Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-3455.NASL
HistoryJun 16, 2023 - 12:00 a.m.

Debian DLA-3455-1 : golang-go.crypto - LTS security update

2023-06-1600:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10

6.8 Medium

AI Score

Confidence

High

JSON

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3455 advisory.

  • An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle back to previously generated keystream. Repeated keystream bytes can lead to loss of confidentiality in encryption applications, or to predictability in CSPRNG applications. (CVE-2019-11840)

  • A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional Hash Armor Headers. The Hash Armor Header specifies the message digest algorithm(s) used for the signature. However, the Go clearsign package ignores the value of this header, which allows an attacker to spoof it. Consequently, an attacker can lead a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, since the library skips Armor Header parsing in general, an attacker can not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without invalidating the signatures. (CVE-2019-11841)

  • golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client. (CVE-2020-9283)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-3455. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(177400);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/08");

  script_cve_id("CVE-2019-11840", "CVE-2019-11841", "CVE-2020-9283");
  script_xref(name:"IAVB", value:"2023-B-0080-S");

  script_name(english:"Debian DLA-3455-1 : golang-go.crypto - LTS security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
  script_set_attribute(attribute:"description", value:
"The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the
dla-3455 advisory.

  - An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto,
    before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and
    golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the counter
    otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and
    then cycle back to previously generated keystream. Repeated keystream bytes can lead to loss of
    confidentiality in encryption applications, or to predictability in CSPRNG applications. (CVE-2019-11840)

  - A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go
    cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880
    chapter 7, a cleartext signed message can contain one or more optional Hash Armor Headers. The Hash
    Armor Header specifies the message digest algorithm(s) used for the signature. However, the Go clearsign
    package ignores the value of this header, which allows an attacker to spoof it. Consequently, an attacker
    can lead a victim to believe the signature was generated using a different message digest algorithm than
    what was actually used. Moreover, since the library skips Armor Header parsing in general, an attacker can
    not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without
    invalidating the signatures. (CVE-2019-11841)

  - golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature
    verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public
    keys. Also, a server can attack any SSH client. (CVE-2020-9283)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952462");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/lts/security/2023/dla-3455");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-11840");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-11841");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2020-9283");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/golang-go.crypto");
  # https://security-tracker.debian.org/tracker/source-package/golang-go.crypto
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e94138e5");
  script_set_attribute(attribute:"solution", value:
"Upgrade the golang-go.crypto packages.

For Debian 10 buster, these problems have been fixed in version 1");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11841");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/06/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/06/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:golang-golang-x-crypto-dev");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);

var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(10)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);

var pkgs = [
    {'release': '10.0', 'prefix': 'golang-golang-x-crypto-dev', 'reference': '1:0.0~git20181203.505ab14-1+deb10u1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var _release = NULL;
  var prefix = NULL;
  var reference = NULL;
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (_release && prefix && reference) {
    if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : deb_report_get()
  );
  exit(0);
}
else
{
  var tested = deb_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'golang-golang-x-crypto-dev');
}
VendorProductVersionCPE
debiandebian_linuxgolang-golang-x-crypto-devp-cpe:/a:debian:debian_linux:golang-golang-x-crypto-dev
debiandebian_linux10.0cpe:/o:debian:debian_linux:10.0

