Lucene search
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-4057.NASLHistoryDec 08, 2017 - 12:00 a.m.
Debian DSA-4057-1 : erlang - security update (ROBOT)
2017-12-0800:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
It was discovered that the TLS server in Erlang is vulnerable to an adaptive chosen ciphertext attack against RSA keys.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-4057. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(105089);
script_version("3.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2017-1000385");
script_xref(name:"DSA", value:"4057");
script_name(english:"Debian DSA-4057-1 : erlang - security update (ROBOT)");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"It was discovered that the TLS server in Erlang is vulnerable to an
adaptive chosen ciphertext attack against RSA keys."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/source-package/erlang"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/jessie/erlang"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/stretch/erlang"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2017/dsa-4057"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the erlang packages.
For the oldstable distribution (jessie), this problem has been fixed
in version 1:17.3-dfsg-4+deb8u2.
For the stable distribution (stretch), this problem has been fixed in
version 1:19.2.1+dfsg-2+deb9u1."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:erlang");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
script_set_attribute(attribute:"patch_publication_date", value:"2017/12/08");
script_set_attribute(attribute:"in_the_news", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/12/08");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"8.0", prefix:"erlang", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-asn1", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-base", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-base-hipe", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-common-test", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-corba", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-crypto", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-dbg", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-debugger", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-dev", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-dialyzer", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-diameter", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-doc", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-edoc", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-eldap", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-erl-docgen", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-et", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-eunit", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-examples", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-gs", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-ic", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-ic-java", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-inets", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-jinterface", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-manpages", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-megaco", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-mnesia", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-mode", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-nox", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-observer", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-odbc", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-os-mon", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-parsetools", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-percept", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-public-key", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-reltool", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-runtime-tools", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-snmp", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-src", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-ssh", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-ssl", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-syntax-tools", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-test-server", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-tools", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-typer", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-webtool", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-wx", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-x11", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"8.0", prefix:"erlang-xmerl", reference:"1:17.3-dfsg-4+deb8u2")) flag++;
if (deb_check(release:"9.0", prefix:"erlang", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-asn1", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-base", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-base-hipe", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-common-test", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-corba", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-crypto", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-dbg", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-debugger", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-dev", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-dialyzer", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-diameter", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-doc", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-edoc", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-eldap", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-erl-docgen", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-et", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-eunit", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-examples", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-gs", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-ic", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-ic-java", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-inets", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-jinterface", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-manpages", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-megaco", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-mnesia", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-mode", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-nox", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-observer", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-odbc", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-os-mon", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-parsetools", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-percept", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-public-key", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-reltool", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-runtime-tools", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-snmp", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-src", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-ssh", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-ssl", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-syntax-tools", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-tools", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-typer", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-wx", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-x11", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"erlang-xmerl", reference:"1:19.2.1+dfsg-2+deb9u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | erlang | p-cpe:/a:debian:debian_linux:erlang |
| debian | debian_linux | 8.0 | cpe:/o:debian:debian_linux:8.0 |
| debian | debian_linux | 9.0 | cpe:/o:debian:debian_linux:9.0 |
Related
redhatcve
redhatcve
CVE-2017-1000385
2019-10-10 04:06:20
nessus
nessus
Debian DLA-1207-1 : erlang security update (ROBOT)
2017-12-18 00:00:00
Fedora 27 : erlang (2017-9e6df1e099) (ROBOT)
2018-01-15 00:00:00
Photon OS 2.0: Erlang PHSA-2020-2.0-0251
2020-06-06 00:00:00
openvas
openvas
Fedora Update for erlang FEDORA-2017-93b6236635
2017-12-14 00:00:00
Debian: Security Advisory (DSA-4057-1)
2017-12-07 00:00:00
Debian: Security Advisory (DLA-1207-1)
2023-03-08 00:00:00
prion
prion
Code injection
2017-12-12 21:29:00
osv
osv
CVE-2017-1000385
2017-12-12 21:29:00
erlang - security update
2017-12-15 00:00:00
erlang - security update
2017-12-08 00:00:00
veracode
veracode
Improper Encryption Implementation
2019-01-15 09:21:06
debian
debian
[SECURITY] [DLA 1207-1] erlang security update
2017-12-15 11:20:45
[SECURITY] [DSA 4057-1] erlang security update
2017-12-08 06:52:01
fedora
fedora
[SECURITY] Fedora 27 Update: erlang-19.3.6.4-1.fc27
2017-12-12 11:30:02
[SECURITY] Fedora 26 Update: erlang-19.3.6.4-1.fc26
2017-12-12 13:46:08
f5
f5
K42944216 : Erlang vulnerability CVE-2017-1000385
2017-12-27 00:00:00
ubuntucve
ubuntucve
CVE-2017-1000385
2017-12-12 00:00:00
debiancve
debiancve
CVE-2017-1000385
2017-12-12 21:29:00
redhat
redhat
(RHSA-2018:0528) Low: erlang security update
2018-03-15 12:13:10
(RHSA-2018:0368) Low: erlang security update
2018-02-27 16:06:58
(RHSA-2018:0303) Low: erlang security and bug fix update
2018-02-13 16:04:04
cve
cve
CVE-2017-1000385
2017-12-12 21:29:00
mageia
mageia
Updated erlang packages fix security vulnerabilities
2018-01-04 19:48:42
ibm
ibm
Security Bulletin: Vulnerabilities in erlang affect PowerKVM
2018-06-18 01:42:48
photon
photon
ubuntu
ubuntu
Erlang vulnerabilities
2018-02-14 00:00:00
cisa
cisa
Juniper Networks Releases Security Updates
2018-04-12 00:00:00
cert
cert
checkpoint_advisories
checkpoint_advisories
Related for DEBIAN_DSA-4057.NASL