EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1548)

2019-05-14T00:00:00

Description

According to the versions of the openssl - A race condition was found in the session handling code - An out-of-bounds read flaw was found in the - The ASN1_STRING_print_ex function in OpenSSL before - An invalid-free flaw was found in the way OpenSSL - The DTLS implementation in OpenSSL before 0.9.8s and - Off-by-one error in the SSL_get_shared_ciphers function - A NULL pointer dereference flaw was found in the DTLS - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c - It was discovered that the SSLv2 servers using OpenSSL An attacker could use this flaw to decrypt recorded - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote - Memory leak in the zlib_stateful_finish function in - A flaw was discovered in the way OpenSSL handled DTLS - The dtls1_buffer_record function in ssl/d1_pkt.c in - A use-after-free flaw was found in the way OpenSSL - A denial of service flaw was found in the way OpenSSL - A denial of service flaw was found in the way OpenSSL - An invalid pointer use flaw was found in OpenSSL's - Multiple flaws were found in the way OpenSSL parsed - If an application encounters a fatal protocol error and If the application then behaves differently based on Stitched ciphersuites are optimised implementations of - A flaw was found in the way the TLS protocol composes Note that Tenable Network Security has extracted packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : of OpenSSL. This issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash.(CVE-2015-1791) X509_cmp_time() function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially crafted SSL/TLS certificate or CRL (Certificate Revocation List), which when parsed by an application would cause that application to crash.(CVE-2015-1789) 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.(CVE-2009-0590) handled certain DTLS handshake messages. A malicious DTLS client or server could send a specially crafted message to the peer, which could cause the application to crash or potentially result in arbitrary code execution.(CVE-2014-8176) 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.(CVE-2011-4108) in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.(CVE-2007-5135) implementation of OpenSSL. A remote attacker could send a specially crafted DTLS message, which would cause an OpenSSL server to crash.(CVE-2014-3571) in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.(CVE-2012-2110) accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. SSLv2 sessions with the server by using it as a decryption oracle.(CVE-2016-0703) attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.(CVE-2009-1386) crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.(CVE-2009-4355) packets. A remote attacker could use this flaw to cause a DTLS server or client using OpenSSL to crash or use excessive amounts of memory.(CVE-2014-3507) OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of 'future epoch' DTLS records that are buffered in a queue, aka 'DTLS record buffer limitation bug.'(CVE-2009-1377) imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported.(CVE-2015-0209) verified certain signed messages using CMS (Cryptographic Message Syntax). A remote attacker could cause an application using OpenSSL to use excessive amounts of memory by sending a specially crafted message for verification.(CVE-2015-1792) handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.(CVE-2015-0293) ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.(CVE-2015-0286) X.509 certificates. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications.(CVE-2014-8275) then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable 'non-stitched' ciphersuites must be in use. certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).(CVE-2019-1559) the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic.(CVE-2015-4000) the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "EULEROS_SA-2019-1548.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1548)", "description": "According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A race condition was found in the session handling code of OpenSSL. This issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash.(CVE-2015-1791)\n\n - An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially crafted SSL/TLS certificate or CRL (Certificate Revocation List), which when parsed by an application would cause that application to crash.(CVE-2015-1789)\n\n - The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.(CVE-2009-0590)\n\n - An invalid-free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could send a specially crafted message to the peer, which could cause the application to crash or potentially result in arbitrary code execution.(CVE-2014-8176)\n\n - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.(CVE-2011-4108)\n\n - Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.(CVE-2007-5135)\n\n - A NULL pointer dereference flaw was found in the DTLS implementation of OpenSSL. A remote attacker could send a specially crafted DTLS message, which would cause an OpenSSL server to crash.(CVE-2014-3571)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.(CVE-2012-2110)\n\n - It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites.\n An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle.(CVE-2016-0703)\n\n - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.(CVE-2009-1386)\n\n - Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.(CVE-2009-4355)\n\n - A flaw was discovered in the way OpenSSL handled DTLS packets. A remote attacker could use this flaw to cause a DTLS server or client using OpenSSL to crash or use excessive amounts of memory.(CVE-2014-3507)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of 'future epoch' DTLS records that are buffered in a queue, aka 'DTLS record buffer limitation bug.'(CVE-2009-1377)\n\n - A use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported.(CVE-2015-0209)\n\n - A denial of service flaw was found in the way OpenSSL verified certain signed messages using CMS (Cryptographic Message Syntax). A remote attacker could cause an application using OpenSSL to use excessive amounts of memory by sending a specially crafted message for verification.(CVE-2015-1792)\n\n - A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.(CVE-2015-0293)\n\n - An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.(CVE-2015-0286)\n\n - Multiple flaws were found in the way OpenSSL parsed X.509 certificates. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications.(CVE-2014-8275)\n\n - If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC.\n If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable 'non-stitched' ciphersuites must be in use.\n Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).(CVE-2019-1559)\n\n - A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic.(CVE-2015-4000)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2019-05-14T00:00:00", "modified": "2021-02-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/125001", "reporter": "This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0703", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571", "http://www.nessus.org/u?08b55f2d", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4108", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507"], "cvelist": ["CVE-2007-5135", "CVE-2009-0590", "CVE-2009-1377", "CVE-2009-1386", "CVE-2009-4355", "CVE-2011-4108", "CVE-2012-2110", "CVE-2014-3507", "CVE-2014-3571", "CVE-2014-8176", "CVE-2014-8275", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0293", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000", "CVE-2016-0703", "CVE-2019-1559"], "immutableFields": [], "lastseen": "2021-08-19T12:22:57", "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["JAVA_JULY2015_ADVISORY.ASC", "OPENSSL_ADVISORY10.ASC", "OPENSSL_ADVISORY12.ASC", "OPENSSL_ADVISORY13.ASC", "OPENSSL_ADVISORY14.ASC", "OPENSSL_ADVISORY17.ASC", "OPENSSL_ADVISORY3.ASC", "OPENSSL_ADVISORY30.ASC", "OPENSSL_ADVISORY4.ASC", "SENDMAIL_ADVISORY2.ASC"]}, {"type": "altlinux", "idList": ["5465F07D1A6D03822732077D9B208F0B", "758E6D870DDEA68E74011E577E986457", "E210B5D4B7259AFCE092F9D1D5E8FDD0"]}, {"type": "amazon", "idList": ["ALAS-2012-038", "ALAS-2012-072", "ALAS-2012-073", "ALAS-2014-391", "ALAS-2015-469", "ALAS-2015-498", "ALAS-2015-550", "ALAS-2015-569", "ALAS-2015-570", "ALAS-2015-571", "ALAS-2015-586", "ALAS-2016-682", "ALAS-2019-1188", "ALAS2-2019-1188", "ALAS2-2019-1362"]}, {"type": "archlinux", "idList": ["ASA-201501-2", "ASA-201503-16", "ASA-201503-17", "ASA-201506-3", "ASA-201507-16", "ASA-201601-32", "ASA-201601-33", "ASA-201903-2", "ASA-201903-6"]}, {"type": "arista", "idList": ["ARISTA:0011", "ARISTA:0018"]}, {"type": "atlassian", "idList": ["ATLASSIAN:CONF-38295", "ATLASSIAN:CONFSERVER-38295", "ATLASSIAN:JRA-44296", "ATLASSIAN:JRASERVER-44296", "CONFSERVER-38295", "JRASERVER-44296"]}, {"type": "centos", "idList": ["CESA-2007:0813", "CESA-2007:0813-01", "CESA-2007:0964", "CESA-2007:1003", "CESA-2009:1335", "CESA-2010:0054", "CESA-2010:0163", "CESA-2012:0059", "CESA-2012:0060", "CESA-2012:0518", "CESA-2014:1052", "CESA-2015:0066", "CESA-2015:0715", "CESA-2015:0716", "CESA-2015:0800", "CESA-2015:1072", "CESA-2015:1115", "CESA-2015:1185", "CESA-2015:1197", "CESA-2015:1228", "CESA-2015:1229", "CESA-2015:1230", "CESA-2015:1526", "CESA-2016:0372", "CESA-2019:2304", "CESA-2019:2471"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2008-014", "CPAI-2014-1127", "CPAI-2014-1892", "CPAI-2015-0039", "CPAI-2015-0494", "CPAI-2015-0586", "CPAI-2015-0802", "CPAI-2015-1158"]}, {"type": "checkpoint_security", "idList": ["CPS:SK33695", "CPS:SK35708", "CPS:SK71821"]}, {"type": "cisa", "idList": ["CISA:C6FC512213BBB287A39B2B11F25268A6"]}, {"type": "cisco", "idList": ["CISCO-SA-20150310-SSL", "CISCO-SA-20150320-OPENSSL", "CISCO-SA-20150612-OPENSSL", "CISCO-SA-20160302-OPENSSL"]}, {"type": "citrix", "idList": ["CTX201114", "CTX216642"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:2612C84317452E216670EAF7C553C9D4", "CFOUNDRY:9508E80FC3841EA0C8796974EB59D970", "CFOUNDRY:ECE571CA3959D17438D4F74EAB109B4B"]}, {"type": "cve", "idList": ["CVE-2007-5135", "CVE-2009-0590", "CVE-2009-1377", "CVE-2009-1386", "CVE-2009-4355", "CVE-2011-4108", "CVE-2012-0050", "CVE-2012-0390", "CVE-2012-2110", "CVE-2012-2131", "CVE-2014-3507", "CVE-2014-3571", "CVE-2014-8176", "CVE-2014-8275", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0293", "CVE-2015-0534", "CVE-2015-1789", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-2723", "CVE-2015-3571", "CVE-2015-4000", "CVE-2015-8176", "CVE-2016-0703", "CVE-2019-1559"]}, {"type": "debian", "idList": ["DEBIAN:DLA-132-1:941A7", "DEBIAN:DLA-1701-1:59A22", "DEBIAN:DLA-1701-1:65168", "DEBIAN:DLA-177-1:BC085", "DEBIAN:DLA-247-1:99960", "DEBIAN:DLA-303-1:590A1", "DEBIAN:DLA-33-1:85002", "DEBIAN:DLA-507-1:8A944", "DEBIAN:DSA-1379-1:9887D", "DEBIAN:DSA-1379-1:DC268", "DEBIAN:DSA-1379-2:1563C", "DEBIAN:DSA-1379-2:61285", "DEBIAN:DSA-1763-1:45CAE", "DEBIAN:DSA-1888-1:9C570", "DEBIAN:DSA-1970-1:9C793", "DEBIAN:DSA-1970-1:F15BE", "DEBIAN:DSA-2390-1:7F77A", "DEBIAN:DSA-2454-1:93836", "DEBIAN:DSA-2454-2:7B396", "DEBIAN:DSA-2998-1:7D1C0", "DEBIAN:DSA-3125-1:14B8F", "DEBIAN:DSA-3125-1:8906F", "DEBIAN:DSA-3197-1:88E12", "DEBIAN:DSA-3197-1:95CA8", "DEBIAN:DSA-3197-2:1B781", "DEBIAN:DSA-3197-2:E7D2C", "DEBIAN:DSA-3287-1:1A401", "DEBIAN:DSA-3300-1:1F74C", "DEBIAN:DSA-3316-1:0E231", "DEBIAN:DSA-3324-1:377E6", "DEBIAN:DSA-3339-1:3BF63", "DEBIAN:DSA-3688-1:3F736", "DEBIAN:DSA-4400-1:84438"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2007-5135", "DEBIANCVE:CVE-2009-0590", "DEBIANCVE:CVE-2009-1377", "DEBIANCVE:CVE-2009-1386", "DEBIANCVE:CVE-2009-4355", "DEBIANCVE:CVE-2011-4108", "DEBIANCVE:CVE-2012-0050", "DEBIANCVE:CVE-2012-0390", "DEBIANCVE:CVE-2012-2110", "DEBIANCVE:CVE-2012-2131", "DEBIANCVE:CVE-2014-3507", "DEBIANCVE:CVE-2014-3571", "DEBIANCVE:CVE-2014-8176", "DEBIANCVE:CVE-2014-8275", "DEBIANCVE:CVE-2015-0209", "DEBIANCVE:CVE-2015-0286", "DEBIANCVE:CVE-2015-0293", "DEBIANCVE:CVE-2015-1789", "DEBIANCVE:CVE-2015-1791", "DEBIANCVE:CVE-2015-1792", "DEBIANCVE:CVE-2015-4000", "DEBIANCVE:CVE-2016-0703", "DEBIANCVE:CVE-2019-1559"]}, {"type": "exploitdb", "idList": ["EDB-ID:18756", "EDB-ID:8873"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:7E23ECB6ACB9195DA6326D4A18279A6B", "EXPLOITPACK:B68BB9381148CAC1A9824EB84CA5D160"]}, {"type": "f5", "idList": ["F5:K15358", "F5:K15573", "F5:K16123", "F5:K16136", "F5:K16317", "F5:K16321", "F5:K16323", "F5:K16674", "F5:K16913", "F5:K16914", "F5:K16915", "F5:K16920", "F5:K17454", "F5:K18549143", "F5:K8106", "F5:K95463126", "SOL15351", "SOL15358", "SOL15366", "SOL15388", "SOL15405", "SOL15417", "SOL15573", "SOL16123", "SOL16136", "SOL16285", "SOL16317", "SOL16321", "SOL16323", "SOL16674", "SOL16913", "SOL16914", "SOL16915", "SOL16920", "SOL17454", "SOL8106", "SOL95463126"]}, {"type": "fedora", "idList": ["FEDORA:0247660876CD", "FEDORA:08AC0606CFA2", "FEDORA:09F5C6091601", "FEDORA:13A9D6049716", "FEDORA:13B146087AAB", "FEDORA:1B5E26014558", "FEDORA:2A08D6087C06", "FEDORA:2BE5D60BDFEF", "FEDORA:2C4EB601455B", "FEDORA:340B120DED", "FEDORA:3733C6079D2E", "FEDORA:40D44605DFE4", "FEDORA:4227660CA765", "FEDORA:4C502110FE5", "FEDORA:5429A1108EB", "FEDORA:5CD8320BD3", "FEDORA:6CE3D20E51", "FEDORA:6EB0220FFA", "FEDORA:6F712609154B", "FEDORA:776A61D72B0", "FEDORA:7B6536093B4C", "FEDORA:7C53320C61", "FEDORA:7DB7E10F8B0", "FEDORA:817C710F8A2", "FEDORA:8385C29043", "FEDORA:8ED3020FF6", "FEDORA:997B660D68A4", "FEDORA:A271421BA0", "FEDORA:A69386143D9F", "FEDORA:AD9B611063F", "FEDORA:B5B2D600DD01", "FEDORA:BA97628855", "FEDORA:C411B20546", "FEDORA:C4B9C600DD15", "FEDORA:C5613607A3CF", "FEDORA:C7B0010F8AD", "FEDORA:CA1A06087CE1", "FEDORA:CA868607A1CD", "FEDORA:CBD0920588", "FEDORA:D0DE56087498", "FEDORA:D331C6087C6A", "FEDORA:D560A20FC7", "FEDORA:D9C0A2139E", "FEDORA:DBB0F21109", "FEDORA:DDD696087CE5", "FEDORA:DF12460167D9", "FEDORA:E67696087B8D", "FEDORA:EC81E60167DA", "FEDORA:L9FK5UIB022989", "FEDORA:L9I2PTVZ007013"]}, {"type": "fortinet", "idList": ["FG-IR-15-008", "FG-IR-15-013", "FG-IR-15-014"]}, {"type": "freebsd", "idList": ["2AE114DE-C064-11E1-B5E0-000C299B62E1", "44D9DAEE-940C-4179-86BB-6E3FFD617869", "4E536C14-9791-11E4-977D-D050992ECDE8", "5C5F19CE-43AF-11E1-89B4-001EC9578670", "7184F92E-8BB8-11E1-8D7B-003067B2972C", "7700061F-34F7-11E9-B95C-B499BAEBFEAF", "78CC8A46-3E56-11E1-89B4-001EC9578670", "7B1A4A27-600A-11E6-A6C3-14DAE9D210B8", "82B55DF8-4D5A-11DE-8811-0030843D3802", "8305E215-1080-11E5-8BA2-000C2980A9F3", "8AFF07EB-1DBD-11E4-B6BA-3C970E169BC2", "9D15355B-CE7C-11E4-9DB0-D050992ECDE8", "B71D7193-3C54-11E9-A3F9-00155D006B02", "FBC8413F-2F7A-11DE-9A3F-001B77D09812"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-07:08.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-09:08.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-12:01.