n_*The CVSS Environment Score is customer environment-specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSNW2F\",\"label\":\"FileNet P8 Platform\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Process Engine\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"}],\"Version\":\"5.1;5.0;4.5.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: IBM FileNet Business Process Manager \u2013 Oracle Critical Patch Updates April 2013 (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "C43295EDCDB671C41F9E96483F5E89378A947A89F40869B467F309DBF973E6B7", "href": "https://www.ibm.com/support/pages/node/231021", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:29", "description": "## Abstract\n\nIBM InfoSphere Optim Performance Manager uses the IBM Java Runtime Environment (JRE) and is affected by a vulnerability in the IBM JRE.\n\n## Content\n\n \n**VULNERABILITY DETAILS:** \n \n**CVE ID: **CVE-2013-0169 \n \n**DESCRIPTION: ** \nThe TLS protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \n**CVSS:** \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS: ** \n \nIBM Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 4.1 through 4.1.1 \n \nIBM InfoSphere Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 5.1 through 5.3 \n \n**REMEDIATION:** \n \n**FIX(ES): ** \n \nYou must replace the IBM JRE that is installed with IBM InfoSphere Optim Performance Manager for DB2 on Linux, UNIX, and Windows with the latest IBM JRE. Detailed instructions are provided in the technote _\u201c_[__Updating the IBM JRE for InfoSphere Optim Performance Manager__](<http://www.ibm.com/support/docview.wss?uid=swg21640535>)_\u201d_. \n \n \n**WORKAROUND(S): ** \nNone known. \n \n**MITIGATION(S):** \nNone known. \n \n**REFERENCES:** \n[_Complete CVSS Guide_](<http://www.first.org/cvss/v2/guide>) \n[_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[_X-Force Vulnerability Database_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**CHANGE HISTORY: ** \n07-30-2013: Original version published \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSBH2R\",\"label\":\"InfoSphere Optim Performance Manager for Db2 for Linux, UNIX, and Windows\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"5.3;5.2;5.1.1.1;5.1.1;5.1;4.1.1;4.1.0.1;4.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SSBH2R\",\"label\":\"InfoSphere Optim Performance Manager for Db2 for Linux, UNIX, and Windows\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":null,\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"4.1.0.1;4.1.1\",\"Edition\":\"Enterprise;Workgroup;Content Manager;Extended\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: InfoSphere Optim Performance Manager affected by vulnerability in IBM JAVA JRE (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "540B5BFC7425C0A1AEC2AE0E39CAFAA87610B3C5A51646F532BF2994455918B4", "href": "https://www.ibm.com/support/pages/node/229181", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T21:26:04", "description": "## Abstract\n\nDownload an update to the TS3400 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL.\n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \nA security vulnerability was found in OpenSSL version 1.0.1c (along with other earlier versions). For a complete list of OpenSSL Vulnerabilities by version, please refer to: [_http://www.openssl.org/news/vulnerabilities.html_](<http://www.openssl.org/news/vulnerabilities.html>) \n \nThe IBM TS3400 tape library firmware has been updated to contain a newer version of OpenSSL. \n \n**CVEID: **CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nAll TS3400 tape libraries with firmware versions lower than 0040. \n \n**REMEDIATION: ** \nThe recommended solution involves applying the fix, which is contained in firmware version 0040 and above. The fix remediates the vulnerability by updating OpenSSL to version 1.0.1d. \n \n**Fix:** \nApply firmware version 0040 or later, available from IBM Fix Central [_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>) \n \n**Workaround(s):** \nNone \n \n**Mitigation(s):** \nConnect the library directly to a workstation or private network that is trusted (i.e., access to the workstation or network is controlled or limited to persons that would all have administrator privileges or persons that can be trusted not to attempt to hack into the library). \n \n**REFERENCES**\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/v2/guide>)\n * [__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _\n * [__CVE-2013-0169____ __](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>)\n * _X-Force Vulnerability Database_ [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>)\n * **RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**ACKNOWLEDGEMENT** \nNone \n \n**CHANGE HISTORY** \n14 June 2013: Original Copy Published \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"STCDUHL\",\"label\":\"Tape systems-\\u003ETS3400 Tape Library (3577)\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Not Applicable\",\"Edition\":\"Standard\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {}, "published": "2022-09-26T04:23:14", "type": "ibm", "title": "Security Bulletin: IBM TS3400 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-26T04:23:14", "id": "C53887B5065E8CBF2E75B8207E4CC5546F907715375F0C60DDEEACFD8829F5D5", "href": "https://www.ibm.com/support/pages/node/689221", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:10", "description": "## Abstract\n\nThe IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. The April 2013 Oracle Critical Patch Updates (CPU) contained various security vulnerability fixes for the Oracle JDKs. The IBM Java SDK that WebSphere Partner Gateway ships is similarly affected.\n\n## Content\n\n**VULNERABILITY DETAILS** \n \nCVE-2013-0169 - The TLS protocol does not properly consider timing side-channel attacks, which could allow remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**DESCRIPTION:** \nThis Security Bulletin addresses the security vulnerabilities that have shipped with the IBM SDK and is part of the Oracle April 2013 critical patch updates (CPU). For details on these updates please refer to the Reference section of this bulletin. \n \n**Versions Affected.** \n \nWebSphere Partner Gateway Advanced/Enterprise Edition Versions 6.2 through 6.2.1.2 \n \n \n**REMEDIATION: ** \n \nUpgrade your JAVA SDK and Integrated FTP/SFTP JRE to an interim fix level as determined below. \n \n\n\n**_Fix_**| **_VRMF_**| **_APAR_**| **_How to acquire fix_** \n---|---|---|--- \n_WAS 7.0 IFIX_| _7.0.0.0 through 7.0.0.27 _| PM87521| [_PM87521_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034997>) \n_WAS 6.1 IFIX_| _6.1.0.0 through 6.1.0.45_| PM87524| [_PM87524_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034996>) \n_WPG IFIX_| _6.2.1.2_| JR47328| [JR47328](<http://www.ibm.com/eserver/support/fixes/fixcentral/swg/quickorder?fixes=6.2.1.2-WS-WPG-IFJR47328&productid=WebSphere%20Partner%20Gateway%20Advanced%20Edition&brandid=5>) \n \n \n \n**REFERENCES: **\n* [_IBM Security Alerts_](<http://www.ibm.com/developerworks/java/jdk/alerts>)\n* [_Oracle Java SE Critical Patch Update Advisory - April 2013_](<http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html>)\n* [_Java on IBM i_](<https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en>)\n* [_Complete CVSS Guide _](<http://www.first.org/cvss/v2/guide>)\n* [_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n* [_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) [_xforce.iss.net/xforce/xfdb/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)\n* [_WebSphere Application Server Recommended Fixes Page _](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n \n**RELATED INFORMATION: ** \nNone \n \n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSDKKW\",\"label\":\"WebSphere Partner Gateway Advanced Edition\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"6.2.1.2\",\"Edition\":\"Advanced;Enterprise\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Advanced/Enterprise for the Oracle CPU April 2013.", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "ADCCD07ABE84A7FC8550F577A3823CD6D29F46A50A4065FB573165CDF08E84E1", "href": "https://www.ibm.com/support/pages/node/230323", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:35", "description": "## Abstract\n\nIBM DB2 Recovery Expert for Linux, UNIX and Windows uses the IBM Java Runtime Environment (JRE) and is affected by a vulnerability issue in the IBM JRE.\n\n## Content\n\n**VULNERABILITY DETAILS:** \n \n**CVE ID: **CVE-2013-0169 \n \n**DESCRIPTION: ** \nThe TLS protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \n** CVSS:**\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [**_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_**](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n--- \n \n**AFFECTED PRODUCTS: ** \n \nIBM DB2 Recovery Expert for Linux, UNIX, and Windows version 3.1.0.0 through 4.1.0.0 \n \n**REMEDIATION:** \n \n**VENDOR FIX: ** \n \nDB2 Recovery Expert V4.1.0 \n \nInstall Interim Fix 1 (4.1.0.0_IF1) \n \nDB2 Recovery Expert V3.1.0 \n \nYou must replace the IBM JRE that is installed with IBM DB2 Recovery Expert with the latest IBM JRE. Detailed