Related

nessus 11
osv 16
debian 9
openvas 9
exploitpack 1
redhat 16
debiancve 3
checkpoint_advisories 1
githubexploit 1
cve 3
archlinux 1
github 4
ibm 19
wolfi 3
cgr 3
veracode 3
hackerone 1
zdt 1
redhatcve 2
prion 3
ubuntucve 3
packetstorm 2
gitlab 3
nessus
nessus
Debian DLA-2402-1 : golang-go.crypto security update
2020-10-08 00:00:00
Debian DLA-2455-1 : packer security update
2020-11-19 00:00:00
Debian DLA-1920-1 : golang-go.crypto security update
2019-09-16 00:00:00
osv
osv
golang-go.crypto - security update
2020-10-08 00:00:00
golang-go.crypto - security update
2023-06-16 00:00:00
Misleading message verification in golang.org/x/crypto/openpgp/clearsign
2023-08-23 14:38:42
debian
debian
[SECURITY] [DLA 3455-1] golang-go.crypto security update
2023-06-16 21:31:09
[SECURITY] [DLA 2402-1] golang-go.crypto security update
2020-10-07 23:07:56
[SECURITY] [DLA 2455-1] packer security update
2020-11-18 21:02:24
openvas
openvas
Debian: Security Advisory (DLA-2402-1)
2020-10-08 00:00:00
Debian: Security Advisory (DLA-3455-1)
2023-06-19 00:00:00
Debian: Security Advisory (DLA-2453-1)
2020-11-17 00:00:00
exploitpack
exploitpack
Go SSH servers 0.0.2 - Denial of Service (PoC)
2020-02-24 00:00:00
redhat
redhat
(RHSA-2020:2789) Low: OpenShift Container Platform 4.4.11 ose-baremetal-operator-container security update
2020-07-06 20:25:04
(RHSA-2020:3414) Low: OpenShift Container Platform 4.5.5 security update
2020-08-12 04:43:08
(RHSA-2020:2878) Low: OpenShift Container Platform 4.4.12 ose-cloud-credential-operator-container security update
2020-07-14 01:16:05
debiancve
debiancve
CVE-2020-9283
2020-02-20 20:15:00
CVE-2019-11840
2019-05-09 16:29:00
CVE-2019-11841
2019-05-22 17:29:00
checkpoint_advisories
checkpoint_advisories
Google Golang Crypto Denial of Service (CVE-2020-9283)
2020-10-25 00:00:00
githubexploit
githubexploit
Exploit for Improper Verification of Cryptographic Signature in Golang Package Ssh
2020-06-02 10:55:37
cve
cve
CVE-2020-9283
2020-02-20 20:15:00
CVE-2019-11840
2019-05-09 16:29:00
CVE-2019-11841
2019-05-22 17:29:00
archlinux
archlinux
[ASA-202003-4] golang-golang-x-crypto: denial of service
2020-03-08 00:00:00
github
github
Improper Verification of Cryptographic Signature in golang.org/x/crypto
2021-05-18 15:29:31
Golang/x/crypto message forgery vulnerability
2022-05-24 16:46:15
golang.org/x/crypto/salsa20/salsa uses insufficiently random values
2022-05-24 16:45:25
ibm
ibm
Security Bulletin: A vulnerability exists in golang x/crypto (CVE-2020-9283) which is consumed by IBM CICS TX Standard
2023-02-14 21:14:53
Security Bulletin: A vulnerability exists in golang x/crypto (CVE-2020-9283) which is consumed by IBM CICS TX Advanced
2023-02-14 21:04:36
Security Bulletin: GO is is vulnerable to a denial of service on IBM Watson Machine Learning on CP4D
2021-05-03 15:17:07
wolfi
wolfi
CVE-2019-11841 vulnerabilities
2024-04-27 03:16:47
CVE-2020-9283 vulnerabilities
2024-04-27 03:16:47
CVE-2019-11840 vulnerabilities
2024-04-27 03:16:47
cgr
cgr
CVE-2019-11841 vulnerabilities
2024-04-27 03:20:18
CVE-2020-9283 vulnerabilities
2024-04-27 03:20:18
CVE-2019-11840 vulnerabilities
2024-04-27 03:20:18
veracode
veracode
Signature Verification With Malformed Public Keys
2020-02-21 05:23:31
Cleartext Message Spoofing
2019-05-14 07:10:00
Wrong And Predictable Encryption
2019-07-01 07:31:03
hackerone
hackerone
Sifchain: SSH server due to Improper Signature Verification
2021-08-06 17:07:57
zdt
zdt
Go SSH servers 0.0.2 - Denial of Service Exploit
2020-02-24 00:00:00
redhatcve
redhatcve
CVE-2019-11840
2020-04-08 05:31:02
CVE-2020-9283
2021-08-15 06:09:30
prion
prion
Design/Logic Flaw
2019-05-22 17:29:00
Code injection
2020-02-20 20:15:00
Information disclosure
2019-05-09 16:29:00
ubuntucve
ubuntucve
CVE-2019-11840
2019-05-09 00:00:00
CVE-2019-11841
2019-05-22 00:00:00
CVE-2020-9283
2020-02-20 00:00:00
packetstorm
packetstorm
Go Cryptography Libraries Cleartext Message Spoofing
2019-05-13 00:00:00
Go SSH 0.0.2 Denial Of Service
2020-02-23 00:00:00
gitlab
gitlab
Use of Insufficiently Random Values
2022-05-24 00:00:00
Improper Verification of Cryptographic Signature
2020-02-20 00:00:00
Use of Insufficiently Random Values
2022-05-24 00:00:00

6.8 Medium

AI Score

Confidence

High

JSON
Related for DEBIAN_DLA-3455.NASL
nessus11osv16debian9openvas9exploitpack1redhat16debiancve3checkpoint_advisories1githubexploit1cve3archlinux1github4ibm19wolfi3cgr3veracode3hackerone1zdt1redhatcve2prion3ubuntucve3packetstorm2gitlab3