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-14:18.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-15:01.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-15:06.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-15:10.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-16:12.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-200710-06", "GLSA-200904-08", "GLSA-200912-01", "GLSA-201110-01", "GLSA-201203-12", "GLSA-201312-03", "GLSA-201412-11", "GLSA-201412-39", "GLSA-201503-11", "GLSA-201506-02", "GLSA-201512-10", "GLSA-201603-11", "GLSA-201603-15", "GLSA-201605-06", "GLSA-201701-46", "GLSA-201903-10"]}, {"type": "hackerone", "idList": ["H1:138179"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20141008-OPENSSL"]}, {"type": "ibm", "idList": ["00D19B3FBF82354675BC83A198849700B5859C5D403B65558D305236E003CCC5", "01248F9A2B5FC0D8512B0420CFF5D341E6709588C362C360A9AAA46F41E5DBCB", "0152A24867252D411C4140FCE0A92FD600DE3BFA39551FF64FE99835850EF5AB", "01C7613943F3CC591C048E0D1322B74B2DBB71CC405DB2130F22513D3B3C07A6", "02868FD8BFCA9A633DC55F29203BFAA2E5E918B96DBA7F26948D507AE685E5BD", "03B10B9331AC311806096F8B6E1ED918478192AD7EDC0BAE425F1D4C760931DB", "03F6BE239E8BF6FDDA6BA3CD245A4F46A3FB8182F139BA77C08E9CD4C4A33FEE", "048AA308C625A32EC6DB549874FC81F6B800BA0EA59A9091A547DCEA6B0243B0", "0605FD787540122AD2849575BC1ADAC8E131947D04B7A26E71551E12B9A939E2", "060D29075221E3BD4B66B9D7EDFCE3AD2F7BA256EACA045B6B1D4962B9C60AA4", "06EF6BE90AEC9AA90B449F2F70DD13D3C40402C9D7FEF54FD86A86FC3A820F14", "070B63F4B5AA1ABA57892C3A0B6D95304819C7596D50A577F6DDE75F604323E7", "071B3ECF88492CB6DA63393D64D3FB74AB0EB97331D3FB675F3ED64F4D1398E2", "082DD4D3D5A2230E0A249956C9D5318C077607F91E27D9FBA96469263417C232", "0893E70006D12DA64F90A37834AE0AB00F7BEA33DBC0D93F9D24B5BCC61A16C0", "09831B786252126B878AC9EABFBCE379EA9C3C3E1037D0BFEA997E58E13D41B2", "09EFBF1EDC3D056A4C55B6D328B0019A52124F7A8C7DCA88E25031BCFD79F86E", "0A204DD5BCD9CB120DDB3468A70472E922DC429770CAC8B466E7319ED3FCC1AE", "0A44E07BB2A053DB368C1875C0DF192A839436B073C821EA679DBB1D234D95FD", "0A5B13C8983BE4491518367535A0427B2CBE5B0B75C8384C4657D2E9D8B12509", "0B963717F89450DA332A8F619DDD9CE7A603E588666B7A5DE7227A89ADD7D81D", "0C850FECD02720FE8E127F730E7172757B14E40919BABE4F7D431689A5B199DB", "0CA188EFC7CDADE90601F290707CAA5BD78A8BC55F51F5FEBB8DE6973755F589", "0CB790755A86B581A38C5E6BE6E3A26223CD5CF0D217D9AF43702EEF9E45DABD", "0CCDE2588D4F0DF43FF2D083F2555ADD77C81EA2A8D82A1E01E8FA2C528C4FF6", "0E590EFB6D614D8103D658B846E5BD6F764F863915EF59402CC127C643059264", "0E96665079E56894EA39AFB24283955B35E3838213DCD87205604F5B1858EEA7", "0EC5DE74619B5AB53A50C54C0FF6254EEA3E64A614AB412757FA4BA050D69E92", "0F73246124CA58D05064BB5D07082DCA6F2A1D48630CAAC82BCFFB4A71F45CA7", "0F8EC0887570E466DCF4213DD901C1A007B8EFDAA1B999193C4CC4FDB9F8F7E4", "104BE807C8577FF816DF414B5A588FABB581711BB54758F6F49C7CAC17CD68BE", "105582E22A7635AD8A17D8C4E6AD9235767052B536331FB67C1F6CCC68F2D519", "119B5A3507435FD3473080875B6B7AF68221D32E82A66EED05FDD9930B10DCD8", "11D2941D2C8C3F09B99B7AD0F337748E31169A5FE52F793E615EFEA790066C89", "120FC7D8C2D6504C05B7406BAA4280E35A324B682513765C374D6393B0000A38", "129E5B62D60732128A0EC19397E58D4329EE7F4D46AC1C97DF6F8DFCAEB8C3C7", "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "16D1F72B420359840AE37862AB74ECCB3D37CA9B85E35C939733EF050CB40774", "172D3E3C5C882F5D472A4A74B4E53BDADD9B0BCA3C3A708F78EF6029720B4088", "176D5CD01A7F2E8EB250E29435C16F0F0F2E2585C8F6AF8AC1B966FFB7196339", "17AAE450F310086D4166260C3D7401EFFCA0AD046F3AAB686EC04C4D078A9900", "1943EE4A2FC01AE8110B277F67FBB5B53651E812990FF383F2F98C2CB99A7DE3", "195541CD2BA937A3BB0A7397C09609D5420503A1075FF5FF37913A345D7C1034", "196413B4A4D60DFE9C5098FCCE862C6CE711D87A87BCF9586576D1217A003146", "19BAD6F2822491CD49AF8A4F6AC73EF44C9495EF87508108BB52FBCE60E7ACEE", "1A6ED5D827C9B7F2277B3D67DC5CF6E6E0140AD47BEA97E4D1117C4DB04282EC", "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "1B755340AB85F56712AC1A5665726B1615F45301F00A98F49618E3BAB395E495", "1BBF2A32FAD2400D9BC729236743DB5BA10E71E968751393DCCFA07C879D7E68", "1CF268B0D4FB3999ED25A6329F709202667B2DF30779DF93DF90B6370EA86F19", "1D40C0819F4BA8B6A1180101B94544CA007BE7EC0B837D8B5C0B368FEB511FBB", "1DC0A9C6D3EFE4EEA571DAAA9286B8F974D5ECF8F3BAAA188781D697B6DC2546", "1E8933569F7AACD6AB5F73196F8930386DBFB5F49E264DAFEB5AC02CAFAFCCD1", "1E9B9D4DDB40D18727D4206F573E21C89F52C2E88F8950F063AC97CC123B82A3", "1F234EFC9BCA33D00375D73A19EA38D309527628B71CCB02CAF517D9F70083C2", "201018C415242F0DA1C06575A912CA5C445B3279D15C72F87C78C22FECC5D78A", "20A60366A6B11F11A4C8590ACA474E9EA294C7470472FDEDE1C30AC18D935A5C", "20D0587F4328611B058FFA9CCDF6634A8C1FCE487A318D5E9C8B6C6DD9D211FD", "20D9FD73B42624C1C3513A1858097222D9BA0D6A9B0665F5A6BD5CD4ED315DA2", "22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "2345A09A06FF03DD52F416136562E375A6BB2802869546A41ABC055F6BACF501", "23E0854DA6601EECDAEE0594F591A86488CF01BE66C9986367D644B338C9D2A6", "27429FD98ECDD9177285F700AB3368E1A2EBE81472EDEAD4DE2A87D7C8D6C827", "2930C0659C99BD7CD4CED03E14D21540AD370CD5959742FBE33EAA5AEC0326A8", "2A5E5140226F7DD38A791DE1E8EE7913E3512D8FCB1A86411DA5AFF49D8E6F4A", "2B57635893A008B30DACCBFC585DFBEFC6815B10A081CE771A451CBB98704E62", "2CBBD45F30EBDD9AF79E128709B5FA169B4D42EC7E63984FB628059AD9D57EEF", "2CCCFECF7034A5A1D355B5AC5A6B9921B110FA2AC9C433FE292E8D3F30B1DBB1", "2D559605991F1CA79052D638B7A30228E86D07AFDF258611970D276D5AA39F4B", "2DF1CCE4C0076BB309C1AA72D401DA8F559F899C795F18EA0EEEE907585BE959", "2E297F07BFC27CD4C73DB7D7F1E9A96CB53D7EE02554221FBABA64A2F768EB20", "2ED145A3D0DAD8C68DF27E1A2AC44E5C0F6FCB3E61B424CEE475A6F6ABFEFE3B", "2F044E6D3403CF1CE244F404A02D2A1E0F016AD4BEEC5C72C153F07E02439876", "2F9EB7050356C406E631B5274AEC53CACCB554C8B5CBCF823A2680028726AAAC", "2FE25685E021FF1A9C831364B6F5965095F1E1B81C165A2C647499A7FF03D904", "2FE668D42E62E785093F7A1383964B8536CAA9C60BA914F71D88C743276D15F7", "306F0F5B9EBAA5A123DBEA7D5C32E94515078239AFA1D40465B7275E07FFDD37", "3178FA6550D0CA5B7581AFF56C262B6690B66E92C74AD43816F432ADEEC8DBD8", "32E92A6481805BA68ACC511BAB87E407FC3E1923CBFC0C98828FADD46A9C2827", "33596AE0FA9A021B9CBE43189EBF694196A79229432AAACF2EF64E319DC3AFBE", "338304DCD8CF4EC836318AF17BD1C0C6B40E0F07321A15BBDC23429C37312D7C", "33E446653684C8F37AD155539374A65A238DF0BC016027B5D6D5CE61B76C76ED", "34CFE8125A8881CC719C7F836804991085EA547A7871860AB1BFE0DB8E83422D", "350561C51ADC56A7A47A3AB00486E7898D385E180C290199CC17668E2C1E0A83", "35CE36470C6858208CBE35C645C86A8D11D93A44B60AA51330017D13664912F6", "36925FCD99306C01EA66932905F954FF401591329BEF9AA70C7DE926FE9CD481", "36DFBA3A2119551C6D14656B2EA79D2DAD4DA46982BD0D496ED45568D8A36444", "36F32F68F4BFE56F5E777B22269600DC86C75E87FD92A37FAD8AFEC19245E1E9", "370720DD138E7F0A22E9D2EC7B9B753467F08D4E08DA37215653D937EDB0E545", "3723EB5EE1696AF23199CD7B03276C9E99403C2818DBCF7BB781BB6CBEBD8B4C", "376881B708EE709A23D7CF26BB3E3EFE99A529E7B07BD86A464ECD42C2CA569D", "3914F89701B11912370AA7A10C51367660DDC51A0A130EE9133A841C7FF0285C", "3AA650910666E98C0573D6657EA9BD60358BB10F4C9FD9F21CB8C4A0772CEB90", "3B89A4A548FBB52BBFB9DB182C4EE146D4A3117872EA7C10FB010AAD3109C9D8", "3C37A4D590FB68C9A8E04A39047280D96920D7DC8C3F53505F4CE6EE9ED89688", "3CC341F512B972FA400DC2567F88C930644A1B4BA4DC7920EA85D111D730075C", "3D11711766831C1DEFF21F09EC64C31CAAC48E44F8C76BF87B88E9EFFA175EF2", "3F49FAB071AC220CFD95C66066F1E79691E4808BDCDA190649941EBBCE120D6E", "3F4AC905A4659886D4FC5BE38C6482D1DE3A6493436B82AA220F0C083EB26CCE", "412A23698346485ED0CCEA67B67B235B702886E4DF8B7C006C90674AF9BC802B", "414CD2ED8A4DB39966322AAA5EC3E25F6665F6B43B7145FD3AAB4B99AEF6A15C", "41D7B31F50BFF0B30F52BE3ECA40AA791FAC5852FDE89E07DBBB24ABFD0F4537", "424AD9C14BC6E654796939B2A04098E63ED127E8B8F95697A9A6DB2594D854D9", "42A08ACF820559CD46AD9183555EA45C8A00FF50E8C1680DAFAD61BCBF3B2E1C", "44581CEFAAC57F6BA083046E8D17AC3B05F7A3FDCFB70055DF3548236FC99CA6", "44589493FF1F7E61781AB0D49A88F15240A845DD679EBEADE857A5A1CBFB0148", "456C529F31DA6640A3957D0434060FC5A0B534D5248ACDC94996B73B3F544122", "45A391F0E1CE99679546039D2F1C0C8B6B2EDCC706278DE6C16010592663C5F8", "45F1C26D25DC54B1111841C7E8AF4B04A66D3C9CACBB5F447E428D3CDDC00C57", "467A4726E3E7AEF66C203B003944DA9B03EEFBD2B1D75CD15AF1455C2AF4B2E8", "473B42A0AD3ADFD11193F1FA0491433B6C2F49AB442C2703D8ED509C2300C6D6", "47AF03D5B875DF997A0E07D4AEDC4A80509D8693F5D0D2798C6428A6AB895C98", "4935877E22DC9C911567F03D884192F602E3F742C6E7A4E03C956A665117908C", "4B1403A2A854C3358EEDF7DDEBB346B2846BD8FAB7B18701B8EF4F762A75BEE5", "4BD0DFC4EA5C8F35DAE1CAB11062FBDF5B950423CAC42536F2727916ED8065D5", "4D0AFF3232340343E969D4C82C6453E163235BEF49C0404FAB7B374B0049A1D1", "4D12E5BE07979EF0E8D6872D8803DB6EC73BE7AC4A1682631BC85622BE9A7B7F", "4D31930803D2C479476478125462D5DBFB1429D04F74E21FE79B6C97E7168687", "4E5AB790697553E0DD05AA9FB4B4B935D4F29DC9A935CD5E4CF4F19176B06997", "502738BED676A72BA009ACC3FF8AE391A5C72BD07ACC6BCDD41E1CFA52F10F02", "51E9677DC7CA30EEB7E2A2C4B951304276D0C0BC8FBDD6AAD398EFC6ACA57077", "5276D07236F09D5D4E1A38B4E304BC335E677F2639AAB1A09809E9794F9A17E1", "52A5398094130E1B0A40291225AFDAF806D3B8B80AD7F16F186739DA6E836335", "52BFEC965C91FFF9EB67268FE505ABA82DAD2FDA3420E0AE67F8478C590BB2EA", "5329CD1C63D2F95E92A27532DD149EA30C54823558FD6ECF9F637F7793762B35", "5456485B8C11147F0268CBD3CE78D642DD6C83E91EF7D3CF6FD3CED026F38978", "54B24FB930A5B52A3EE2BE0710A1197AA5E07DB7049A776A73BD917EC40981E0", "561CEC1045BBBD68C46C295237A02CBBD538F6877212896605834C5043950E47", "567C15075E9484A28990EB25FA44FEDA308784635D8C000E7696260435ECDB4A", "573D5194C5FA6D57BF7D7107395D0823BF59A24F4A6BFB8961AB7839F18340F7", "57C16E3BD2286320928A05596A968D22220B643925F26C41E1EC7F23BC8C4E85", "57D2B44B0BDBE18665618368148AA52E4651641C5FADC62DDCBB1A51F9CF8997", "583215B42F049307CBBCA8930CB40F87016DA7B011EFC8B5B01AB18DCA1B1F3E", "58412E5FA48E2D168DC55974A06B34EF02A959C470B9DAA6DC3F0557FDD205A2", "5884DB36BB444C82DF22D31A407164BD9785D01D1382BDD13D8EC0CE83E4CEDD", "5893BCC8180A72A564BE6328A5CE8FFBF90BC8FCCA1FC50585DDD39A15C2CEFA", "58E33C1549EB4DBC850E6823A153E89AA2B58543688B7109103E107A7E7D2EBE", "5B1C8DFECC490501CCEC802D5035F91EA703BC6739953AA8A6A82F8771D1E1C2", "5B254DCC99E2209F6FACA83F26101D978763475FE86B1AB6AED13E3CBFF9A572", "5B26FD90EB9E8DE2F0D408077305F80DFAAE07C63D10D4B5F66A6C16421AE7DF", "5CEDF4ABC8102EFE31F1E382C7CB7946256CECD9CC7CC77381F4E7B32B95F0E1", "5D0CC6456D2278646647F1A4FEFECEB673F2B5D1F99FBBC5755735CEF5AA6268", "5E809025DAFEC4CB7FE0FA92E57B5B479AB4FCA9F07C50F0A73D0E25DCE67AF1", "5EFA61D3F8993C31C0477A0F2B01971CB094CF8BC7EED89CA86652040865EA39", "5F468E7095FD7CDC6ACB31C903D40522F03AE2C875C15B90AB7E04C796279517", "5F5982BCDCCD1BEEE011D85865D8E1FA5890F598765753DCC1F84A5EE6600B63", "5FD769BFC910E3D37C7634DCF2F8B0DBFDFE25709F7583B84D39DAB9F9049AEF", "6049EAD994B493F1A6A1D367EAA1F0E54013DA9CB1563FAC9ED67C5E2642008F", "60D49292EE23D6C413E43502DFDA4A984EF74A28EC05D5B3E28648D57811BF6B", "61D792D53A68F5459B0E68AAA04ADB3AEF6062BD285A307E42C92DBECC437194", "6234195C7E31959F34FEEB3A01B3AE191F8EB55B62E74A9D49559D08BB9DC38C", "6262BE205F59E8505DF0E5E544252E5622A29A2344CC13221C97360D5C215C65", "62B157899AFDFE3350565CDE520C60FAE6A0521AAFEE76BE82BBF76A02C1B3E6", "632EC1479A8EF271A3EE2F0C95E8810361710809923C795C43A3480F642DBB45", "638C98B22A9F0BB90D4061244636E9AADC9DD0A61B56CE2E83831D0F41779F91", "63C3CCB0F9F7D3F9B52D78E67FADB87376A74E33E54991A9087BE885BDABE7C5", "64E4AD96490F998C6406C0F2414B26B1CD38242CD841B6F0B8AA84C8781F01D3", "66481A941DDCE6FDAA9A82898C1CC6CEA6E784E780138DBDD8B4B9BB6ADBA9F4", "6652670EF6E6EDBDD8B1BC971B1388AE4EAD3072A0556537B0DC7258BBDD9001", "6680272534C119E2F4255DAC0A5F66CF25F5D99D47E9760C164E835E0C60EF0F", "6771D22CBA4F411B776687E7E7DFC88A07A853D3773656BFD792DBCA38A8939C", "67EAB74129C18C510D45A8BE4796FB10CA7307ED79A3F5B643D86F3CC71C8995", "67EF437A7EE9F806664D3B7FEB18353C77D537D23FE902D56CE220B1302C1BDA", "6808EC84BE4A9DD5A0B439C6FCE9D4EA1BDF91E3E0DEBF72E5BEFD925D973E99", "690B06C7F5212D7DEEF850B67CA2EC1248A104ACF526D1170F890F3AA37D2285", "69D89C15F10446F71D9C80A3F2F1FDA20D6700BCAD5A4653AF85E49945943989", "69E648231E4EAEC238E7B890A4F1D9D216A2D891B07882A95FBBE3C79E1EEED3", "6A1B2B7D498455FED8A78848C883FAB22D8F5242925205A658F6AF4A8B0172FD", "6A9D776A5DCA8DC833373833D988E134B60F05259FF378B7B8590B9714CF2ECE", "6A9F10812459EF73A9E15F93F874C3243290E6E3B8CEE92E66596534F10DD45C", "6B06224C4F4FE1DC2DEEF0585952BB1198D5AB9DF4AF51A43BE90165FD514D08", "6B8EC9D9D398736C2EB8A35C24912E8DF2080F374923CF0E01A3C9C1156F7639", "6BA7119E438195193182006EE07A8361B9555CA549522A22F76B70DEC940EE67", "6BDF56F65C3EBB10E9D6B916270F354DC4BD1AA4AC9802AC005A5483ABA6BE36", "6D935781C5050EA24039BF71C8B4C8482A3433E742F37A195E5A4AC607F6C603", "6DF3814722A33BAC4382EFDB9DF33B5A2FFEA62B91E068C5925CD8FDD7EED52D", "6E088849F2D21A817D3C2D5C5E8FB823C516F9443AF071C84B5A47DDF587C9A0", "6E1D59D8DA15C192229C7B91737B256FDDDA0BAFAAFEA50D081474B9725B6F60", "6F75E784FFBDDEF009D7DFB08543CF829A176D18612C5AEDAE7729D887E98E89", "6FD6E717B75305543528D1BEF58D43B7011D3813C078AE1AC37D46643FD0D693", "705280D237DEDB26D3D68396BC2097819ADC8127D93D08AF8CFC027E9A703179", "70CA065C8A5F496090B3936BD87C90967EBB780F3EAD55CED4658E970014A8F0", "71214CC681DBA526F334234737E66EEE4E277A6AABC6F29F058AD8A676E36BE0", "715F6FCB6F0439BFFCBB62E35AA259E82714E1A115B2957FFCD8F27BEB0EDCA6", "721E6575EC4195C159F3DFAD38C6122D1576DA30768EE56292CD196BFE358988", "7225EAA4670AED1E5EE9FFAB203E8D2119B1348578CF25E78324793C8AC08B11", "7275F85478A777D644550D45ACA5A98C079C0BECFEE5DDF61F7351735EE1D7D8", "7340E3F23C51568EABC2A1B9C16B7F43FF518BC86EC0742E99E2F706100E06F9", "73613052C113EE53CC4E1916471E2FCF495F0A7CAD286D9F9DD528B4EA3EB491", "74157F70C55D5699B45F201DD61EDF5C806443EF31D766424E8A6EA6B97CD461", "74883CCC877A00E64646F1A01AC3B85889471753497E3ACCE0292F7CF617291F", "74C99E404EC778BC955722CD059E14121139B2EDBB6E0975B91D29DE7ADAB2D9", "7545FC6960BC08536BD63AD777890D26CE8FBACF18C55DCC74C636085DAC612B", "7560A74E2926246941C9FBAEBB3EC98EF899CD0E877EBB53F3C2438F3C7CB29A", "76939420D89EA85824E36A107D8D06F6D50313B1A30EDB1F241F31CDD6B8BB75", "76ED8A969B89E917406E6428B20653B4CA4683B94EF0C818185ED8F868517B34", "7722E300BD7D2FC38840DBC21E0E0C6ED9511E2EF4CF2E053E0F257B55157749", "77344783FD73BE0D0C50AD925B8C713FFC1AE91A30818A2E3D45D382E0AE643C", "7762BA199E7FFD449E5A4723DC9451739D2926263A0C78F0B0DB311557955F32", "780505448CFDA6F44DAB0FC9711C6E3123A88F13D946E6FC1B6414D05760ED33", "784767FFE80144C9433F33E9F5E7E914E5CDFF130540E69102043AD4AC9AEA12", "78A64C39F176939E6FD5A7908A5E672F4858F0C8227A3F04047AC1A3364EDC0B", "796495DF48E896CBE5E4039E801B828FC4C44608DD7CA7205D19E7F3388AC51E", "798DF01FEC95844EBE37C895AD1124D6BC864FAD48501AEF94FBEFB186615380", "79FCBEF61A2776AF8DD1E1A45EE3C1797B73B213949DB38FCB26EC45830722AD", "7A5CFDE0E408F56F63908C5AD8E9CC9CDBD463ED34D1264C150C45B349777C80", "7B6360E6170AE682141272F2B97621DD5EF067C4936470B6CB4CA11B999445C8", "7B7C45F482E6FC81C29C872600E597A4BFEEA39F4A4682A9D96AF33965BDA088", "7B8C3D258DE0833140233067C3E25064503547CDB59CBA01C208C329C6253