instructions are provided in the technote \u201cUpdating the JRE for DB2 Recovery Expert for Linux, UNIX and Windows. See <http://www-01.ibm.com/support/docview.wss?uid=swg21644942> \n \nFor further assistance contact IBM Technical Support. \n \n**WORKAROUND: ** \nNone \n \n**MITIGATION:** \nNone \n \n**REFERENCES:** \n[_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[_X-Force Vulnerability Database_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n \n \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**CHANGE HISTORY: ** \n**_07/25/2013: Original version published_** \n \n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash._ \n_ _ \n_Note: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SS8QJD\",\"label\":\"DB2 Recovery Expert for Linux, UNIX and Windows\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"4.1.0;3.1.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: DB2 Recovery Expert for Linux, UNIX and Windows affected by vulnerability in IBM Java JRE (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "61C29B2018A4B8DC7247FEB87D67D749F5AB58D20D16FB7F0426B1B9762B49FF", "href": "https://www.ibm.com/support/pages/node/228889", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:37:36", "description": "## Summary\n\nThe IBM GSKit component used in Rational ClearQuest is susceptible to a Transport Layer Security protocol vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVE ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n \n**Description: **The IBM GSKit component used in Rational ClearQuest is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets. \n \nThe IBM GSKit is used if ClearQuest is configured to use LDAP authentication using SSL. If your ClearQuest deployment is not using LDAP configured with SSL, then your deployment is not sensitive to this attack when authenticating to the LDAP server. \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational ClearQuest Web 7.1 through 7.1.2.10, 8.0 through 8.0.0.7, and 8.0.1\n\n## Remediation/Fixes\n\nUpgrade to one of the below versions of IBM Rational ClearQuest \n\n * [Rational ClearQuest Fix Pack 1 (8.0.1.1) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24035656>)\n * [Rational ClearQuest Fix Pack 8 (8.0.0.8) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24035654>)\n * 7.1.2.12: Upgrade to either 8.0.0.8 or 8.0.1.1 [](<http://www.ibm.com/support/docview.wss?&uid=swg24035652>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:47:41", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Rational ClearQuest with potential for TLS Attack (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-06-17T04:47:41", "id": "BC14F6832E7A855373319126E5CF0A69CAAC1369B245AE25C03158E47AD57D0A", "href": "https://www.ibm.com/support/pages/node/232691", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:38:45", "description": "## Abstract\n\nDownload an update to the TS2900 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL.\n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \nA security vulnerability was found in OpenSSL version 1.0.1c (along with other earlier versions). For a complete list of OpenSSL Vulnerabilities by version, please refer to: [_http://www.openssl.org/news/vulnerabilities.html_](<http://www.openssl.org/news/vulnerabilities.html>) \n \nThe IBM TS2900 tape library firmware has been updated to contain a newer version of OpenSSL. \n \n \n**CVEID: **CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nAll TS2900 tape libraries with firmware versions lower than 0026. \n \n \n**REMEDIATION: ** \nThe recommended solution involves applying the fix, which is contained in firmware version 0026 and above. The fix remediates the vulnerability by updating OpenSSL to version 1.0.1d. \n \n**Fix:** \nApply firmware version 0026 or later, available from IBM Fix Central [_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>) \n \n**Workaround(s):** \nNone \n \n**Mitigation(s):** \nConnect the library directly to a workstation or private network that is trusted (i.e., access to the workstation or network is controlled or limited to persons that would all have administrator privileges or persons that can be trusted not to attempt to hack into the library). \n \n \n**REFERENCES**\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/v2/guide>)\n * [__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _\n * [__CVE-2013-0169____ __](<https://vulners.com/cve/CVE-2013-0169>)\n * _X-Force Vulnerability Database_ [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>)\n * \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n \n**ACKNOWLEDGEMENT** \nNone \n \n**CHANGE HISTORY** \n07 June 2013: Original Copy Published \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"STCAPQJ\",\"label\":\"TS2900 Tape Autoloader\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Not Applicable\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB26\",\"label\":\"Storage\"}}]", "cvss3": {}, "published": "2023-03-26T01:04:50", "type": "ibm", "title": "Security Bulletin: IBM TS2900 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2023-03-26T01:04:50", "id": "43B76C333A7576029A83B6169787B1ACB6CA6F7F5FB81FE4498044B211FB42E4", "href": "https://www.ibm.com/support/pages/node/689189", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:52:57", "description": "## Summary\n\nIBM Systems Director is shipped as a component of IBM Systems Director Editions. Information about a security vulnerability affecting IBM Systems Director has been published in a security bulletin.\n\n## Vulnerability Details\n\n## Abstract\n\nIBM Systems Director is shipped as a component of IBM Systems Director Editions. Information about a security vulnerability affecting IBM Systems Director has been published in a security bulletin.\n\n## Content\n\n**Vulnerability Details:**\n\nPlease consult the [ security bulletin](<http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096564>) for vulnerability details.\n\n## Affected products and versions\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version \n---|--- \nIBM Systems Director Editions 6.2.0.0 | IBM Systems Director 6.2.0.0 \nIBM Systems Director Editions 6.2.1.0 | IBM Systems Director 6.2.1.0 \nIBM Systems Director Editions 6.3.0.0 | IBM Systems Director 6.3.0.0 \nIBM Systems Director Editions 6.3.2.0 | IBM Systems Director 6.3.2.0 \n \n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>)\n\n**Change History** \n11 November 2014: Original Copy Published\n\n## ", "cvss3": {}, "published": "2019-01-31T01:30:01", "type": "ibm", "title": "Security Bulletin: Security vulnerability has been identified in IBM Systems Director shipped with IBM Systems Director Editions (CVE-2013-0169, CVE-2013-4002)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-4002"], "modified": "2019-01-31T01:30:01", "id": "8FB0EF2BC912FEF8086EDA6A85F6EADBA8F6FD58431B3D97965CB05312955112", "href": "https://www.ibm.com/support/pages/node/865556", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:41:22", "description": "## Summary\n\nTransport Layer Security (TLS) padding vulnerability via a POODLE (Padding Oracle On Downgraded Legacy Encryption) like attack affects TPF Toolkit. \n\n## Vulnerability Details\n\n**CVE-ID**: [_CVE-2014-8730_](<https://vulners.com/cve/CVE-2014-8730>) \n \n**DESCRIPTION**: Product could allow a remote attacker to obtain sensitive information, caused by the failure to check the contents of the padding bytes when using CBC cipher suites of some TLS implementations. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via a POODLE (Padding Oracle On Downgraded Legacy Encryption) like attack to decrypt sensitive information and calculate the plaintext of secure connections. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/99216_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/99216>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nTPF Toolkit 3.6.x, 4.0.x, and 4.2.x\n\n## Remediation/Fixes\n\nAll current versions of TPF Toolkit ship JREs that are not impacted by this vulnerability. However, TPF Toolkit provides a Remote System Explorer (RSE) daemon that runs on Linux for System z. This daemon relies on the Java that is installed on that system. Ensure that the Java level currently installed on your Linux for System z system is up to date. The minimum level of Java that is required includes the fix for [vulnerability CVE-2013-0169](<http://www.ibm.com/support/docview.wss?uid=swg1IV37656>).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-08-03T04:23:43", "type": "ibm", "title": "Security Bulletin: TLS padding vulnerability affects TPF Toolkit (CVE-2014-8730)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2014-8730"], "modified": "2018-08-03T04:23:43", "id": "69F32F166EB30A983D321FEF01D6359F9C720CB30502BC0DC1A0C7C9E4BECE5F", "href": "https://www.ibm.com/support/pages/node/522689", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:53:00", "description": "## Summary\n\nIBM Systems Director contains a version of IBM Java SDK that contained vulnerabilities CVE-2013-0169, CVE-2013-4002.\n\n## Vulnerability Details\n\n## Abstract\n\nIBM Systems Director contains a version of IBM Java SDK that contained vulnerabilities CVE-2013-0169, CVE-2013-4002.