441", "7B8C92E9AC4C0844C5F46693E5D64A4DA51AE8805503D286BACEE2AB0D71C389", "7BA7D9376555CC5B2B7E08065746897098280BCE50BE977DF3BE95F1EF6FB5F6", "7C001550B5D073B02A2FA99985BDB7A2F6AC2EE0222BBA289113D3D2295DCC6A", "7C51F287AE5EB7BF0D2FCB3EE718675AAC64D70CBDBE4FB433F5412B5AC19C41", "7D14B08C045BFDC910143AB7478EEF037B7EDE9D4C014BE6212BF743A8294BD7", "7D226D01806C1C59E6610F664A15F9D27774FD340AD97273C9BC5E1EA774E83E", "7D8FF151823F9B967307D922CFD4A9025D96759EDDCD392AB7E59A523521BE8F", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7EAF5CB207E5D468583094D39BFEB783DDAF939EF5BB4632C3FB6CBE7F70A7E3", "7F0DDE0F5D7DE31635DCCAA5879AC58EA38419CF46E2435B751A4C7115580615", "7F7D42194E4015B776224531EE3852B2B585177034C5ECE3EE02E228E4FE686D", "7F9D32D042A33237277DC72EE5E58798328B2C5833F9E7376FDD718B9B7B04E2", "7FA5FD5347FF0A5D7312F1E7E1040178A520D530A067CD9BC3046D2F8C2F52FB", "801DF84ED09CB64FFA976AE01C334B98E59C8272DE755C06B9664F28ACA96B90", "807C4AB87E47CA332F6205CBA2C6C1C3C3158B123385BE5D10E64D27338C557A", "80CE5AE28CB63EA9C59DCD3341ADFAF9A6896143362A5AFED51EA3A67C5B5A29", "80D6B1E89C59275C4183B6851642940B058D26DFCF91E2AA2372277A15E831D7", "8151FE1FC38F66BEE7F9FD2111E006A127DE4CA50ED34DCBB8E1BE0AB2FFAB6B", "82A5F2C9706BD66C797BC6A7F8BACE57F9828B34609CF0365037187895397090", "82C91EE8B7C5AB72849CBFAA179C46D63EF5F9AAAEDD96E3D54F211CADA74041", "838185B2913A44E852BC8B77D80730F1A8E62A2DF3C8C992C682B9C59DBF08C9", "83FA7A19C477B3CD7F62A6093A5E7FBA59DD3F7E01AC5792ED206BB8B735873D", "846789997DCEFB7A32413A0C9EE718C547F0FDB6C59E40483311892EE4AED35A", "84A084E8F9C4963B56983A0250FEADD7B92C487E9B12A84B775AD4E5C6D3EBCC", "86068A3EE3A608D1F7EA675B6A18718AB78B3E482DFEBF95682F1449D557C582", "860A6F4A90E1473524A1BB0776ED2CF053E1E0C87D92D06F98AC082E4B68A87A", "863449F544E94148ECAE292EA0F89B22B11E00F7BD3A562706624EA901458C39", "86A0EA0159959C48BE8EE2EC91274A454DF3095B67D0C80CF9DB99E4B05F7F88", "876891B543E663981BBDB1C50F7E5948B40E8F74F942B713B9EC008438EB3C65", "895B02B5C8F08827E0AEB10CCE2D6207A63AB8561B5C9A3C0874680AEF77B77E", "89DBD775E165C8C80EAAC4824D0125B2291970233028B235C3C22D4EAF3CE227", "89E28DE00B780208C4738BFA3895A8309DBA6F3C9B16E54D09B45E894A59C215", "8A34CD2C417DA1A44B2AE802DEA89EA0F52A3566FF092174684FB04555606DB1", "8B2DED0C68ECC00A46CE2034FAB93BA0EEB7F806C221A4FD33002EBA16C90F98", "8B8C66A4898A077124BBB8B80AF8131F97AB4CE33B457487C6EF966698FD1EC8", "8C9587F7869864B7CD3E6A14F5A82A1980553CACD4F24ED3FEEFB284B9586E16", "8CA25202B2188785FD79C25711FCB5D18446E8C45E64324492D7873E5F5129D6", "8CEF20A4DD854A25072AAD111369C8B0A54636F14E321B3AF16041D5C0018B86", "8D55AF808F4D835A74D5852E651EDDB90554321DD81A30095AABCC982F9C3EBC", "8E9500CB7A836CE830956AE86538C7C09FCE8D585A5E1EAC535F42A3E887A065", "8EEBB0B8FAC8DFA33C0405E2C48BAF0FD71BF64FEE9E71DFF45B1738CA5A7E36", "8F73A6D9460746098942CDD034332E627DD5C59C903F65333D90F95100657ED8", "8FA10D2B5F09CE8049145E8FBBC973419F627ACC51529C21F591FE51D3819797", "8FB35C42F60F75A1AF23B29BFD0C97A2C4735E0A8296E7E3F338CE8B868A5871", "9015B3024053E33993F6C31216DAD607F6216CD5AC759977FCFEA2292D1A3F6D", "90B187AAB18271430FE3CD85277543D3D711DFD634CA7A0214510FF1F866C460", "90B8D3F830DC25EE92FE65FEB4FBE9E2884E977E7F2FFEA69541752DDE024E23", "911070BAC03CF80753BA2CFD22E941440752AD66EFED97E91D08BEB5A373CCD1", "91E5C8E603C59E63B4992A9B57D0449E956424E3070988EE228071175327CE74", "937053D178A403D90ADE669A574517EC3D828AFADB2ABAAF335EADA26FB2E061", "9437657736284A97858F6CDD402B769C4DEEB9B4B52059A41B7084497BBE7679", "94B0A84F948BEBD11E6ABCE3D118F7FC06257AEC453FAFBCB09EDFB4AF4C95F8", "94F7B41F1257C267E4A25F1833BC04AD08F160E81172C752AEBC6FD954FC7E9D", "9565FEEA0E13F1CACE459E1DD36D5E9CAB4712E2148193C52D850073C5948478", "95BB23AF17240F37A0CA4C07FBE186783E9A8B795777A5925CFF40F9B2EF2352", "966BEAD90E79446B8744128993496F9D64DA8B378811559F1241DD3DB2BF54F2", "969B869C858F640A6283D702296C23A13A8A64586452AB7E6A37D5DA25ABC7B6", "972ABB22C65A5EE5BE7BF9FDB11795821052D2BA3EF9349B90A2F9B77A8438FA", "97C02974A96BA4CF213F063468C6B79782437EF1F38B1CDE0910068106B844D0", "98405FE25E3DA5375D091614D13CFC6A0C50002D363218BE3123B2C1FCE36FB7", "98DF90031B7BA31AA32E8B46921FD9F2DC1C82F868B4E85A245FC2D6CE4B1B9C", "99252B8C83925477AC9230DB60D185CD3362EAA40BD8AEF0AE7A3FDA1C98939D", "9AB2D7BB05F2A752051EC4130FC7E1F2E2A1E9F630C9F4E8ECB169215683E93D", "9B0ACFF452374706F764D4FEC5E66F5BE1222C2B9DE832C586470B864A90F392", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "9BCF845B5CA74D6E014B06C8443439577D715929466688BE26806C531202ECC4", "9CDD0DA5C2CC81B7E0D8493B9AB1A6692B9BE040FFC0C2BFA76E7CD32DBADFE4", "9D4CE3C1ABE40F94B4BE3EE8C4ACB8067AFF379F67374E38DF455E5F62978BC9", "9E70015B1E21F9D4E75AB5179531E0436A2221EB9C733CCCD18C54837AD30AD6", "9F1EAE184F8F81E7EF066AB9ADC34807AD597CF2027BBE8AB8CDA2E9B96470E6", "A042DFFEFAB56BEC28EAB6257909B67F4E10C707C49B0C58CC25BA610A197897", "A06995A18F242A8E0CE9698293C0ACAED8F503E8D3DAB686F06DDDB4E0B314D5", "A0DD963CB7AEA165FBA4F90643C0271A87C12D393AEFD41EB868C0DE65E18165", "A117FD05762925D936B7D3C2CDFC14E84E601A00B488EED04331F22B9C452C5F", "A57EE5DA97EFA8033AD704E78D7258889BD6E4B43C7D558CC7BF1ADC63BE3DAF", "A597FC2502CE93E35C812A73F9B40A7FB359E54479EB78A16E664A740F1B62E1", "A5EE6903D383C042ADBB5FEF76C2F60C5F1B6BFAAA0ABAB88DC4660244B7AED4", "A6938267F339EFB6C26A98CB2E5497B85551E8B8E808EA76F61306999B98826C", "A7AB67318D2C2A81A2B54F4FD42D9279292193725803DD18FB2FB94C9ACAD255", "A8AFB71992370CD8AF9340FB766CB133288126FDA64D60A67D3B25CD154F2C52", "A8FCA8838CF049BF62AAB68408FB18EF0F19EB760464B7DCA7B268D4FDEBB1D1", "A911AF5A1D427E3C73869552B626178ECA9D7A2C4D751BD35DCB395C648FFF83", "A9ABCB46C2AB3205C68FA05A05C66734611D213CAC0440DC7D00A0FFBBB76A34", "A9BDB3515972CADE394FA4B076D4B34D3CDAE6FC5D8F94CB5F10FB8E8F3E0D2B", "AA3B296C3E872A0C8E54359C90FFE82D9A9E6FA1535C7608927E2C4A576D96BB", "AA65E01A5ADB89712C52EF9ED38433CC0B89DDE0A18D8B93797A201A1B88A405", "AA8A483F1FC087A1BFF90E90D9EEDAC1560CA2407BE4FD361149C94E0B019195", "AAD796285A11C743CA311FBC9C98D34ABDD9C3901844B79050AA95788AAF93DF", "ABE3E02785F98040EA06681161961B9FA1B2DF33987202A19484CE8DD90DF593", "AC9B6658B5DF2DDAA43BAB9ECB6DB28DE23F94B9BC98B1A4122C58B9C8D77A61", "ADF65B4A474E1421F71559C3F519C310FC36B59F7BDDCDE5839099E428CDBDB6", "AF1B7F69319D99120AB2CC7B05E220642F57066BEA685FEF87055B6FE861FE45", "AFB18C01001C1ED3C57D258D7EAEF5E63B8016D0093506248A32EF21FB399220", "AFFD92BCC12500CEBD2822FB64DCF1EF589EA350A991DE5C09421D24BFAFD713", "B0AEB074FFA0854656EFE3CAF612805ED0F2B662B12263D2B3084481427FAB2B", "B109CC9FDED0C49D3D95375D16D391EDC04BBA2A574F1B4F6C062A55D8FDB73F", "B12649723FE3BE03431408E88916DBAC1978DE8ACF5D0E585C9C1BB9AC7B99ED", "B146240A6413699A63C2D6019C38D06615E6DC96CDA4CD8F928A38A2B5E16E08", "B1DB72C0367C124FCB0F38FE4461054D946F67EFA306FEAECDAE4FD6E06D95E6", "B247A6081E146381CA60793F6A82F948FF576AF6B7CDDB8DA27C31DC6FBA8DF5", "B26BA31F7C8E180B2476A6D17348E9C8899E4E6C0D69D13EE7B0DE3A1B8FD9D5", "B314B86EC6539E411791CCFA6A53927253F388CB034016D2D424FAE5EAB8C0EC", "B37B3BA642C275DF87697C2DAEEDE515471CB52F52D5C4BC93F803E894945DAC", "B48A934A561B5DA138A664173E19E268F2190EB9B23DD117254F13BA1342F809", "B4A5A501AD0C9A763CCC9C4E415BD3518308CF6344F4B2B2E587671B3A834FE5", "B4CA968494E02B5BFE9B27A5692CA5BE48946524BDEB38C92B16A05BE2C1C180", "B5E3EEDB2B4419A3F087941C866457BC20F4680EBA2368EA8A2DA26653D71558", "B625EA391050AE88DBC854C1E4ACFEA9464E64C5F461F5BC1B3775D674ABF431", "B6D6C54063B9D3D843B2B708545F3A7AF36AF2D1AC6686B6E0D6A6FAB3B4FEE3", "B6DC7E5DAFC277D65ACE07020E25E9E6C123E9249A6E4BAD865DF12AB12DBA89", "B7714F51B8CFAA4234497F491ECC215FC91BAB3D7CF96F228B974B661D0E0297", "B776730BEF8B1AFBA479AE066C7AA9E78D065164B1F25B7C0DA6D8B9B59FC44F", "B84251E3C31E8FAF9BA0B73449F8A92CA84F7B802070A7A5FB283B62300DC251", "B84C78D03D986BF322F4DAA6A582BF37937165F4BFD024C3BA31CB8D635DDAEA", "B8CDE2E20BC16C41FC85BA2A86684E11CDAD295FBFA9F508C045F715A67AC321", "B8E39243B9723762A0BFE92C722787A58C5C4EB4CF82C07D85ACAB5C40D259D9", "B9410A108CEB6D3C9DFE0C1617FB34D181E021D243C3FB7F5DB35969D7C4CE52", "B9AA00FC015715A7F77E8A6F3F5A720935FC98D8627A97262B8AA8F8417F3717", "BAE90E39B7D4E023C3482742CAB27A6F0422803204E9AC550ACB7A5854D9C14A", "BAECFF00D7B6F46E252C6A2496507BDCC47802751268AC42D575979308891DAA", "BAF1546D1EDD330DFAAFA27F2850DC5927E6EEBC01917991945A132668237FFA", "BC7527238358BF4E08A4155A5CD1FC5BEDA3DEB84A8AE9C4D761327D80CE78E0", "BC88B90C09B7EC1F53D7AF4EC8E0615FA400710AB5A11ECF2F7D39060987E5C6", "BCB08F65FA14C39FC0F63A4FB245CBBA50B1FB4D616800144D405A6DA25EB62A", "BD03EE478D44A7C4C899090C9FF328560060F0170A87F64F2E81D7DD96BC3A37", "BD680B5B73F884736DEE354E0271A3AEAC047D58AEF5745A9A2514373F622170", "BD8C62C76841FE9A4868BF425316D594411D32647FBA50D978D31C561C8BF18C", "BE5D938F4770D0AA90226E100E61C45C5FF16095FD13548582099E2D2BD7CA8C", "BE7CB46B5CFD501C4AA7DC4F69FE6AFF0BC66D9383EE440550C04E78796CB7D1", "BF63C0D93B065C5504C4B9747CDB9E606441B712F7441DC8A80A068AACF090C6", "C05606DDE0787CFD8AFD46D19B6A8662265DC74F7E3AFC3427692BA89186825A", "C07939CCCAC005648C0553152DC34FE7752205E82EFF81648E83585911CB92F0", "C09543DCAE42029A17B90A7F26EF43985CF4CE3DC85DE27C6D7D46E7A4F58628", "C0FDB3F4B7A171D3937E45DFD9D337DEA2512F2ECDE945CC40691DDEB5689DA3", "C1DB9DF00AB208BADC001393BCFE99FE4AD1B2C7C68488061EC684A276D26990", "C2DE286AAC09188FB56431A32870396BEB60EB9B39C5F589373BA4BCF647D602", "C2E1B6F103D16592590804EC21CC266225CDAA4E931E62E62D9FD5256D6D1B8D", "C31ABD7F5B5401B4FDDB3B8B810AAA88CD14E7A2EB57E3CEFC96D040431AE11A", "C33C75D536D0395D907267D197964636B4CA8C5DFB52755A5682CF70BF8C7FB6", "C359E298B12358DC12E6A45A12F75C3BB2B1939DCD44D41BC06D12AB4EFD80F8", "C3BF05E5C399383B3AFDD2C7B925A53988C3B7DF9A617456733297F5F136F085", "C3DE321F78B4C8F5AC5B1E58A1D07302D3EF4CC60E15AAA9DC7F80835BF64230", "C3EAB875270997EDB523AC004ED0D62857A85BC64AE5CFF15B83BC69E331997E", "C408386DF4AE37315966F2B30EFCF0B1E4A259AE24F4CA11D92C0940EE1E9D48", "C48BCCCB9C9D9824A3691807D1186751538A4148C753DE0274ECBC66A45D9086", "C4E218A5F52DE1B9AF1E52707DFA1604E9A662C6C98C3B20A4570D025945B423", "C54DC7D2E2B802728DDF1A8F4B8F4A2F4BE90DFA3A39F0DA842F66EC4F327A3D", "C5F0A3013333B48D4C08CB3D13549994F17CDBB3EA06E50A46D8068D5A06FCAC", "C5FE2A87450A23986C1B41D6D7FE716DD05DB6C8D551816A2B51D22D1984A67A", "C6222D8B5C5089ED0DA3DCBECFD071DAB2872D5C2C2038747C9C671477028135", "C7202DB5711F055D9F237809CC1FAF2AC0CD165E05DDFB099BEAA1156D250972", "C79D23C222CEF5A47B842EED122B47A6156BE366D2CFAF0600BE6AFF5348D09F", "C7F9DAB9D9A5A1B7F9CB5FED324EFCAC4C72B5C0E11F0AF70FA86C8048D14D8D", "C83F675C530B12620988F0C65F58B32931125E0012C4B7C771823623ECB73255", "C847EA33C7950732EFA671EB689209F5059DA3AD7C15C24FAFBCFD0BAAFEC481", "C87EDBA378406E58F4E29296C3C83DCAC416951C78E0B1CE14417659E78B8A76", "C95E77161B48C2969E6AAB743AAD921249B05B139C9E6DB99D47B8254D0339E9", "C98742B877B2C201166B837BC2C23F231BE604BF071711015BA45A10D5709CDE", "C9A98DBCDBB1AB0E80D15B7F4D937407F05B3754EBE6E67DCC33A02F34716110", "CA4831712C5406E15B2BF982E9BCA9800DB572A220393966A92C3D080143B464", "CB1B87BF4874E8E4FDFF0C5D0245F1B8EA7AF72E1648F87D112407D83AC6BFA1", "CC1827A64689B74570896388F9C886597BB1BF215F1D08F69BBBFD770F5275A3", "CC8C9E3E213B252611C58A980B905CDA01579A3982393A03C0CA88E7D0247D07", "CD659D8AE651469D67123F7E337CAC59E4D54AB3A4C8043DEE4FB680F9B28542", "CEB27E785E600294CBB232BE2A4F87611DCB20D91D768C5E4A4B5C3B0D8D1D3A", "CEEF59A551C3AFEE61046BE5D2CE2C317337786EB04B404FBE60DBD7BCD0A90D", "CF400205D925246630C27401AAFE4A535D4623838A972C087F26D86B886E2F0B", "CF40E075F0CA8C41C3924D8CAD12B7A9304B4AB57BABA03002EF8225FEFC457E", "D022529FE320A8F43D11C49701F88EA64C97C42B2D7C123E2D786C4D8DE81CA2", "D0225442EA1F7FADB0ADE582D0CDA8E16966695AE0F046323251471291D7BFB9", "D042A4A6E51658909DBDD09ECA8D4648027A617A651754DF86282C8B2ADE7782", "D1CE2D9E2B9A3419FE3C9AB3A447623523F119DE8D1288401E98053F1834B378", "D24D6AA16E5E96F58588B2665D6534885C03000813DDF7A934AEC12601EDBD93", "D25B9445FC278E9407AC074178FCC8A8B13B7AC4E61B4181E2C34AE764EF75D1", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D3500E8F6DFAA642288EF9D8BB70AE640BAAD3F185AB1CBA523102A8EB2C7F41", "D3C6D03503FC181653DFBA92FDF1624F0F516332535829D170C0C7C4D1D5E839", "D3CC8BC4BEC831C480B3C4D48F5155CEEBCE658FB0583063BC38E5837444FBC8", "D3F2B69F6CA64D919AA9D68D5F3A3B4FF3FDD6E6FE626B4BDC20A3144536C410", "D5FFAB2921AC1A3547E27CFCBC1E1E3D35FCC759C95F02FE4CE80190B21F24DC", "D6282117AB13EB25AE54CEF6988ADB83EC89FA814931738B384654ADE6C4A47A", "D6EE1AE15F7BD96FCB1799E31A9E36026979DFE8E702302D459578E3398E8FC4", "D711E8839F9CEAF79F79AAE8CD01BDCDBF7DCD4C0649106ABCD18E8CADF832B2", "D769A719969444D9AD76545DE357F1D2E512B3988DB6009C87813FBB572EA7C4", "D798A2662F653C58B07EF7AB7952BA9F9D262CA55D27B779D34C5A7F3DECACDF", "D8618C22C2CC7086DC30EEEDA381A4508223A7ECA27B540900371500AFAD2814", "D87699740B30BB25DEC2F8B16CA15FBC5C6247D272AD4BA218F8A206B588A8C2", "D9CE347758D4A66CEE61A547DBAF9CADD75119B2F36B2ECBDB4613CA8BDD542A", "DB619D9FAE62F2F929F7EA7C2ED8FD4FD65BC9B5917669C3039D6967B8844A95", "DB77FA682E1C424D5DC75EF1D7E867B818764A3DCA318FD78F7BB076B3F08B21", "DBF1E6589C94286283F9FDAC57F9AE331072486E7548877B0C60E800C77DE957", "DC57438D564B92B5261B541A39F338A5C9FAE604E371F12C2D4293F9D72214B8", "DD1039AD603CD497738F840D32655E5B15E168D7E31F54FA722E4A3C3742244E", "DDE3DEB25676ADC1DB480364A779909356249858CDB0D097DC67216D3015C436", "DEC8B1857975B965D873A8BB6F56B19058C4EFA0C242EB808E499279F11EE7B2", "DFBA0A507CBA73A53666A3E5C741F70C7CFC57D7ECE64BB957B938A6262C5882", "E0A58ED8F9D2EAC5F3D7B7629F5373292F4D9CAE0E0ACB4EFB9DF940BFA17EC8", "E0F17AD47CAA6080F5FC20DDDA4AC3F56933A8293A21DC21DA8298F76A9C6CFA", "E176EF28BB537E04A7855ABD7E181CEF6BC394B813AF5E6BF1CA463C78A5151C", "E1AE7C0A22A69BD8715169108247C105632920F2D3FF1536C2927E5CE60B98F2", "E1B7DDDD1209F59FDE993DB2C07F287558523D0B407D3C3B2397927AFA814840", "E1E9140261C4BEBD65D41F97BDFE9E765DD662488613A61191BC2E4AF6816228", "E21EE2EC4B109051DD18B7E28B917655784B8802BDD1068065EBF95CC0940B6B", "E297CE15C15A71E06225EE1F8E0468EA8DDA995147F4E4D843705D5A43330DF4", "E3B28AA41302D919A96048E196D0024394CD3D5FF009D312C833272619D5247A", "E47471C8378F0098D1B6B7659731830AD39260FEC72F155F7C4E267A79FB1091", "E47DCB90E150CB3DA557883F6C8FBE704493D83CE9703876536A5A4AF84D6B70", "E6FCDAF229D9B08B47522BF5A52A247A437CC2DC9C2822EEE2F847066D8AF4D4", "E718305B80885810F902CE850143D8E41B3321E883AB24867E49DDC4822F4153", "E7B27D160CD8AD6CEE5EE17DF994C844B5EC3D6A8C4976FBBC5C2E758D5732CA", "E8B09E7405E90C365374495E82F5D56FE8BE52A50786C3B8F23F9CE7E7376363", "E92AA27F03E5AF91B1903547248DC2ABD2A1AAA86CD439FA495889D5492AAC30", "E968D5EDF80FD5A67D3FB4F777F2CF43CB076659D0CBC8ED4BEF3BDE224F50B9", "E9A3E2EA3AE2ADD4620D37196036A6030F0C51283082B6F6903A10C2A73E5C49", "E9D697890F273DADB14BA2E56AB33EFE80D0F44CDB73355C0FAA7C02A52EA536", "EAB022DE308F5B13CC9EAE2FD13C9C4FB07FF103515D4C2F19880811A62F133D", "EB1DCA497A53756F1BDBE022C877F98BA5E257C84474BCB75AF60A56705FB061", "EC90BB75C28BD5097ECC9252DCFF29BAD9DC069E3EFBD12AEB550EA824884A56", "ECEDCC21226E7AABE0C2F6E4A0B1F49C6E563703F477B53AC27B9E48E4049266", "ED28089FC95E7D5F93CB79EE07E2E9B5DFE0BD6243061242F1C25EB73DF910A0", "EED70DAEC5A3F44677119009339AC1CBA0D09F4A1FB885C248E75518AAE762AC", "EF37F55BDAA7C23938ACD87E25A2EC35E294C9E979A0AA4A909DA2B9AD9237A4", "EFEA41F219C6C85BCB117A65FA7EA265B6805272375D320CA34B86DCCC1F2789", "F02C08485005B3F2D6BECAD34DA40CFF4FB98527D314337A35423CE106DF04A1", "F031AF6E7EA89A43568BB9B2DE3CA3D1F676942FB59497629DFD1AC91BD53208", "F03761789311F13FC8DCBFA36CB247D8981ECE416EF278DBED25A379784F29BA", "F0F7CB3FF34575347263765CA6F52851E28E7B2C6749B9C22FAEB916ECBCA8EE", "F12D7C2C43AB46C4687DD03A45FACBB6E2AAFED7FEB3C87468EB707FC58AB341", "F17C09CA9366DB4B46C2D2458B4B0B2F150A45007792754545A5B15C91CA9BBA", "F1FBE998607B8573193498322E7BE1537F374DA8945BB6FD21F1F411C5CFBE31", "F3CCE399EBF8E0219B3D30EEF7F522C3290C31BEBAFE8248755CFA8EE7793280", "F3D0670515A02D7CDDE09BF21416666DF78E27F0D06E2A9072A83D9BCBAABEBC", "F3DADED115C455258153CDABAC2AB33D9397F6285472C1AE6891D5942E4259ED", "F4A34005E745D62ED5BBDB831E5D767C24B118051EFDE3423ADF017A2626FD14", "F4E7E3BE19F29D23C9E8BDC15EEAE7B010BF3E4C06C22A6AC29599A6977CB542", "F5268DE4D308447E14FC618A3C21177AD2B2B1F46CB3B75F60E908782F34C984", "F55ABDFF87575503ED1A594C10571C58606CD661947C9F188A65571C4868F922", "F77D882E57D3DF8BFA32289B35EE8D46A1AD0E81EF2A1D59F10C3294CA99EAFD", "F8F311B3072223D52EB3D8154BEE85BE4F61B6D245F44A1A11E0A790CE3F0D4E", "F93F351432EE382962D63DF905127DFA76C55EACC58DBDA0A8FB03D2CD76B307", "F9C3BC218F02B41A1EE998B0C9BACBCBA2A26044AA17D86E90806B1B4853903B", "F9EFAE3997751EBA3F424A5BB2FD2E363B1B5FD9F0DEA633898CB60CCE16DCB5", "F9FFF1452D2A985801DD08F7813340BA467DEFAB87F21C48C63A7F54D115EA57", "FA90064F3FABCD5CD6E50C627B3EEFFD46086A8E2B7D5B55053A4E47043DC8A7", "FBF8D5380A8667F5D239F868F077DAD8E14459BF18DCA6E0C2C65E35815C9F4A", "FC4C804F44282D78247FA90BC4C8C855819430A02725094AC97DBD89D0227589", "FCEEB61FFF0AA043526B3AD29A5AA38A5A5E8F0EBFEBFB7196BA2301B080971B", "FE01AAE21F4E92E4CAAE32BED0583AACA306DB4E76E15F000BBFD18F8EF8B374", "FE36F70B633D6B89B87EB57DF379F72D3D3FFDEBF84731993C6092A6C7F6143D", "FE8CD63741EB0C201948EBAC06CC70F90DD67B3DB7F1AC791F315F256B1B4EBC", "FFD69F78FD2C1A7E035E286C6E8A231F33B1AFC690BA2EEA961139EAD4951560"]}, {"type": "ics", "idList": ["ICSA-17-094-04", "ICSA-22-349-21"]}, {"type": "kaspersky", "idList": ["KLA10343", "KLA10460", "KLA10479", "KLA10629", "KLA10630"]}, {"type": "kitploit", "idList": ["KITPLOIT:6228086289371789135", "KITPLOIT:7553690576096019209"]}, {"type": "lenovo", "idList": ["LENOVO:PS500190-INTEL-PROSETWIRELESS-WIFI-SOFTWARE-VULNERABILITIES-NOSID", "LENOVO:PS500190-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2014-0325", "MGASA-2015-0022", "MGASA-2015-0111", "MGASA-2015-0246", "MGASA-2015-0260", "MGASA-2015-0268", "MGASA-2015-0277", "MGASA-2015-0280", "MGASA-2019-0106"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY-SCANNER-SSL-SSL_VERSION-"]}, {"type": "mozilla", "idList": ["MFSA2015-70"]}, {"type": "nessus", "idList": ["4221.PRM", "6129.PRM", "6288.PRM", "6857.PRM", "700510.PRM", "700632.PRM", "700633.PRM", "700634.PRM", "700651.PRM", "7168.PASL", "7169.PASL", "801016.PRM", "801054.PRM", "801059.PRM", "801937.PRM", "8253.PRM", "8354.PRM", "8617.PRM", "8661.PRM", "8662.PRM", "8790.PRM", "8791.PRM", "8801.PRM", "8830.PASL", "8855.PRM", "8879.PRM", "8977.PRM", "8979.PRM", "8981.PRM", "8982.PRM", "9128.PRM", "9462.PRM", "AIX_IV75643.NASL", "AIX_IV75644.NASL", "AIX_IV75645.NASL", "AIX_IV75646.NASL", "AIX_IV75967.NASL", "AIX_JAVA_JULY2015_ADVISORY.NASL", "AIX_OPENSSL_ADVISORY10.NASL", "AIX_OPENSSL_ADVISORY12.NASL", "AIX_OPENSSL_ADVISORY13.NASL", "AIX_OPENSSL_ADVISORY14.NASL", "AIX_OPENSSL_ADVISORY17.NASL", "AIX_OPENSSL_ADVISORY3.NASL", "AIX_OPENSSL_ADVISORY30.NASL", "AIX_OPENSSL_ADVISORY4.NASL", "AL2_ALAS-2019-1188.NASL", "AL2_ALAS-2019-1362.NASL", "ALA_ALAS-2012-38.NASL", "ALA_ALAS-2012-72.NASL", "ALA_ALAS-2012-73.NASL", "ALA_ALAS-2014-391.NASL", "ALA_ALAS-2015-469.NASL", "ALA_ALAS-2015-498.NASL", "ALA_ALAS-2015-550.NASL", "ALA_ALAS-2015-569.NASL", "ALA_ALAS-2015-570.NASL", "ALA_ALAS-2015-571.NASL", "ALA_ALAS-2015-586.NASL", "ALA_ALAS-2016-682.NASL", "ALA_ALAS-2019-1188.NASL", "APPLE_IOS_84_CHECK.NBIN", "APPLE_IOS_90_CHECK.NBIN", "ARISTA_EOS_SA0018.NASL", "BLUECOAT_PROXY_SG_6_5_7_5.NASL", "CENTOS_RHSA-2007-0813.NASL", "CENTOS_RHSA-2007-0964.NASL", "CENTOS_RHSA-2007-1003.NASL", "CENTOS_RHSA-2009-1335.NASL", "CENTOS_RHSA-2010-0054.NASL", "CENTOS_RHSA-2010-0163.NASL", "CENTOS_RHSA-2012-0059.NASL", "CENTOS_RHSA-2012-0060.NASL", "CENTOS_RHSA-2012-0518.NASL", "CENTOS_RHSA-2014-1052.NASL", "CENTOS_RHSA-2015-0066.NASL", "CENTOS_RHSA-2015-0715.NASL", "CENTOS_RHSA-2015-0716.NASL", "CENTOS_RHSA-2015-0800.NASL", "CENTOS_RHSA-2015-1072.NASL", "CENTOS_RHSA-2015-1115.NASL", "CENTOS_RHSA-2015-1185.NASL", "CENTOS_RHSA-2015-1197.NASL", "CENTOS_RHSA-2015-1228.NASL", "CENTOS_RHSA-2015-1229.NASL", "CENTOS_RHSA-2015-1230.NASL", "CENTOS_RHSA-2015-1526.NASL", "CENTOS_RHSA-2016-0372.NASL", "CENTOS_RHSA-2019-2304.NASL", "CENTOS_RHSA-2019-2471.NASL", "CHECK_POINT_GAIA_SK106499.NASL", "CISCO-SA-20150310-SSL-NXOS.NASL", "CISCO-SA-20150320-OPENSSL-IOS.NASL", "CISCO-SA-20150320-OPENSSL-IOSXE.NASL", "CISCO_ACE_A5_3_3.NASL", "CISCO_ANYCONNECT_3_1_7021.NASL", "DB2_105FP7_NIX.NASL", "DB2_105FP7_WIN.NASL", "DEBIAN_DLA-132.NASL", "DEBIAN_DLA-1701.NASL", "DEBIAN_DLA-177.NASL", "DEBIAN_DLA-247.NASL", "DEBIAN_DLA-303.NASL", "DEBIAN_DLA-33.NASL", "DEBIAN_DLA-507.NASL", "DEBIAN_DSA-1379.NASL", "DEBIAN_DSA-1763.NASL", "DEBIAN_DSA-1888.NASL", "DEBIAN_DSA-1970.NASL", "DEBIAN_DSA-2390.NASL", "DEBIAN_DSA-2454.NASL", "DEBIAN_DSA-2998.NASL", "DEBIAN_DSA-3125.NASL", "DEBIAN_DSA-3197.NASL", "DEBIAN_DSA-3287.NASL", "DEBIAN_DSA-3300.NASL", "DEBIAN_DSA-3316.NASL", "DEBIAN_DSA-3324.NASL", "DEBIAN_DSA-3339.NASL", "DEBIAN_DSA-3688.NASL", "DEBIAN_DSA-4400.NASL", "EULEROS_SA-2019-1145.NASL", "EULEROS_SA-2019-1258.NASL", "EULEROS_SA-2019-1325.NASL", "EULEROS_SA-2019-1326.NASL", "EULEROS_SA-2019-1400.NASL", "EULEROS_SA-2019-1861.NASL", "EULEROS_SA-2019-1980.NASL", "EULEROS_SA-2019-2271.NASL", "EULEROS_SA-2019-2509.NASL", "EULEROS_SA-2019-2643.NASL", "EULEROS_SA-2020-1629.NASL", "EULEROS_SA-2020-1637.NASL", "EULEROS_SA-2020-1774.NASL", "F5_BIGIP_SOL15388.NASL", "F5_BIGIP_SOL16123.NASL", "F5_BIGIP_SOL16136.NASL", "F5_BIGIP_SOL16285.NASL", "F5_BIGIP_SOL16317.NASL", "F5_BIGIP_SOL16321.NASL", "F5_BIGIP_SOL16323.NASL", "F5_BIGIP_SOL16674.NASL", "F5_BIGIP_SOL16913.NASL", "F5_BIGIP_SOL16914.NASL", "F5_BIGIP_SOL8106.NASL", "F5_BIGIP_SOL95463126.NASL", "FEDORA_2007-2530.NASL", "FEDORA_2007-725.NASL", "FEDORA_2009-5412.NASL", "FEDORA_2009-5423.NASL", "FEDORA_2009-5452.NASL", "FEDORA_2010-5357.NASL", "FEDORA_2010-5744.NASL", "FEDORA_2012-0232.NASL", "FEDORA_2012-0250.NASL", "FEDORA_2012-0702.NASL", "FEDORA_2012-0708.NASL", "FEDORA_2012-18035.NASL", "FEDORA_2012-6343.NASL", "FEDORA_2012-6395.NASL", "FEDORA_2012-6403.NASL", "FEDORA_2014-17576.NASL", "FEDORA_2014-17587.NASL", "FEDORA_2014-9301.NASL", "FEDORA_2014-9308.NASL", "FEDORA_2015-0512.NASL", "FEDORA_2015-0601.NASL", "FEDORA_2015-10047.NASL", "FEDORA_2015-10108.NASL", "FEDORA_2015-4300.NASL", "FEDORA_2015-4303.NASL", "FEDORA_2015-4320.NASL", "FEDORA_2015-6855.NASL", "FEDORA_2015-6951.NASL", "FEDORA_2015-9048.NASL", "FEDORA_2015-9130.NASL", "FEDORA_2015-9161.NASL", "FEDORA_2019-00C25B9379.NASL", "FEDORA_2019-9A0A7C0986.NASL", "FEDORA_2019-DB06EFDEA1.NASL", "FREEBSD_PKG_2AE114DEC06411E1B5E0000C299B62E1.NASL", "FREEBSD_PKG_44D9DAEE940C417986BB6E3FFD617869.NASL", "FREEBSD_PKG_4E536C14979111E4977DD050992ECDE8.NASL", "FREEBSD_PKG_5C5F19CE43AF11E189B4001EC9578670.NASL", "FREEBSD_PKG_7184F92E8BB811E18D7B003067B2972C.NASL", "FREEBSD_PKG_7700061F34F711E9B95CB499BAEBFEAF.NASL", "FREEBSD_PKG_78CC8A463E5611E189B4001EC9578670.NASL", "FREEBSD_PKG_7B1A4A27600A11E6A6C314DAE9D210B8.NASL", "FREEBSD_PKG_82B55DF84D5A11DE88110030843D3802.NASL", "FREEBSD_PKG_8305E215108011E58BA2000C2980A9F3.NASL", "FREEBSD_PKG_8AFF07EB1DBD11E4B6BA3C970E169BC2.NASL", "FREEBSD_PKG_9D15355BCE7C11E49DB0D050992ECDE8.NASL", "FREEBSD_PKG_B71D71933C5411E9A3F900155D006B02.NASL", "FREEBSD_PKG_FBC8413F2F7A11DE9A3F001B77D09812.NASL", "GENTOO_GLSA-200710-06.NASL", "GENTOO_GLSA-200904-08.NASL", "GENTOO_GLSA-200912-01.NASL", "GENTOO_GLSA-201110-01.NASL", "GENTOO_GLSA-201203-12.NASL", "GENTOO_GLSA-201312-03.NASL", "GENTOO_GLSA-201412-11.NASL", "GENTOO_GLSA-201412-39.NASL", "GENTOO_GLSA-201503-11.NASL", "GENTOO_GLSA-201506-02.NASL", "GENTOO_GLSA-201512-10.NASL", "GENTOO_GLSA-201603-11.NASL", "GENTOO_GLSA-201603-15.NASL", "GENTOO_GLSA-201605-06.NASL", "GENTOO_GLSA-201701-46.NASL", "GENTOO_GLSA-201903-10.NASL", "HPSMH_6_0_0_95.NASL", "HPSMH_7_1_1_1.NASL", "HPSMH_7_2_1_0.NASL", "HPSMH_7_2_6.NASL", "HPSMH_7_5.NASL", "HPSMH_7_5_4.NASL", "HP_VERSION_CONTROL_REPO_MANAGER_7_5_0_0.NASL", "HP_VERSION_CONTROL_REPO_MANAGER_7_5_0_NIX.NASL", "JUNIPER_JSA10679.NASL", "JUNIPER_JSA10759.NASL", "JUNIPER_JSA10949.NASL", "JUNIPER_NSM_JSA10679.NASL", "JUNIPER_PSN-2012-07-645.NASL", "JUNIPER_SPACE_JSA10659.NASL", "JUNIPER_SPACE_JSA10727.NASL", "MACOSX_10_10_3.NASL", "MACOSX_10_10_4.NASL", "MACOSX_10_10_5.NASL", "MACOSX_10_11.NASL", "MACOSX_10_8_4.NASL", "MACOSX_CISCO_ANYCONNECT_3_1_7021.NASL", "MACOSX_FIREFOX_31_8_ESR.NASL", "MACOSX_FIREFOX_38_1_ESR.NASL", "MACOSX_FIREFOX_39_0.NASL", "MACOSX_SECUPD2008-005.NASL", "MACOSX_SECUPD2009-005.NASL", "MACOSX_SECUPD2013-002.NASL", "MACOSX_SECUPD2015-004.NASL", "MACOSX_SECUPD2015-005.NASL", "MACOSX_SECUPD2015-006.NASL", "MACOSX_THUNDERBIRD_38_1.NASL", "MANDRAKE_MDKSA-2006-172.NASL", "MANDRAKE_MDKSA-2006-177.NASL", "MANDRAKE_MDKSA-2006-178.NASL", "MANDRAKE_MDKSA-2007-193.NASL", "MANDRIVA_MDVSA-2009-087.NASL", "MANDRIVA_MDVSA-2009-120.NASL", "MANDRIVA_MDVSA-2009-238.NASL", "MANDRIVA_MDVSA-2009-310.NASL", "MANDRIVA_MDVSA-2010-022.NASL", "MANDRIVA_MDVSA-2012-006.NASL", "MANDRIVA_MDVSA-2012-007.NASL", "MANDRIVA_MDVSA-2012-011.NASL", "MANDRIVA_MDVSA-2012-060.NASL", "MANDRIVA_MDVSA-2012-064.NASL", "MANDRIVA_MDVSA-2014-158.NASL", "MANDRIVA_MDVSA-2015-019.NASL", "MANDRIVA_MDVSA-2015-062.NASL", "MANDRIVA_MDVSA-2015-063.NASL", "MCAFEE_FIREWALL_ENTERPRISE_SB10102.NASL", "MOZILLA_FIREFOX_31_8_ESR.NASL", "MOZILLA_FIREFOX_38_1_ESR.NASL", "MOZILLA_FIREFOX_39_0.NASL", "MOZILLA_THUNDERBIRD_38_1.NASL", "MYSQL_5_6_44.NASL", "MYSQL_5_7_27.NASL", "MYSQL_8_0_16.NASL", "MYSQL_ENTERPRISE_MONITOR_3_0_23.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_16.NASL", "NESSUS_TNS_2015_07.NASL", "NESSUS_TNS_2019_02.NASL", "NEWSTART_CGSL_NS-SA-2019-0020_OPENSSL098E.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0176_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0206_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0254_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2020-0019_OPENSSL.NASL", "NUTANIX_NXSA-AOS-5_10_9.NASL", "NUTANIX_NXSA-AOS-5_11_2.NASL", "NUTANIX_NXSA-AOS-5_16.NASL", "OPENSSL_0_9_7M_0_9_8E.NASL", "OPENSSL_0_9_8I.NASL", "OPENSSL_0_9_8K.NASL", "OPENSSL_0_9_8L.NASL", "OPENSSL_0_9_8M.NASL", "OPENSSL_0_9_8S.NASL", "OPENSSL_0_9_8T.NASL", "OPENSSL_0_9_8V.NASL", "OPENSSL_0_9_8ZB.NASL", "OPENSSL_0_9_8ZD.NASL", "OPENSSL_0_9_8ZF.NASL", "OPENSSL_0_9_8ZG.NASL", "OPENSSL_1_0_0F.NASL", "OPENSSL_1_0_0G.NASL", "OPENSSL_1_0_0I.NASL", "OPENSSL_1_0_0N.NASL", "OPENSSL_1_0_0P.NASL", "OPENSSL_1_0_0R.NASL", "OPENSSL_1_0_0S.NASL", "OPENSSL_1_0_1A.NASL", "OPENSSL_1_0_1I.NASL", "OPENSSL_1_0_1K.NASL", "OPENSSL_1_0_1M.NASL", "OPENSSL_1_0_1N.NASL", "OPENSSL_1_0_1R.NASL", "OPENSSL_1_0_2A.NASL", "OPENSSL_1_0_2B.NASL", "OPENSSL_1_0_2F.NASL", "OPENSSL_1_0_2R.NASL", "OPENSUSE-2012-308.NASL", "OPENSUSE-2012-52.NASL", "OPENSUSE-2013-153.NASL", "OPENSUSE-2014-509.NASL", "OPENSUSE-2015-247.NASL", "OPENSUSE-2015-447.NASL", "OPENSUSE-2015-474.NASL", "OPENSUSE-2015-479.NASL", "OPENSUSE-2015-480.NASL", "OPENSUSE-2015-495.NASL", "OPENSUSE-2015-507.NASL", "OPENSUSE-2015-511.NASL", "OPENSUSE-2015-512.NASL", "OPENSUSE-2015-635.NASL", "OPENSUSE-2015-67.NASL", "OPENSUSE-2015-889.NASL", "OPENSUSE-2016-102.NASL", "OPENSUSE-2016-104.NASL", "OPENSUSE-2016-1064.NASL", "OPENSUSE-2016-215.NASL", "OPENSUSE-2016-218.NASL", "OPENSUSE-2016-289.NASL", "OPENSUSE-2016-292.NASL", "OPENSUSE-2016-294.NASL", "OPENSUSE-2016-327.NASL", "OPENSUSE-2016-92.NASL", "OPENSUSE-2019-1076.NASL", "OPENSUSE-2019-1105.NASL", "OPENSUSE-2019-1173.NASL", "OPENSUSE-2019-1175.NASL", "OPENSUSE-2019-1432.NASL", "OPENSUSE-2019-1637.NASL", "ORACLELINUX_ELSA-2007-0813.NASL", "ORACLELINUX_ELSA-2007-0964.NASL", "ORACLELINUX_ELSA-2010-0054.NASL", "ORACLELINUX_ELSA-2010-0163.NASL", "ORACLELINUX_ELSA-2012-0059.NASL", "ORACLELINUX_ELSA-2012-0060.NASL", "ORACLELINUX_ELSA-2012-0518.NASL", "ORACLELINUX_ELSA-2012-2011.NASL", "ORACLELINUX_ELSA-2014-1052.NASL", "ORACLELINUX_ELSA-2015-0066.NASL", "ORACLELINUX_ELSA-2015-0715.NASL", "ORACLELINUX_ELSA-2015-0716.NASL", "ORACLELINUX_ELSA-2015-0800.NASL", "ORACLELINUX_ELSA-2015-1072.NASL", "ORACLELINUX_ELSA-2015-1115.NASL", "ORACLELINUX_ELSA-2015-1185.NASL", "ORACLELINUX_ELSA-2015-1197.NASL", "ORACLELINUX_ELSA-2015-1228.NASL", "ORACLELINUX_ELSA-2015-1229.NASL", "ORACLELINUX_ELSA-2015-1230.NASL", "ORACLELINUX_ELSA-2015-1526.NASL", "ORACLELINUX_ELSA-2016-0372.NASL", "ORACLELINUX_ELSA-2019-2471.NASL", "ORACLEVM_OVMSA-2014-0007.NASL", "ORACLEVM_OVMSA-2014-0008.NASL", "ORACLEVM_OVMSA-2014-0012.NASL", "ORACLEVM_OVMSA-2014-0032.NASL", "ORACLEVM_OVMSA-2015-0005.NASL", "ORACLEVM_OVMSA-2015-0029.NASL", "ORACLEVM_OVMSA-2015-0030.NASL", "ORACLEVM_OVMSA-2015-0039.NASL", "ORACLEVM_OVMSA-2015-0065.NASL", "ORACLEVM_OVMSA-2015-0070.NASL", "ORACLEVM_OVMSA-2016-0071.NASL", "ORACLEVM_OVMSA-2016-0086.NASL", "ORACLEVM_OVMSA-2019-0040.NASL", "ORACLE_BI_PUBLISHER_JAN_2020_CPU.NASL", "ORACLE_BI_PUBLISHER_OCT_2019_CPU.NASL", "ORACLE_E-BUSINESS_CPU_JUL_2015.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2021_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JUL_2019_CPU.NASL", "ORACLE_JAVA_CPU_JUL_2015.NASL", "ORACLE_JAVA_CPU_JUL_2015_UNIX.NASL", "ORACLE_JROCKIT_CPU_JUL_2015.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_APR_2019.