\n\n## Content\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>)\n\n**Description:** Allows Remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/81902> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVE-ID:** [CVE-2013-4002](<https://vulners.com/cve/CVE-2013-4002>)\n\n**Description:** The XML Parser that is shipped with the IBM Java SDK is vulnerable to a denial of service attack.\n\nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/85260> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected products and versions\n\nFrom the IBM System Director command line enter **smcli lsver** to determine the level of IBM System Director installed.\n\nIBM Systems Director: 5.2.x, 6.1.x.x, 6.2.x.x, 6.3.x.x\n\n## Remediation:\n\nUpgrade to IBM systems Director 6.3.5, or open a PMR with support to request an APAR. Emergency fix may be provided where technically feasible.\n\nTo upgrade, visit [ Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Director&product=ibm/Director/SystemsDirector&release=6.3&platform=All&function=all>) and select SysDir6_3_5_<Platform> update package for IBM Systems Director.\n\n## Workaround(s) & Mitigation(s):\n\nNone\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>)\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n13 November 2014: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.\n\nNote: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T01:30:01", "type": "ibm", "title": "Security Bulletin: IBM Systems Director (ISD) is affected by vulnerabilities in the IBM Java SDK (CVE-2013-0169, CVE-2013-4002)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-4002"], "modified": "2019-01-31T01:30:01", "id": "635552E99951D8D5AEBD584BBE0C8D1EBBAE770AEE83BA96CDC88B692C2A1891", "href": "https://www.ibm.com/support/pages/node/865554", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-09-29T18:27:35", "description": "## Abstract\n\nMultiple security vulnerabilities exist in the IBM Java SDK/JREs that are shipped with IBM FileNet System Monitor/IBM Enterprise Content Management System Monitor product.\n\n## Content\n\n \n**VULNERABILITY DETAILS: ** \n \n \n**DESCRIPTION: ** \nThe IBM FileNet System Monitor/IBM Enterprise Content Management System Monitor product ships with IBM Java SDK/JREs The IBM Java SDK/JREs are based on the Oracle version of the SDK/JRE. In February 2013, Oracle has released critical patch updates (CPU) that contain security vulnerability fixes. These issues are present in the IBM JDK/JREs that are shipped with the System Monitor product. \n \n**CVEID: **CVE-2013-0440 \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81799_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81799>) \nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n**CVEID: **CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nThe following versions of the System Monitor product are potentially affected: \n \nIBM FileNet System Monitor v4.5.0 \nIBM Enterprise Content Management System Monitor v5.1.0 \n \n \n**REMEDIATION: ** \n \n**For IBM FileNet System Monitor v4.5.0:** \n \nUpgrade to the platform specific version of the IBM SDK/JRE that is available in IBM FileNet System Monitor v4.5.0 Fix Pack 3. \n \n**For IBM Enterprise Content Management System Monitor v5.1.0:** \n \nUpgrade to the platform specific version of the IBM SDK/JRE that is available in IBM Enterprise Content Management System Monitor v5.1.0 Fix Pack 1. \n \n \nIf you need further assistance, please contact IBM Support. \n \n \n**REFERENCES: ** \n[](<https://www-304.ibm.com/support/docview.wss?uid=swg21496117&wv=1>)[\u00b7 __Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>) \n[\u00b7 __On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _ \n[\u00b7 __CVE-2013-0440____ __](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE--2013-0440>) \n[\u00b7 __CVE-2013-0169__](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE--2013-0169>) \n\u00b7 _X-Force Vulnerability Database _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/81799_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81799>) \n\u00b7 _X-Force Vulnerability Database _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[\u00b7 _Security Bulletin: WAS - Oracle CPU Feb 2013_](<http://www.ibm.com/support/docview.wss?uid=swg21627634>) \n[\u00b7 _Updated Release of Oracle Java SE CPU Advisory Feb 2013_](<http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html>) \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**CHANGE HISTORY** \n12 July, 2013: Original Copy Published \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring Syste