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2016_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2015_CPU.NASL", "PALO_ALTO_PAN-SA-2019-0039.NASL", "PCI_WEAK_DH_UNDER_2048.NASL", "PFSENSE_SA-14_14.NASL", "PFSENSE_SA-15_06.NASL", "PFSENSE_SA-16_02.NASL", "PUPPET_ENTERPRISE_380.NASL", "PUPPET_ENTERPRISE_ACTIVEMQ_PSQL_SSL.NASL", "REDHAT-RHSA-2007-0813.NASL", "REDHAT-RHSA-2007-0964.NASL", "REDHAT-RHSA-2007-1003.NASL", "REDHAT-RHSA-2009-1335.NASL", "REDHAT-RHSA-2010-0054.NASL", "REDHAT-RHSA-2010-0163.NASL", "REDHAT-RHSA-2012-0059.NASL", "REDHAT-RHSA-2012-0060.NASL", "REDHAT-RHSA-2012-0109.NASL", "REDHAT-RHSA-2012-0168.NASL", "REDHAT-RHSA-2012-0518.NASL", "REDHAT-RHSA-2012-0522.NASL", "REDHAT-RHSA-2014-1052.NASL", "REDHAT-RHSA-2014-1054.NASL", "REDHAT-RHSA-2015-0066.NASL", "REDHAT-RHSA-2015-0715.NASL", "REDHAT-RHSA-2015-0716.NASL", "REDHAT-RHSA-2015-0752.NASL", "REDHAT-RHSA-2015-0800.NASL", "REDHAT-RHSA-2015-1072.NASL", "REDHAT-RHSA-2015-1115.NASL", "REDHAT-RHSA-2015-1185.NASL", "REDHAT-RHSA-2015-1197.NASL", "REDHAT-RHSA-2015-1228.NASL", "REDHAT-RHSA-2015-1229.NASL", "REDHAT-RHSA-2015-1230.NASL", "REDHAT-RHSA-2015-1241.NASL", "REDHAT-RHSA-2015-1242.NASL", "REDHAT-RHSA-2015-1243.NASL", "REDHAT-RHSA-2015-1485.NASL", "REDHAT-RHSA-2015-1486.NASL", "REDHAT-RHSA-2015-1488.NASL", "REDHAT-RHSA-2015-1526.NASL", "REDHAT-RHSA-2015-1544.NASL", "REDHAT-RHSA-2015-1604.NASL", "REDHAT-RHSA-2016-0303.NASL", "REDHAT-RHSA-2016-0304.NASL", "REDHAT-RHSA-2016-0372.NASL", "REDHAT-RHSA-2019-2304.NASL", "REDHAT-RHSA-2019-2437.NASL", "REDHAT-RHSA-2019-2439.NASL", "REDHAT-RHSA-2019-2471.NASL", "REDHAT-RHSA-2019-3929.NASL", "SCREENOS_JSA10733.NASL", "SCREENOS_JSA10759.NASL", "SLACKWARE_SSA_2009-098-01.NASL", "SLACKWARE_SSA_2010-060-02.NASL", "SLACKWARE_SSA_2014-220-01.NASL", "SLACKWARE_SSA_2015-009-01.NASL", "SLACKWARE_SSA_2015-111-09.NASL", "SLACKWARE_SSA_2015-162-01.NASL", "SLACKWARE_SSA_2019-057-01.NASL", "SL_20071012_OPENSSL_ON_SL5_X.NASL", "SL_20071022_OPENSSL_ON_SL3.NASL", "SL_20071115_OPENSSL_ON_SL4_X.NASL", "SL_20090902_OPENSSL_ON_SL5_X.NASL", "SL_20100119_OPENSSL_ON_SL5_X.NASL", "SL_20100325_OPENSSL_ON_SL3_X.NASL", "SL_20120124_OPENSSL_ON_SL5_X.NASL", "SL_20120124_OPENSSL_ON_SL6_X.NASL", "SL_20120424_OPENSSL_ON_SL5_X.NASL", "SL_20140813_OPENSSL_ON_SL6_X.NASL", "SL_20150121_OPENSSL_ON_SL6_X.NASL", "SL_20150324_OPENSSL_ON_SL6_X.NASL", "SL_20150324_OPENSSL_ON_SL7_X.NASL", "SL_20150413_OPENSSL_ON_SL5_X.NASL", "SL_20150604_OPENSSL_ON_SL6_X.NASL", "SL_20150615_OPENSSL_ON_SL6_X.NASL", "SL_20150625_NSS_ON_SL6_X.NASL", "SL_20150630_OPENSSL_ON_SL5_X.NASL", "SL_20150715_JAVA_1_7_0_OPENJDK_ON_SL5_X.NASL", "SL_20150715_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL", "SL_20150715_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "SL_20150730_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "SL_20160309_OPENSSL098E_ON_SL6_X.NASL", "SL_20190806_OPENSSL_ON_SL7_X.NASL", "SL_20190813_OPENSSL_ON_SL6_X.NASL", "SOLARIS10_121229-02.NASL", "SOLARIS10_121229.NASL", "SOLARIS10_141742.NASL", "SOLARIS10_X86_121230-02.NASL", "SOLARIS10_X86_121230.NASL", "SOLARIS10_X86_140119.NASL", "SOLARIS11_OPENSSL_20120404.NASL", "SOLARIS11_OPENSSL_20120626.NASL", "SOLARIS11_OPENSSL_20140915.NASL", "SOLARIS9_113713.NASL", "SOLARIS9_X86_114568.NASL", "SOLARWINDS_SRM_PROFILER_6_2_3.NASL", "SPLUNK_618.NASL", "SPLUNK_625.NASL", "SSH_LOGJAM.NASL", "SSL_DH_EXPORT_SUPPORTED_CIPHERS.NASL", "SSL_LOGJAM.NASL", "STUNNEL_5_03.NASL", "STUNNEL_5_12.NASL", "SUSE9_11843.NASL", "SUSE9_12397.NASL", "SUSE_11_0_COMPAT-OPENSSL097G-090416.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-090415.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-090609.NASL", "SUSE_11_0_OPENSSL-CVE-2009-4355_PATCH-100115.NASL", "SUSE_11_1_COMPAT-OPENSSL097G-090416.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-090415.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-090609.NASL", "SUSE_11_1_OPENSSL-CVE-2009-4355_PATCH-100120.NASL", "SUSE_11_2_OPENSSL-CVE-2009-4355_PATCH-100115.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_4_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_COMPAT-OPENSSL097G-090416.NASL", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_COMPAT-OPENSSL097G-120830.NASL", "SUSE_11_COMPAT-OPENSSL097G-150122.NASL", "SUSE_11_COMPAT-OPENSSL097G-150317.NASL", "SUSE_11_LIBOPENSSL-DEVEL-090415.NASL", "SUSE_11_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120503.NASL", "SUSE_11_LIBOPENSSL-DEVEL-140812.NASL", "SUSE_11_LIBOPENSSL-DEVEL-150112.NASL", "SUSE_11_LIBOPENSSL-DEVEL-150317.NASL", "SUSE_11_OPENSSL-090610.NASL", "SUSE_11_OPENSSL-CVE-2009-4355_PATCH-100115.NASL", "SUSE_COMPAT-OPENSSL097G-5054.NASL", "SUSE_COMPAT-OPENSSL097G-5055.NASL", "SUSE_COMPAT-OPENSSL097G-6170.NASL", "SUSE_COMPAT-OPENSSL097G-6175.NASL", "SUSE_COMPAT-OPENSSL097G-7644.NASL", "SUSE_COMPAT-OPENSSL097G-7645.NASL", "SUSE_COMPAT-OPENSSL097G-8262.NASL", "SUSE_LIBOPENSSL-DEVEL-4476.NASL", "SUSE_LIBOPENSSL-DEVEL-6173.NASL", "SUSE_LIBOPENSSL-DEVEL-6268.NASL", "SUSE_LIBOPENSSL-DEVEL-6291.NASL", "SUSE_OPENSSL-4477.NASL", "SUSE_OPENSSL-6179.NASL", "SUSE_OPENSSL-6267.NASL", "SUSE_OPENSSL-6296.NASL", "SUSE_OPENSSL-7923.NASL", "SUSE_OPENSSL-8112.NASL", "SUSE_OPENSSL-CVE-2009-4355.PATCH-6783.NASL", "SUSE_OPENSSL-CVE-2009-4355.PATCH-6784.NASL", "SUSE_SU-2015-0541-1.NASL", "SUSE_SU-2015-0553-1.NASL", "SUSE_SU-2015-0946-1.NASL", "SUSE_SU-2015-1143-1.NASL", "SUSE_SU-2015-1150-1.NASL", "SUSE_SU-2015-1177-1.NASL", "SUSE_SU-2015-1177-2.NASL", "SUSE_SU-2015-1181-2.NASL", "SUSE_SU-2015-1182-2.NASL", "SUSE_SU-2015-1183-2.NASL", "SUSE_SU-2015-1184-1.NASL", "SUSE_SU-2015-1184-2.NASL", "SUSE_SU-2015-1268-2.NASL", "SUSE_SU-2015-1269-1.NASL", "SUSE_SU-2015-1319-1.NASL", "SUSE_SU-2015-1320-1.NASL", "SUSE_SU-2015-1329-1.NASL", "SUSE_SU-2015-1331-1.NASL", "SUSE_SU-2015-1345-1.NASL", "SUSE_SU-2015-1375-1.NASL", "SUSE_SU-2015-1449-1.NASL", "SUSE_SU-2015-1482-1.NASL", "SUSE_SU-2015-1509-1.NASL", "SUSE_SU-2015-1526-1.NASL", "SUSE_SU-2015-1544-1.NASL", "SUSE_SU-2015-1547-1.NASL", "SUSE_SU-2015-1547-2.NASL", "SUSE_SU-2015-1581-1.NASL", "SUSE_SU-2015-1695-1.NASL", "SUSE_SU-2015-1840-1.NASL", "SUSE_SU-2015-1851-1.NASL", "SUSE_SU-2015-2303-1.NASL", "SUSE_SU-2016-0224-1.NASL", "SUSE_SU-2016-0617-1.NASL", "SUSE_SU-2016-0620-1.NASL", "SUSE_SU-2016-0624-1.NASL", "SUSE_SU-2016-0631-1.NASL", "SUSE_SU-2016-0641-1.NASL", "SUSE_SU-2016-0678-1.NASL", "SUSE_SU-2016-1618-1.NASL", "SUSE_SU-2016-2209-1.NASL", "SUSE_SU-2016-2385-1.NASL", "SUSE_SU-2018-1768-1.NASL", "SUSE_SU-2019-0572-1.NASL", "SUSE_SU-2019-0600-1.NASL", "SUSE_SU-2019-0658-1.NASL", "SUSE_SU-2019-0803-1.NASL", "SUSE_SU-2019-0818-1.NASL", "SUSE_SU-2019-1362-1.NASL", "SUSE_SU-2019-14091-1.NASL", "SUSE_SU-2019-14092-1.NASL", "SUSE_SU-2019-1553-1.NASL", "SUSE_SU-2019-1608-1.NASL", "SUSE_SU-2023-0586-1.NASL", "TENABLE_NESSUS_AGENT_TNS_2019_03.NASL", "TOMCAT_6_0_43.NASL", "TOMCAT_6_0_44.NASL", "TOMCAT_7_0_57.NASL", "TOMCAT_7_0_60.NASL", "TOMCAT_8_0_15.NASL", "TOMCAT_8_0_21.NASL", "UBUNTU_USN-1357-1.NASL", "UBUNTU_USN-1424-1.NASL", "UBUNTU_USN-1428-1.NASL", "UBUNTU_USN-2308-1.NASL", "UBUNTU_USN-2459-1.NASL", "UBUNTU_USN-2537-1.NASL", "UBUNTU_USN-2639-1.NASL", "UBUNTU_USN-2656-1.NASL", "UBUNTU_USN-2656-2.NASL", "UBUNTU_USN-2673-1.NASL", "UBUNTU_USN-2696-1.NASL", "UBUNTU_USN-2706-1.NASL", "UBUNTU_USN-353-1.NASL", "UBUNTU_USN-3899-1.NASL", "UBUNTU_USN-522-1.NASL", "UBUNTU_USN-750-1.NASL", "UBUNTU_USN-792-1.NASL", "UBUNTU_USN-884-1.NASL", "VIRTUOZZO_VZLSA-2019-2471.NASL", "VMWARE_ESXI_5_0_BUILD_912577_REMOTE.NASL", "VMWARE_ESX_VMSA-2013-0003_REMOTE.NASL", "VMWARE_VCENTER_CONVERTER_2014-0010.NASL", "VMWARE_VMSA-2008-0001.NASL", "VMWARE_VMSA-2008-0013.NASL", "VMWARE_VMSA-2010-0004.NASL", "VMWARE_VMSA-2010-0004_REMOTE.NASL", "VMWARE_VMSA-2010-0009.NASL", "VMWARE_VMSA-2010-0009_REMOTE.NASL", "VMWARE_VMSA-2010-0019.NASL", "VMWARE_VMSA-2010-0019_REMOTE.NASL", "VMWARE_VMSA-2012-0013.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL", "VMWARE_VMSA-2013-0003.NASL", "WEBSPHERE_527817.NASL", "WINSCP_5_5_5.NASL", "XEROX_XRX15AV.NASL"]}, {"type": "nmap", "idList": ["NMAP:SSL-DH-PARAMS.NSE", "NMAP:SSLV2-DROWN.NSE"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:FEBRUARY-2019-SECURITY-RELEASES"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2007-5135", "OPENSSL:CVE-2009-0590", "OPENSSL:CVE-2009-1377", "OPENSSL:CVE-2009-1386", "OPENSSL:CVE-2009-4355", "OPENSSL:CVE-2011-4108", "OPENSSL:CVE-2012-0050", "OPENSSL:CVE-2012-2110", "OPENSSL:CVE-2012-2131", "OPENSSL:CVE-2014-3507", "OPENSSL:CVE-2014-3571", "OPENSSL:CVE-2014-8176", "OPENSSL:CVE-2014-8275", "OPENSSL:CVE-2015-0209", "OPENSSL:CVE-2015-0286", "OPENSSL:CVE-2015-0293", "OPENSSL:CVE-2015-1789", "OPENSSL:CVE-2015-1791", "OPENSSL:CVE-2015-1792", "OPENSSL:CVE-2016-0703", "OPENSSL:CVE-2016-0704", "OPENSSL:CVE-2016-0800", "OPENSSL:CVE-2019-1559"]}, {"type": "openvas", "idList": ["OPENVAS:102024", "OPENVAS:103468", "OPENVAS:103558", "OPENVAS:103672", "OPENVAS:103849", "OPENVAS:1361412562310102024", "OPENVAS:1361412562310103394", "OPENVAS:1361412562310103440", "OPENVAS:1361412562310103468", "OPENVAS:1361412562310103558", "OPENVAS:1361412562310103672", "OPENVAS:1361412562310103849", "OPENVAS:1361412562310105249", "OPENVAS:1361412562310105308", "OPENVAS:1361412562310105364", "OPENVAS:1361412562310105365", "OPENVAS:1361412562310105369", "OPENVAS:1361412562310105396", "OPENVAS:1361412562310105397", "OPENVAS:1361412562310105413", "OPENVAS:1361412562310105567", "OPENVAS:1361412562310105605", "OPENVAS:1361412562310105608", "OPENVAS:1361412562310105678", "OPENVAS:1361412562310105679", "OPENVAS:1361412562310105692", "OPENVAS:1361412562310105798", "OPENVAS:1361412562310106048", "OPENVAS:1361412562310106049", "OPENVAS:1361412562310106354", "OPENVAS:1361412562310107028", "OPENVAS:1361412562310107633", "OPENVAS:1361412562310108555", "OPENVAS:1361412562310108556", "OPENVAS:1361412562310120033", "OPENVAS:1361412562310120041", "OPENVAS:1361412562310120044", "OPENVAS:1361412562310120113", "OPENVAS:1361412562310120151", "OPENVAS:1361412562310120152", "OPENVAS:1361412562310120164", "OPENVAS:1361412562310120204", "OPENVAS:1361412562310120249", "OPENVAS:1361412562310120456", "OPENVAS:1361412562310120507", "OPENVAS:1361412562310120672", "OPENVAS:1361412562310121084", "OPENVAS:1361412562310121297", "OPENVAS:1361412562310121325", "OPENVAS:1361412562310121365", "OPENVAS:1361412562310121379", "OPENVAS:1361412562310121432", "OPENVAS:1361412562310121453", "OPENVAS:1361412562310121457", "OPENVAS:1361412562310122003", "OPENVAS:1361412562310122006", "OPENVAS:1361412562310122398", "OPENVAS:1361412562310122445", "OPENVAS:1361412562310122652", "OPENVAS:1361412562310122898", "OPENVAS:1361412562310123044", "OPENVAS:1361412562310123077", "OPENVAS:1361412562310123080", "OPENVAS:1361412562310123081", "OPENVAS:1361412562310123086", "OPENVAS:1361412562310123090", "OPENVAS:1361412562310123099", "OPENVAS:1361412562310123107", "OPENVAS:1361412562310123135", "OPENVAS:1361412562310123140", "OPENVAS:1361412562310123153", "OPENVAS:1361412562310123154", "OPENVAS:1361412562310123178", "OPENVAS:1361412562310123203", "OPENVAS:1361412562310123331", "OPENVAS:1361412562310123929", "OPENVAS:1361412562310130098", "OPENVAS:1361412562310130109", "OPENVAS:1361412562310130117", "OPENVAS:1361412562310140017", "OPENVAS:1361412562310140019", "OPENVAS:1361412562310140020", "OPENVAS:1361412562310142402", "OPENVAS:1361412562310142403", "OPENVAS:136141256231063720", "OPENVAS:136141256231063790", "OPENVAS:136141256231063802", "OPENVAS:136141256231063810", "OPENVAS:136141256231063899", "OPENVAS:136141256231063968", "OPENVAS:136141256231063996", "OPENVAS:136141256231064118", "OPENVAS:136141256231064132", "OPENVAS:136141256231064196", "OPENVAS:136141256231064246", "OPENVAS:136141256231064247", "OPENVAS:136141256231064248", "OPENVAS:136141256231064360", "OPENVAS:136141256231064799", "OPENVAS:136141256231064920", "OPENVAS:136141256231064935", "OPENVAS:136141256231064947", "OPENVAS:136141256231064948", "OPENVAS:136141256231065437", "OPENVAS:136141256231065556", "OPENVAS:136141256231065659", "OPENVAS:136141256231065668", "OPENVAS:136141256231065675", "OPENVAS:136141256231065793", "OPENVAS:136141256231065890", "OPENVAS:136141256231065894", "OPENVAS:136141256231065897", "OPENVAS:136141256231065974", "OPENVAS:136141256231066370", "OPENVAS:136141256231066517", "OPENVAS:136141256231067042", "OPENVAS:1361412562310702998", "OPENVAS:1361412562310703125", "OPENVAS:1361412562310703197", "OPENVAS:1361412562310703287", "OPENVAS:1361412562310703300", "OPENVAS:1361412562310703316", "OPENVAS:1361412562310703324", "OPENVAS:1361412562310703339", "OPENVAS:1361412562310703688", "OPENVAS:1361412562310704400", "OPENVAS:136141256231070708", "OPENVAS:136141256231070750", "OPENVAS:136141256231070756", "OPENVAS:136141256231070764", "OPENVAS:136141256231071196", "OPENVAS:136141256231071259", "OPENVAS:136141256231071261", "OPENVAS:136141256231071273", "OPENVAS:136141256231071533", "OPENVAS:1361412562310800258", "OPENVAS:1361412562310800259", "OPENVAS:1361412562310800809", "OPENVAS:1361412562310804061", "OPENVAS:1361412562310805188", "OPENVAS:1361412562310805676", "OPENVAS:1361412562310805905", "OPENVAS:1361412562310805906", "OPENVAS:1361412562310805907", "OPENVAS:1361412562310805908", "OPENVAS:1361412562310805913", "OPENVAS:1361412562310805914", "OPENVAS:1361412562310806675", "OPENVAS:1361412562310806676", "OPENVAS:1361412562310806730", "OPENVAS:1361412562310806731", "OPENVAS:1361412562310806733", "OPENVAS:1361412562310806734", "OPENVAS:1361412562310806744", "OPENVAS:1361412562310806745", "OPENVAS:1361412562310807099", "OPENVAS:1361412562310807500", "OPENVAS:1361412562310830210", "OPENVAS:1361412562310830842", "OPENVAS:1361412562310831527", "OPENVAS:1361412562310831533", "OPENVAS:1361412562310831568", "OPENVAS:1361412562310831657", "OPENVAS:1361412562310831679", "OPENVAS:1361412562310835022", "OPENVAS:1361412562310835199", "OPENVAS:1361412562310835229", "OPENVAS:1361412562310840365", "OPENVAS:1361412562310840887", "OPENVAS:1361412562310840985", "OPENVAS:1361412562310840987", "OPENVAS:1361412562310841924", "OPENVAS:1361412562310842062", "OPENVAS:1361412562310842136", "OPENVAS:1361412562310842212", "OPENVAS:1361412562310842242", "OPENVAS:1361412562310842279", "OPENVAS:1361412562310842280", "OPENVAS:1361412562310842375", "OPENVAS:1361412562310842398", "OPENVAS:1361412562310842404", "OPENVAS:1361412562310843920", "OPENVAS:1361412562310850123", "OPENVAS:1361412562310850181", "OPENVAS:1361412562310850630", "OPENVAS:1361412562310850661", "OPENVAS:1361412562310850663", "OPENVAS:1361412562310850664", "OPENVAS:1361412562310850666", "OPENVAS:1361412562310850672", "OPENVAS:1361412562310850678", "OPENVAS:1361412562310850749", "OPENVAS:1361412562310850788", "OPENVAS:1361412562310850827", "OPENVAS:1361412562310850844", "OPENVAS:1361412562310850877", "OPENVAS:1361412562310850898", "OPENVAS:1361412562310850905", "OPENVAS:1361412562310850914", "OPENVAS:1361412562310850941", "OPENVAS:1361412562310850964", "OPENVAS:1361412562310850995", "OPENVAS:1361412562310851042", "OPENVAS:1361412562310851044", "OPENVAS:1361412562310851077", "OPENVAS:1361412562310851141", "OPENVAS:1361412562310851167", "OPENVAS:1361412562310851168", "OPENVAS:1361412562310851173", "OPENVAS:1361412562310851183", "OPENVAS:1361412562310851219", "OPENVAS:1361412562310851221", "OPENVAS:1361412562310851222", "OPENVAS:1361412562310851223", "OPENVAS:1361412562310851224", "OPENVAS:1361412562310851228", "OPENVAS:1361412562310852363", "OPENVAS:1361412562310852378", "OPENVAS:1361412562310852411", "OPENVAS:1361412562310852412", "OPENVAS:1361412562310852592", "OPENVAS:1361412562310852946", "OPENVAS:1361412562310855192", "OPENVAS:1361412562310855322", "OPENVAS:1361412562310855646", "OPENVAS:1361412562310855648", "OPENVAS:1361412562310855653", "OPENVAS:1361412562310855759", "OPENVAS:1361412562310855776", "OPENVAS:1361412562310861878", "OPENVAS:1361412562310861956", "OPENVAS:1361412562310862152", "OPENVAS:1361412562310862163", "OPENVAS:1361412562310862568", "OPENVAS:1361412562310863683", "OPENVAS:1361412562310863704", "OPENVAS:1361412562310863945", "OPENVAS:1361412562310864019", "OPENVAS:1361412562310864192", "OPENVAS:1361412562310864229", "OPENVAS:1361412562310864279", "OPENVAS:1361412562310864283", "OPENVAS:1361412562310864325", "OPENVAS:1361412562310868079", "OPENVAS:1361412562310868082", "OPENVAS:1361412562310868415", "OPENVAS:1361412562310868417", "OPENVAS:1361412562310868705", "OPENVAS:1361412562310868855", "OPENVAS:1361412562310868921", "OPENVAS:1361412562310868936", "OPENVAS:1361412562310869117", "OPENVAS:1361412562310869125", "OPENVAS:1361412562310869342", "OPENVAS:1361412562310869362", "OPENVAS:1361412562310869382", "OPENVAS:1361412562310869416", "OPENVAS:1361412562310869446", "OPENVAS:1361412562310869448", "OPENVAS:1361412562310869449", "OPENVAS:1361412562310869465", "OPENVAS:1361412562310869508", "OPENVAS:1361412562310869536", "OPENVAS:1361412562310869559", "OPENVAS:1361412562310869605", "OPENVAS:1361412562310869719", "OPENVAS:1361412562310869732", "OPENVAS:1361412562310869740", "OPENVAS:1361412562310869742", "OPENVAS:1361412562310870209", "OPENVAS:1361412562310870243", "OPENVAS:1361412562310870532", "OPENVAS:1361412562310870589", "OPENVAS:1361412562310870668", "OPENVAS:1361412562310871227", "OPENVAS:1361412562310871300", "OPENVAS:1361412562310871339", "OPENVAS:1361412562310871340", "OPENVAS:1361412562310871353", "OPENVAS:1361412562310871364", "OPENVAS:1361412562310871376", "OPENVAS:1361412562310871382", "OPENVAS:1361412562310871385", "OPENVAS:1361412562310871390", "OPENVAS:1361412562310871391", "OPENVAS:1361412562310871392", "OPENVAS:1361412562310871422", "OPENVAS:1361412562310871569", "OPENVAS:1361412562310876840", "OPENVAS:1361412562310876846", "OPENVAS:1361412562310877283", "OPENVAS:1361412562310880380", "OPENVAS:1361412562310880385", "OPENVAS:1361412562310880647", "OPENVAS:1361412562310880738", "OPENVAS:1361412562310881066", "OPENVAS:1361412562310881108", "OPENVAS:1361412562310881134", "OPENVAS:1361412562310881190", "OPENVAS:1361412562310881988", "OPENVAS:1361412562310882005", "OPENVAS:1361412562310882095", "OPENVAS:1361412562310882101", "OPENVAS:1361412562310882132", "OPENVAS:1361412562310882147", "OPENVAS:1361412562310882163", "OPENVAS:1361412562310882192", "OPENVAS:1361412562310882194", "OPENVAS:1361412562310882198", "OPENVAS:1361412562310882199", "OPENVAS:1361412562310882207", "OPENVAS:1361412562310882208", "OPENVAS:1361412562310882209", "OPENVAS:1361412562310882210", "OPENVAS:1361412562310882215", "OPENVAS:1361412562310882220", "OPENVAS:1361412562310882221", "OPENVAS:1361412562310882222", "OPENVAS:1361412562310882224", "OPENVAS:1361412562310882225", "OPENVAS:1361412562310882236", "OPENVAS:1361412562310882237", "OPENVAS:1361412562310882412", "OPENVAS:1361412562310882414", "OPENVAS:1361412562310883097", "OPENVAS:1361412562310891701", "OPENVAS:1361412562310900653", "OPENVAS:1361412562310900654", "OPENVAS:1361412562311220191145", "OPENVAS:1361412562311220191258", "OPENVAS:1361412562311220191325", "OPENVAS:1361412562311220191326", "OPENVAS:1361412562311220191400", "OPENVAS:1361412562311220191548", "OPENVAS:1361412562311220191861", "OPENVAS:1361412562311220191980", "OPENVAS:1361412562311220192271", "OPENVAS:1361412562311220192509", "OPENVAS:1361412562311220192643", "OPENVAS:1361412562311220201629", "OPENVAS:1361412562311220201637", "OPENVAS:1361412562311220201774", "OPENVAS:58634", "OPENVAS:58639", "OPENVAS:58645", "OPENVAS:58654", "OPENVAS:61041", "OPENVAS:63720", "OPENVAS:63750", "OPENVAS:63751", "OPENVAS:63790", "OPENVAS:63802", "OPENVAS:63810", "OPENVAS:63899", "OPENVAS:63968", "OPENVAS:63996", "OPENVAS:64118", "OPENVAS:64132", "OPENVAS:64196", "OPENVAS:64246", "OPENVAS:64247", "OPENVAS:64248", "OPENVAS:64323", "OPENVAS:64360", "OPENVAS:64799", "OPENVAS:64920", "OPENVAS:64935", "OPENVAS:64947", "OPENVAS:64948", "OPENVAS:65437", "OPENVAS:65556", "OPENVAS:65659", "OPENVAS:65668", "OPENVAS:65675", "OPENVAS:65793", "OPENVAS:65890", "OPENVAS:65894", "OPENVAS:65897", "OPENVAS:65974", "OPENVAS:66370", "OPENVAS:66517", "OPENVAS:67042", "OPENVAS:702998", "OPENVAS:703125", "OPENVAS:703197", "OPENVAS:703287", "OPENVAS:703300", "OPENVAS:703316", "OPENVAS:703324", "OPENVAS:703339", "OPENVAS:703688", "OPENVAS:70708", "OPENVAS:70750", "OPENVAS:70756", "OPENVAS:70764", "OPENVAS:71196", "OPENVAS:71259", "OPENVAS:71261", "OPENVAS:71273", "OPENVAS:71533", "OPENVAS:800258", "OPENVAS:830210", "OPENVAS:830842", "OPENVAS:831527", "OPENVAS:831533", "OPENVAS:831568", "OPENVAS:831657", "OPENVAS:831679", "OPENVAS:835022", "OPENVAS:835199", "OPENVAS:835229", "OPENVAS:840078", "OPENVAS:840365", "OPENVAS:840887", "OPENVAS:840985", "OPENVAS:840987", "OPENVAS:850123", "OPENVAS:850181", "OPENVAS:855192", "OPENVAS:855322", "OPENVAS:855646", "OPENVAS:855648", "OPENVAS:855653", "OPENVAS:855759", "OPENVAS:855776", "OPENVAS:861429", "OPENVAS:861545", "OPENVAS:861878", "OPENVAS:861956", "OPENVAS:862152", "OPENVAS:862163", "OPENVAS:862568", "OPENVAS:863683", "OPENVAS:863704", "OPENVAS:863945", "OPENVAS:864019", "OPENVAS:864192", "OPENVAS:864229", "OPENVAS:864279", "OPENVAS:864283", "OPENVAS:864325", "OPENVAS:870209", "OPENVAS:870243", "OPENVAS:870532", "OPENVAS:870589", "OPENVAS:870668", "OPENVAS:880380", "OPENVAS:880385", "OPENVAS:880647", "OPENVAS:880738", "OPENVAS:881066", "OPENVAS:881108", "OPENVAS:881134", "OPENVAS:881190", "OPENVAS:900654"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000009"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2015", "ORACLE:CPUAPR2016V3", "ORACLE:CPUAPR2017", "ORACLE:CPUAPR2019", "ORACLE:CPUJAN2016", "ORACLE:CPUJAN2017", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJUL2015", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2019", "ORACLE:CPUOCT2015", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2019"]}, {"type": "oraclelinux", "idList": ["ELSA-2007-0813", "ELSA-2007-0964", "ELSA-2007-1003", "ELSA-2009-1335", "ELSA-2010-0054", "ELSA-2010-0163", "ELSA-2012-0059", "ELSA-2012-0060", "ELSA-2012-0518", "ELSA-2012-2011", "ELSA-2014-0626", "ELSA-2014-1052", "ELSA-2014-1652", "ELSA-2015-0066", "ELSA-2015-0715", "ELSA-2015-0716", "ELSA-2015-0800", "ELSA-2015-1072", "ELSA-2015-1115", "ELSA-2015-1185", "ELSA-2015-1197", "ELSA-2015-1228", "ELSA-2015-1229", "ELSA-2015-1230", "ELSA-2015-1526", "ELSA-2015-2616", "ELSA-2015-2617", "ELSA-2015-3010", "ELSA-2015-3022", "ELSA-2016-0302", "ELSA-2016-0372", "ELSA-2016-1137", "ELSA-2016-3621", "ELSA-2019-2304", "ELSA-2019-2471", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2019-4754", "ELSA-2021-9121", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:DLA-132-1", "OSV:DLA-1701-1", "OSV:DLA-177-1", "OSV:DLA-247-1", "OSV:DLA-303-1", "OSV:DLA-33-1", "OSV:DLA-507-1", "OSV:DSA-1379-1", "OSV:DSA-1763-1", "OSV:DSA-1888-1", "OSV:DSA-1970-1", "OSV:DSA-2390-1", "OSV:DSA-2454-1", "OSV:DSA-2454-2", "OSV:DSA-2998-1", "OSV:DSA-3125-1", "OSV:DSA-3197-1", "OSV:DSA-3197-2", "OSV:DSA-3287-1", "OSV:DSA-3300-1", "OSV:DSA-3316-1", "OSV:DSA-3324-1", "OSV:DSA-3339-1", "OSV:DSA-3688-1", "OSV:DSA-4400-1"]}, {"type": "paloalto", "idList": ["PAN-SA-2012-0017", "PAN-SA-2016-0020", "PAN-SA-2016-0028", "PAN-SA-2016-0030", "PAN-SA-2019-0039"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:78FF70CE4BB196D19E90B71797AD8A5A"]}, {"type": "redhat", "idList": ["RHSA-2007:0813", "RHSA-2007:0964", "RHSA-2007:1003", "RHSA-2009:1335", "RHSA-2010:0054", "RHSA-2010:0095", "RHSA-2010:0163", "RHSA-2012:0059", "RHSA-2012:0060", "RHSA-2012:0109", "RHSA-2012:0168", "RHSA-2012:0518", "RHSA-2012:0522", "RHSA-2012:1306", "RHSA-2012:1307", "RHSA-2012:1308", "RHSA-2014:1052", "RHSA-2014:1054", "RHSA-2015:0066", "RHSA-2015:0715", "RHSA-2015:0716", "RHSA-2015:0752", "RHSA-2015:0800", "RHSA-2015:1072", "RHSA-2015:1115", "RHSA-2015:1185", "RHSA-2015:1197", "RHSA-2015:1228", "RHSA-2015:1229", "RHSA-2015:1230", "RHSA-2015:1241", "RHSA-2015:1242", "RHSA-2015:1243", "RHSA-2015:1485", "RHSA-2015:1486", "RHSA-2015:1488", "RHSA-2015:1526", "RHSA-2015:1544", "RHSA-2015:1604", "RHSA-2016:0303", "RHSA-2016:0304", "RHSA-2016:0306", "RHSA-2016:0372", "RHSA-2016:0445", "RHSA-2016:0446", "RHSA-2016:0490", "RHSA-2016:2957", "RHSA-2019:2304", "RHSA-2019:2437", "RHSA-2019:2439", "RHSA-2019:2471", "RHSA-2019:3929", "RHSA-2019:3931"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-1559"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18187", "SECURITYVULNS:DOC:18820", "SECURITYVULNS:DOC:21564", "SECURITYVULNS:DOC:21866", "SECURITYVULNS:DOC:22079", "SECURITYVULNS:DOC:22323", "SECURITYVULNS:DOC:23048", "SECURITYVULNS:DOC:23702", "SECURITYVULNS:DOC:27941", "SECURITYVULNS:DOC:28007", "SECURITYVULNS:DOC:28164", "SECURITYVULNS:DOC:28706", "SECURITYVULNS:DOC:29464", "SECURITYVULNS:DOC:29623", "SECURITYVULNS:DOC:29856", "SECURITYVULNS:DOC:30448", "SECURITYVULNS:DOC:31591", "SECURITYVULNS:DOC:31682", "SECURITYVULNS:DOC:31890", "SECURITYVULNS:DOC:32203", "SECURITYVULNS:DOC:32265", "SECURITYVULNS:DOC:32267", "SECURITYVULNS:DOC:32390", "SECURITYVULNS:DOC:32423", "SECURITYVULNS:DOC:32492", "SECURITYVULNS:DOC:32493", "SECURITYVULNS:DOC:32494", "SECURITYVULNS:DOC:32514", "SECURITYVULNS:DOC:32522", "SECURITYVULNS:VULN:10014", "SECURITYVULNS:VULN:10519", "SECURITYVULNS:VULN:10790", "SECURITYVULNS:VULN:12150", "SECURITYVULNS:VULN:12332", "SECURITYVULNS:VULN:12425", "SECURITYVULNS:VULN:12679", "SECURITYVULNS:VULN:13198", "SECURITYVULNS:VULN:13310", "SECURITYVULNS:VULN:13663", "SECURITYVULNS:VULN:13908", "SECURITYVULNS:VULN:14192", "SECURITYVULNS:VULN:14333", "SECURITYVULNS:VULN:14366", "SECURITYVULNS:VULN:14393", "SECURITYVULNS:VULN:14530", "SECURITYVULNS:VULN:14561", "SECURITYVULNS:VULN:14562", "SECURITYVULNS:VULN:14573", "SECURITYVULNS:VULN:14601", "SECURITYVULNS:VULN:14630", "SECURITYVULNS:VULN:14678", "SECURITYVULNS:VULN:14696", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14755", "SECURITYVULNS:VULN:9787", "SECURITYVULNS:VULN:9925"]}, {"type": "seebug", "idList": ["SSV:11378", "SSV:11530", "SSV:11541", "SSV:60076", "SSV:66601", "SSV:72797", "SSV:90853"]}, {"type": "slackware", "idList": ["SSA-2009-098-01", "SSA-2014-220-01", "SSA-2015-009-01", "SSA-2015-111-09", "SSA-2015-162-01", "SSA-2019-057-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0845-1", "OPENSUSE-SU-2012:0083-1", "OPENSUSE-SU-2015:0130-1", "OPENSUSE-SU-2015:1139-1", "OPENSUSE-SU-2015:1216-1", "OPENSUSE-SU-2015:1229-1", "OPENSUSE-SU-2015:1266-1", "OPENSUSE-SU-2015:1277-1", "OPENSUSE-SU-2015:1288-1", "OPENSUSE-SU-2015:1289-1", "OPENSUSE-SU-2015:2243-1", "OPENSUSE-SU-2016:0226-1", "OPENSUSE-SU-2016:0255-1", "OPENSUSE-SU-2016:0261-1", "OPENSUSE-SU-2016:0628-1", "OPENSUSE-SU-2016:0637-1", "OPENSUSE-SU-2016:0638-1", "OPENSUSE-SU-2016:0640-1", "OPENSUSE-SU-2016:0720-1", "OPENSUSE-SU-2019:1076-1", "OPENSUSE-SU-2019:1105-1", "OPENSUSE-SU-2019:1173-1", "OPENSUSE-SU-2019:1175-1", "OPENSUSE-SU-2019:1432-1", "OPENSUSE-SU-2019:1637-1", "SUSE-SA:2010:008", "SUSE-SU-2011:0847-1", "SUSE-SU-2012:0084-1", "SUSE-SU-2012:0623-1", "SUSE-SU-2012:0637-1", "SUSE-SU-2012:0674-1", "SUSE-SU-2012:1149-1", "SUSE-SU-2012:1149-2", "SUSE-SU-2014:0320-1", "SUSE-SU-2015:0541-1", "SUSE-SU-2015:0553-1", "SUSE-SU-2015:0553-2", "SUSE-SU-2015:0578-1", "SUSE-SU-2015:0946-1", "SUSE-SU-2015:1143-1", "SUSE-SU-2015:1150-1", "SUSE-SU-2015:1177-1", "SUSE-SU-2015:1177-2", "SUSE-SU-2015:1181-1", "SUSE-SU-2015:1181-2", "SUSE-SU-2015:1182-1", "SUSE-SU-2015:1182-2", "SUSE-SU-2015:1183-1", "SUSE-SU-2015:1183-2", "SUSE-SU-2015:1184-1", "SUSE-SU-2015:1184-2", "SUSE-SU-2015:1185-1", "SUSE-SU-2015:1268-1", "SUSE-SU-2015:1268-2", "SUSE-SU-2015:1269-1", "SUSE-SU-2015:1319-1", "SUSE-SU-2015:1320-1", "SUSE-SU-2015:1329-1", "SUSE-SU-2015:1331-1", "SUSE-SU-2015:1345-1", "SUSE-SU-2015:1375-1", "SUSE-SU-2015:1449-1", "SUSE-SU-2015:1509-1", "SUSE-SU-2015:1581-1", "SUSE-SU-2015:1663-1", "SUSE-SU-2016:0224-1", "SUSE-SU-2016:0262-1", "SUSE-SU-2016:0617-1", "SUSE-SU-2016:0620-1", "SUSE-SU-2016:0621-1", "SUSE-SU-2016:0624-1", "SUSE-SU-2016:0631-1", "SUSE-SU-2016:0641-1", "SUSE-SU-2016:0678-1", "SUSE-SU-2016:0748-1", "SUSE-SU-2016:0778-1", "SUSE-SU-2016:0786-1", "SUSE-SU-2016:1057-1"]}, {"type": "symantec", "idList": ["SMNTC-107174", "SMNTC-1325", "SMNTC-1347", "SMNTC-1351", "SMNTC-1490"]}, {"type": "thn", "idList": ["THN:14FEFACD6D6241B6574057C2175775D1", "THN:F450AB9C3FB6FDB4B44FC6D9EE5E9AD4"]}, {"type": "threatpost", "idList": ["THREATPOST:23E7D03B5F2EC42BD327B51AEE52D550", "THREATPOST:7C04F69C011AEFD7882B6B95405A26C6", "THREATPOST:9982AC17285494A6CE329FC5C04DD84A", "THREATPOST:B5CB39945899ADD3A3D3790E21175180", "THREATPOST:F992B1B74265E26E8C7499D1F03622D7"]}, {"type": "ubuntu", "idList": ["USN-1357-1", "USN-1424-1", "USN-1428-1", "USN-2308-1", "USN-2459-1", "USN-2537-1", "USN-2639-1", "USN-2656-1", "USN-2656-2", "USN-2673-1", "USN-2696-1", "USN-2706-1", "USN-3899-1", "USN-4376-2", "USN-522-1", "USN-750-1", "USN-792-1", "USN-884-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-5135", "UB:CVE-2009-0590", "UB:CVE-2009-1377", "UB:CVE-2009-1386", "UB:CVE-2009-4355", "UB:CVE-2011-4108", "UB:CVE-2012-0050", "UB:CVE-2012-0390", "UB:CVE-2012-2110", "UB:CVE-2012-2131", "UB:CVE-2014-3507", "UB:CVE-2014-3571", "UB:CVE-2014-8176", "UB:CVE-2014-8275", "UB:CVE-2015-0209", "UB:CVE-2015-0286", "UB:CVE-2015-0293", "UB:CVE-2015-1789", "UB:CVE-2015-1791", "UB:CVE-2015-1792", "UB:CVE-2015-4000", "UB:CVE-2016-0703", "UB:CVE-2019-1559"]}, {"type": "veracode", "idList": ["VERACODE:23961", "VERACODE:23962", "VERACODE:23965", "VERACODE:24138", "VERACODE:24954"]}, {"type": "vmware", "idList": ["VMSA-2008-0001", "VMSA-2008-0001.1", "VMSA-2008-0013", "VMSA-2008-0013.4", "VMSA-2010-0004", "VMSA-2010-0004.5", "VMSA-2010-0009", "VMSA-2010-0009.2", "VMSA-2010-0019", "VMSA-2010-0019.3", "VMSA-2012-0013", "VMSA-2012-0013.2", "VMSA-2013-0003"]}]}, "score": {"value": 0.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY30.ASC", "OPENSSL_ADVISORY4.ASC", "SENDMAIL_ADVISORY2.ASC"]}, {"type": "amazon", "idList": ["ALAS-2019-1188"]}, {"type": "archlinux", "idList": ["ASA-201903-2", "ASA-201903-6"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-44296"]}, {"type": "centos", "idList": ["CESA-2019:2304", "CESA-2019:2471"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-0039", "CPAI-2015-0802"]}, {"type": "checkpoint_security", "idList": ["CPS:SK33695", "CPS:SK35708", "CPS:SK71821"]}, {"type": "cisa", "idList": ["CISA:C6FC512213BBB287A39B2B11F25268A6"]}, {"type": "cisco", "idList": ["CISCO-SA-20150320-OPENSSL", "CISCO-SA-20150612-OPENSSL"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:2612C84317452E216670EAF7C553C9D4", "CFOUNDRY:9508E80FC3841EA0C8796974EB59D970"]}, {"type": "cve", "idList": ["CVE-2006-3738", "CVE-2007-5135", "CVE-2016-0703", "CVE-2019-1559"]}, {"type": "debian", "idList": ["DEBIAN:DLA-132-1:941A7", "DEBIAN:DLA-1701-1:59A22", "DEBIAN:DLA-303-1:590A1", "DEBIAN:DSA-2998-1:7D1C0", "DEBIAN:DSA-3688-1:3F736", "DEBIAN:DSA-4400-1:84438"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-1792", "DEBIANCVE:CVE-2016-0703", "DEBIANCVE:CVE-2019-1559"]}, {"type": "exploitdb", "idList": ["EDB-ID:18756"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B68BB9381148CAC1A9824EB84CA5D160"]}, {"type": "f5", "idList": ["F5:K15573", "F5:K16321", "F5:K16674", "F5:K18549143", "SOL15351", "SOL15358", "SOL15366", "SOL15388", "SOL15405", "SOL15417", "SOL16285", "SOL16317", "SOL17454", "SOL8106", "SOL95463126"]}, {"type": "fedora", "idList": ["FEDORA:08AC0606CFA2", "FEDORA:2BE5D60BDFEF", "FEDORA:6F712609154B", "FEDORA:A271421BA0", "FEDORA:C4B9C600DD15", "FEDORA:C5613607A3CF", "FEDORA:D0DE56087498"]}, {"type": "fortinet", "idList": ["FG-IR-15-014"]}, {"type": "freebsd", "idList": ["2AE114DE-C064-11E1-B5E0-000C299B62E1", "4E536C14-9791-11E4-977D-D050992ECDE8", "5C5F19CE-43AF-11E1-89B4-001EC9578670", "7184F92E-8BB8-11E1-8D7B-003067B2972C", "78CC8A46-3E56-11E1-89B4-001EC9578670", "82B55DF8-4D5A-11DE-8811-0030843D3802", "B71D7193-3C54-11E9-A3F9-00155D006B02", "FBC8413F-2F7A-11DE-9A3F-001B77D09812"]}, {"type": "gentoo", "idList": ["GLSA-201903-10"]}, {"type": "hackerone", "idList": ["H1:138179"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20141008-OPENSSL"]}, {"type": "ibm", "idList": ["0C850FECD02720FE8E127F730E7172757B14E40919BABE4F7D431689A5B199DB", "1F234EFC9BCA33D00375D73A19EA38D309527628B71CCB02CAF517D9F70083C2", "22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "2A5E5140226F7DD38A791DE1E8EE7913E3512D8FCB1A86411DA5AFF49D8E6F4A", "5D0CC6456D2278646647F1A4FEFECEB673F2B5D1F99FBBC5755735CEF5AA6268", "6234195C7E31959F34FEEB3A01B3AE191F8EB55B62E74A9D49559D08BB9DC38C", "6808EC84BE4A9DD5A0B439C6FCE9D4EA1BDF91E3E0DEBF72E5BEFD925D973E99", "721E6575EC4195C159F3DFAD38C6122D1576DA30768EE56292CD196BFE358988", "7545FC6960BC08536BD63AD777890D26CE8FBACF18C55DCC74C636085DAC612B", "838185B2913A44E852BC8B77D80730F1A8E62A2DF3C8C992C682B9C59DBF08C9", "969B869C858F640A6283D702296C23A13A8A64586452AB7E6A37D5DA25ABC7B6", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "A5EE6903D383C042ADBB5FEF76C2F60C5F1B6BFAAA0ABAB88DC4660244B7AED4", "A9ABCB46C2AB3205C68FA05A05C66734611D213CAC0440DC7D00A0FFBBB76A34", "C1DB9DF00AB208BADC001393BCFE99FE4AD1B2C7C68488061EC684A276D26990", "C5F0A3013333B48D4C08CB3D13549994F17CDBB3EA06E50A46D8068D5A06FCAC", "C83F675C530B12620988F0C65F58B32931125E0012C4B7C771823623ECB73255", "DDE3DEB25676ADC1DB480364A779909356249858CDB0D097DC67216D3015C436", "F8F311B3072223D52EB3D8154BEE85BE4F61B6D245F44A1A11E0A790CE3F0D4E", "FCEEB61FFF0AA043526B3AD29A5AA38A5A5E8F0EBFEBFB7196BA2301B080971B"]}, {"type": "ics", "idList": ["ICSA-17-094-04"]}, {"type": "kaspersky", "idList": ["KLA10629"]}, {"type": "kitploit", "idList": ["KITPLOIT:6228086289371789135"]}, {"type": "lenovo", "idList": ["LENOVO:PS500190-NOSID"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AIX-5.3-OPENSSL_ADVISORY12_CVE-2014-3571/", "MSF:ILITIES/AMAZON-LINUX-AMI-ALAS-2012-73/", "MSF:ILITIES/CENTOS_LINUX-CVE-2014-3507/", "MSF:ILITIES/CISCO-ANYCONNECT-CVE-2014-8176/", "MSF:ILITIES/HPUX-CVE-2012-2110/", "MSF:ILITIES/IBM-AIX-CVE-2014-8176/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2014-3571/"]}, {"type": "mozilla", "idList": ["MFSA2015-70"]}, {"type": "nessus", "idList": ["8662.PRM", "AIX_IV75646.NASL", "AIX_OPENSSL_ADVISORY3.NASL", "ALA_ALAS-2012-38.NASL", "ALA_ALAS-2015-570.NASL", "CENTOS_RHSA-2009-1335.NASL", "CENTOS_RHSA-2010-0054.NASL", "CENTOS_RHSA-2010-0163.NASL", "CISCO-SA-20150320-OPENSSL-IOS.NASL", "DB2_105FP7_WIN.NASL", "DEBIAN_DSA-2390.NASL", "DEBIAN_DSA-3125.NASL", "DEBIAN_DSA-3300.NASL", "EULEROS_SA-2019-2271.NASL", "F5_BIGIP_SOL16674.NASL", "F5_BIGIP_SOL95463126.NASL", "FEDORA_2010-5357.NASL", "FEDORA_2012-18035.NASL", "FEDORA_2014-17587.NASL", "FEDORA_2015-0601.NASL", "FEDORA_2015-10047.NASL", "FREEBSD_PKG_78CC8A463E5611E189B4001EC9578670.NASL", "FREEBSD_PKG_82B55DF84D5A11DE88110030843D3802.NASL", "GENTOO_GLSA-201512-10.NASL", "MACOSX_SECUPD2015-005.NASL", "MANDRAKE_MDKSA-2006-172.NASL", "MANDRIVA_MDVSA-2012-007.NASL", "MANDRIVA_MDVSA-2012-060.NASL", "MCAFEE_FIREWALL_ENTERPRISE_SB10102.NASL", "OPENSSL_1_0_0I.NASL", "OPENSUSE-2015-474.NASL", "OPENSUSE-2015-512.NASL", "OPENSUSE-2015-889.NASL", "OPENSUSE-2016-104.NASL", "ORACLELINUX_ELSA-2012-0060.NASL", "ORACLELINUX_ELSA-2012-0518.NASL", "ORACLELINUX_ELSA-2014-1052.NASL", "ORACLELINUX_ELSA-2015-1230.NASL", "ORACLEVM_OVMSA-2015-0065.NASL", "ORACLE_E-BUSINESS_CPU_JUL_2015.NASL", "ORACLE_JAVA_CPU_JUL_2015.NASL", "REDHAT-RHSA-2007-0964.NASL", "REDHAT-RHSA-2012-0060.NASL", "SLACKWARE_SSA_2015-162-01.NASL", "SL_20071022_OPENSSL_ON_SL3.NASL", "SL_20100325_OPENSSL_ON_SL3_X.NASL", "SL_20150413_OPENSSL_ON_SL5_X.NASL", "SPLUNK_618.NASL", "SPLUNK_625.NASL", "SSL_LOGJAM.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-090609.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_OPENSSL-090610.NASL", "SUSE_OPENSSL-7923.NASL", "SUSE_OPENSSL-8112.NASL", "SUSE_OPENSSL-CVE-2009-4355.PATCH-6783.NASL", "SUSE_SU-2015-1181-2.NASL", "SUSE_SU-2015-1184-2.NASL", "SUSE_SU-2015-1547-2.NASL", "UBUNTU_USN-2537-1.NASL", "UBUNTU_USN-2656-1.NASL", "UBUNTU_USN-2706-1.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL"]}, {"type": "nmap", "idList": ["NMAP:SSL-DH-PARAMS.NSE"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2011-4108", "OPENSSL:CVE-2014-3507", "OPENSSL:CVE-2014-3571", "OPENSSL:CVE-2015-0209"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105364", "OPENVAS:1361412562310107633", "OPENVAS:1361412562310108555", "OPENVAS:1361412562310108556", "OPENVAS:1361412562310120044", "OPENVAS:1361412562310120151", "OPENVAS:1361412562310123090", "OPENVAS:1361412562310123331", "OPENVAS:1361412562310130098", "OPENVAS:1361412562310130117", "OPENVAS:1361412562310140017", "OPENVAS:1361412562310142402", "OPENVAS:1361412562310142403", "OPENVAS:136141256231064246", "OPENVAS:136141256231064935", "OPENVAS:136141256231065890", "OPENVAS:136141256231065974", "OPENVAS:136141256231066517", "OPENVAS:1361412562310703287", "OPENVAS:1361412562310703300", "OPENVAS:1361412562310703339", "OPENVAS:1361412562310704400", "OPENVAS:136141256231070708", "OPENVAS:136141256231070756", "OPENVAS:1361412562310800809", "OPENVAS:1361412562310805188", "OPENVAS:1361412562310805914", "OPENVAS:1361412562310806675", "OPENVAS:1361412562310806730", "OPENVAS:1361412562310806731", "OPENVAS:1361412562310835229", "OPENVAS:1361412562310843920", "OPENVAS:1361412562310850749", "OPENVAS:1361412562310850914", "OPENVAS:1361412562310851173", "OPENVAS:1361412562310852363", "OPENVAS:1361412562310852378", "OPENVAS:1361412562310852411", "OPENVAS:1361412562310852412", "OPENVAS:1361412562310864019", "OPENVAS:1361412562310868705", "OPENVAS:1361412562310871364", "OPENVAS:1361412562310882163", "OPENVAS:1361412562310882210", "OPENVAS:1361412562310882412", "OPENVAS:1361412562310883097", "OPENVAS:1361412562310891701", "OPENVAS:1361412562310900654", "OPENVAS:63968", "OPENVAS:64196", "OPENVAS:64948", "OPENVAS:830842", "OPENVAS:840365", "OPENVAS:863945", "OPENVAS:864283", "OPENVAS:870243", "OPENVAS:881066"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2015-2367936", "ORACLE:CPUJUL2017-3236622"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1185", "ELSA-2019-2304", "ELSA-2019-2471", "ELSA-2019-4754"]}, {"type": "paloalto", "idList": ["PAN-SA-2019-0039"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:78FF70CE4BB196D19E90B71797AD8A5A"]}, {"type": "redhat", "idList": ["RHSA-2012:0060", "RHSA-2015:0715", "RHSA-2019:2471"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29464", "SECURITYVULNS:VULN:14562", "SECURITYVULNS:VULN:14573"]}, {"type": "seebug", "idList": ["SSV:11541"]}, {"type": "slackware", "idList": ["SSA-2019-057-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1076-1", "OPENSUSE-SU-2019:1105-1", "OPENSUSE-SU-2019:1173-1", "OPENSUSE-SU-2019:1175-1", "SUSE-SU-2012:0637-1", "SUSE-SU-2012:1149-2", "SUSE-SU-2015:1181-2", "SUSE-SU-2015:1183-1", "SUSE-SU-2015:1183-2", "SUSE-SU-2015:1184-2", "SUSE-SU-2015:1268-2", "SUSE-SU-2016:0262-1"]}, {"type": "symantec", "idList": ["SMNTC-1490"]}, {"type": "thn", "idList": ["THN:F450AB9C3FB6FDB4B44FC6D9EE5E9AD4"]}, {"type": "threatpost", "idList": ["THREATPOST:B5CB39945899ADD3A3D3790E21175180"]}, {"type": "ubuntu", "idList": ["USN-2696-1", "USN-3899-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-8176", "UB:CVE-2015-1789", "UB:CVE-2015-1791", "UB:CVE-2019-1559"]}, {"type": "vmware", "idList": ["VMSA-2010-0019.3"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2007-5135", "epss": "0.571230000", "percentile": "0.971150000", "modified": "2023-03-15"}, {"cve": "CVE-2009-0590", "epss": "0.070390000", "percentile": "0.928740000", "modified": "2023-03-15"}, {"cve": "CVE-2009-1377", "epss": "0.053020000", "percentile": "0.918500000", "modified": "2023-03-15"}, {"cve": "CVE-2009-1386", "epss": "0.050640000", "percentile": "0.916530000", "modified": "2023-03-15"}, {"cve": "CVE-2009-4355", "epss": "0.203540000", "percentile": "0.955570000", "modified": "2023-03-15"}, {"cve": "CVE-2011-4108", "epss": "0.004850000", "percentile": "0.722730000", "modified": "2023-03-15"}, {"cve": "CVE-2012-2110", "epss": "0.110130000", "percentile": "0.941900000", "modified": "2023-03-15"}, {"cve": "CVE-2014-3507", "epss": "0.940460000", "percentile": "0.986230000", "modified": "2023-03-15"}, {"cve": "CVE-2014-3571", "epss": "0.809750000", "percentile": "0.977550000", "modified": "2023-03-15"}, {"cve": "CVE-2014-8176", "epss": "0.050130000", "percentile": "0.916180000", "modified": "2023-03-15"}, {"cve": "CVE-2014-8275", "epss": "0.010560000", "percentile": "0.817940000", "modified": "2023-03-15"}, {"cve": "CVE-2015-0209", "epss": "0.135080000", "percentile": "0.946620000", "modified": "2023-03-15"}, {"cve": "CVE-2015-0286", "epss": "0.957700000", "percentile": "0.990200000", "modified": "2023-03-15"}, {"cve": "CVE-2015-0293", "epss": "0.518730000", "percentile": "0.969700000", "modified": "2023-03-15"}, {"cve": "CVE-2015-1789", "epss": "0.346210000", "percentile": "0.964050000", "modified": "2023-03-15"}, {"cve": "CVE-2015-1791", "epss": "0.330470000", "percentile": "0.963400000", "modified": "2023-03-15"}, {"cve": "CVE-2015-1792", "epss": "0.634140000", "percentile": "0.972510000", "modified": "2023-03-15"}, {"cve": "CVE-2015-4000", "epss": "0.973690000", "percentile": "0.997990000", "modified": "2023-03-15"}, {"cve": "CVE-2016-0703", "epss": "0.004610000", "percentile": "0.715060000", "modified": "2023-03-15"}, {"cve": "CVE-2019-1559", "epss": "0.004410000", "percentile": "0.708560000", "modified": "2023-03-15"}], "vulnersScore": 0.9}, "_state": {"dependencies": 1678955717, "score": 1678955355, "epss": 1678955506}, "_internal": {"score_hash": "18cd69b36fa8005400cc34795ed93ebc"}, "pluginID": "125001", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125001);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/08\");\n\n script_cve_id(\n \"CVE-2007-5135\",\n \"CVE-2009-0590\",\n \"CVE-2009-1377\",\n \"CVE-2009-1386\",\n \"CVE-2009-4355\",\n \"CVE-2011-4108\",\n \"CVE-2012-2110\",\n \"CVE-2014-3507\",\n \"CVE-2014-3571\",\n \"CVE-2014-8176\",\n \"CVE-2014-8275\",\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0293\",\n \"CVE-2015-1789\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\",\n \"CVE-2016-0703\",\n \"CVE-2019-1559\"\n );\n script_bugtraq_id(\n 25831,\n 31692,\n 34256,\n 35001,\n 35174,\n 51281,\n 53158,\n 69078,\n 71935,\n 71937,\n 73196,\n 73225,\n 73232,\n 73239,\n 74107,\n 74733,\n 75154,\n 75156,\n 75159,\n 75161,\n 75769\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1548)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A race condition was found in the session handling code\n of OpenSSL. This issue could possibly cause a\n multi-threaded TLS/SSL client using OpenSSL to double\n free session ticket data and crash.(CVE-2015-1791)\n\n - An out-of-bounds read flaw was found in the\n X509_cmp_time() function of OpenSSL, which is used to\n test the expiry dates of SSL/TLS certificates. An\n attacker could possibly use a specially crafted SSL/TLS\n certificate or CRL (Certificate Revocation List), which\n when parsed by an application would cause that\n application to crash.(CVE-2015-1789)\n\n - The ASN1_STRING_print_ex function in OpenSSL before\n 0.9.8k allows remote attackers to cause a denial of\n service (invalid memory access and application crash)\n via vectors that trigger printing of a (1) BMPString or\n (2) UniversalString with an invalid encoded\n length.(CVE-2009-0590)\n\n - An invalid-free flaw was found in the way OpenSSL\n handled certain DTLS handshake messages. A malicious\n DTLS client or server could send a specially crafted\n message to the peer, which could cause the application\n to crash or potentially result in arbitrary code\n execution.(CVE-2014-8176)\n\n - The DTLS implementation in OpenSSL before 0.9.8s and\n 1.x before 1.0.0f performs a MAC check only if certain\n padding is valid, which makes it easier for remote\n attackers to recover plaintext via a padding oracle\n attack.(CVE-2011-4108)\n\n - Off-by-one error in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f,\n might allow remote attackers to execute arbitrary code\n via a crafted packet that triggers a one-byte buffer\n underflow. NOTE: this issue was introduced as a result\n of a fix for CVE-2006-3738. As of 20071012, it is\n unknown whether code execution is\n possible.(CVE-2007-5135)\n\n - A NULL pointer dereference flaw was found in the DTLS\n implementation of OpenSSL. A remote attacker could send\n a specially crafted DTLS message, which would cause an\n OpenSSL server to crash.(CVE-2014-3571)\n\n - The asn1_d2i_read_bio function in\n crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0\n before 1.0.0i, and 1.0.1 before 1.0.1a does not\n properly interpret integer data, which allows remote\n attackers to conduct buffer overflow attacks, and cause\n a denial of service (memory corruption) or possibly\n have unspecified other impact, via crafted DER data, as\n demonstrated by an X.509 certificate or an RSA public\n key.(CVE-2012-2110)\n\n - It was discovered that the SSLv2 servers using OpenSSL\n accepted SSLv2 connection handshakes that indicated\n non-zero clear key length for non-export cipher suites.\n An attacker could use this flaw to decrypt recorded\n SSLv2 sessions with the server by using it as a\n decryption oracle.(CVE-2016-0703)\n\n - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote\n attackers to cause a denial of service (NULL pointer\n dereference and daemon crash) via a DTLS\n ChangeCipherSpec packet that occurs before\n ClientHello.(CVE-2009-1386)\n\n - Memory leak in the zlib_stateful_finish function in\n crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and\n 1.0.0 Beta through Beta 4 allows remote attackers to\n cause a denial of service (memory consumption) via\n vectors that trigger incorrect calls to the\n CRYPTO_cleanup_all_ex_data function, as demonstrated by\n use of SSLv3 and PHP with the Apache HTTP Server, a\n related issue to CVE-2008-1678.(CVE-2009-4355)\n\n - A flaw was discovered in the way OpenSSL handled DTLS\n packets. A remote attacker could use this flaw to cause\n a DTLS server or client using OpenSSL to crash or use\n excessive amounts of memory.(CVE-2014-3507)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in\n OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote\n attackers to cause a denial of service (memory\n consumption) via a large series of 'future epoch' DTLS\n records that are buffered in a queue, aka 'DTLS record\n buffer limitation bug.'(CVE-2009-1377)\n\n - A use-after-free flaw was found in the way OpenSSL\n imported malformed Elliptic Curve private keys. A\n specially crafted key file could cause an application\n using OpenSSL to crash when imported.(CVE-2015-0209)\n\n - A denial of service flaw was found in the way OpenSSL\n verified certain signed messages using CMS\n (Cryptographic Message Syntax). A remote attacker could\n cause an application using OpenSSL to use excessive\n amounts of memory by sending a specially crafted\n message for verification.(CVE-2015-1792)\n\n - A denial of service flaw was found in the way OpenSSL\n handled SSLv2 handshake messages. A remote attacker\n could use this flaw to cause a TLS/SSL server using\n OpenSSL to exit on a failed assertion if it had both\n the SSLv2 protocol and EXPORT-grade cipher suites\n enabled.(CVE-2015-0293)\n\n - An invalid pointer use flaw was found in OpenSSL's\n ASN1_TYPE_cmp() function. A remote attacker could crash\n a TLS/SSL client or server using OpenSSL via a\n specially crafted X.509 certificate when the\n attacker-supplied certificate was verified by the\n application.(CVE-2015-0286)\n\n - Multiple flaws were found in the way OpenSSL parsed\n X.509 certificates. An attacker could use these flaws\n to modify an X.509 certificate to produce a certificate\n with a different fingerprint without invalidating its\n signature, and possibly bypass fingerprint-based\n blacklisting in applications.(CVE-2014-8275)\n\n - If an application encounters a fatal protocol error and\n then calls SSL_shutdown() twice (once to send a\n close_notify, and once to receive one) then OpenSSL can\n respond differently to the calling application if a 0\n byte record is received with invalid padding compared\n to if a 0 byte record is received with an invalid MAC.\n If the application then behaves differently based on\n that in a way that is detectable to the remote peer,\n then this amounts to a padding oracle that could be\n used to decrypt data. In order for this to be\n exploitable 'non-stitched' ciphersuites must be in use.\n Stitched ciphersuites are optimised implementations of\n certain commonly used ciphersuites. Also the\n application must call SSL_shutdown() twice even if a\n protocol error has occurred (applications should not do\n this but some do anyway). Fixed in OpenSSL 1.0.2r\n (Affected 1.0.2-1.0.2q).(CVE-2019-1559)\n\n - A flaw was found in the way the TLS protocol composes\n the Diffie-Hellman exchange (for both export and\n non-export grade cipher suites). An attacker could use\n this flaw to downgrade a DHE connection to use\n export-grade key sizes, which could then be broken by\n sufficient pre-computation. This can lead to a passive\n man-in-the-middle attack in which the attacker is able\n to decrypt all traffic.(CVE-2015-4000)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1548\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?08b55f2d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8176\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h5\",\n \"openssl-devel-1.0.2k-16.h5\",\n \"openssl-libs-1.0.2k-16.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "naslFamily": "Huawei Local Security Checks", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "solution": "Update the affected openssl packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2014-8176", "vendor_cvss2": {}, "vendor_cvss3": {}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2019-05-10T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": ["Core Impact"]}

{"openvas": [{"lastseen": "2020-01-27T18:39:50", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1548)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2006-3738", "CVE-2009-1386", "CVE-2011-4108", "CVE-2009-1377", "CVE-2015-1789", "CVE-2015-0286", "CVE-2014-3507", "CVE-2014-3571", "CVE-2009-4355", "CVE-2007-5135", "CVE-2014-8275", "CVE-2009-0590", "CVE-2015-0293", "CVE-2014-8176", "CVE-2015-0209", "CVE-2012-2110", "CVE-2019-1559", "CVE-2016-0703", "CVE-2015-1791"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191548", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191548", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1548\");\n script_version(\"2020-01-23T12:11:42+0000\");\n script_cve_id(\"CVE-2007-5135\", \"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1386\", \"CVE-2009-4355\", \"CVE-2011-4108\", \"CVE-2012-2110\", \"CVE-2014-3507\", \"CVE-2014-3571\", \"CVE-2014-8176\", \"CVE-2014-8275\", \"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0293\", \"CVE-2015-1789\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-4000\", \"CVE-2016-0703\", \"CVE-2019-1559\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:11:42 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:11:42 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1548)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1548\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1548\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2019-1548 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A race condition was found in the session handling code of OpenSSL. This issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash.(CVE-2015-1791)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially crafted SSL/TLS certificate or CRL (Certificate Revocation List), which when parsed by an application would cause that application to crash.(CVE-2015-1789)\n\nThe ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.(CVE-2009-0590)\n\nAn invalid-free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could send a specially crafted message to the peer, which could cause the application to crash or potentially result in arbitrary code execution.(CVE-2014-8176)\n\nThe DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.(CVE-2011-4108)\n\nOff-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.(CVE-2007-5135)\n\nA NULL pointer dereference flaw was found in the DTLS implementation of OpenSSL. A remote attacker could send a specially crafted DTLS message, which would cause an OpenSSL server to crash.(CVE-2014-3571)\n\nThe asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.(CVE-2012-2110)\n\nIt was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h5\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h5\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h5\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2015-10047", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869732", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869732", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2015-10047\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869732\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:41:07 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\",\n \"CVE-2015-0209\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2015-10047\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10047\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~10.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-25T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2015-10108", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-0286", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-1791"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869465", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869465", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2015-10108\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869465\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-25 06:33:40 +0200 (Thu, 25 Jun 2015)\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\",\n \"CVE-2015-0209\", \"CVE-2015-4000\", \"CVE-2015-0286\", \"CVE-2015-0287\",\n \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2015-10108\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10108\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~10.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:03", "description": "Gentoo Linux Local Security Checks GLSA 201506-02", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201506-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121379", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201506-02.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121379\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:51 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201506-02\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201506-02\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201506-02\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 1.0.1o\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 0.9.8z_p7\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(), vulnerable: make_list(\"lt 1.0.1o\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:59:12", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-550)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120033", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120033\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:15:46 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-550)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenSSL. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-550.html\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2014-8176\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~10.86.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:52:22", "description": "Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176 \nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered\nthat an invalid memory free could be triggered when buffering DTLS\ndata. This could allow remote attackers to cause a denial of service\n(crash) or potentially execute arbitrary code. This issue only\naffected the oldstable distribution (wheezy).\n\nCVE-2015-1788 \nJoseph Barr-Pixton discovered that an infinite loop could be triggered\ndue to incorrect handling of malformed ECParameters structures. This\ncould allow remote attackers to cause a denial of service.\n\nCVE-2015-1789 \nRobert Swiecki and Hanno Bck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790 \nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791 \nEmilia Ksper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause\na denial of service (crash).\n\nCVE-2015-1792 \nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an\nunknown hash function OID. This could allow remote attackers to cause\na denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000 \n).", "cvss3": {}, "published": "2015-06-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3287-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703287", "href": "http://plugins.openvas.org/nasl.php?oid=703287", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3287.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3287-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703287);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\",\n \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-4000\");\n script_name(\"Debian Security Advisory DSA 3287-1 (openssl - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-06-13 00:00:00 +0200 (Sat, 13 Jun 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3287.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"openssl on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package contains the openssl binary and related tools.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), these problems have been fixed\nin version 1.0.1e-2+deb7u17.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1k-3+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1.0.2b-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2b-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name: \"summary\", value: \"Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176 \nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered\nthat an invalid memory free could be triggered when buffering DTLS\ndata. This could allow remote attackers to cause a denial of service\n(crash) or potentially execute arbitrary code. This issue only\naffected the oldstable distribution (wheezy).\n\nCVE-2015-1788 \nJoseph Barr-Pixton discovered that an infinite loop could be triggered\ndue to incorrect handling of malformed ECParameters structures. This\ncould allow remote attackers to cause a denial of service.\n\nCVE-2015-1789 \nRobert Swiecki and Hanno Bck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790 \nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791 \nEmilia Ksper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause\na denial of service (crash).\n\nCVE-2015-1792 \nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an\nunknown hash function OID. This could allow remote attackers to cause\na denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000 \n).\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1e-2+deb7u17\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.2b-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1k-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:07", "description": "Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176\nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered\nthat an invalid memory free could be triggered when buffering DTLS\ndata. This could allow remote attackers to cause a denial of service\n(crash) or potentially execute arbitrary code. This issue only\naffected the oldstable distribution (wheezy).\n\nCVE-2015-1788\nJoseph Barr-Pixton discovered that an infinite loop could be triggered\ndue to incorrect handling of malformed ECParameters structures. This\ncould allow remote attackers to cause a denial of service.\n\nCVE-2015-1789\nRobert Swiecki and Hanno Bck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790\nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791\nEmilia Ksper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause\na denial of service (crash).\n\nCVE-2015-1792\nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an\nunknown hash function OID. This could allow remote attackers to cause\na denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000\n).", "cvss3": {}, "published": "2015-06-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3287-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703287", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703287", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3287.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3287-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703287\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\",\n \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-4000\");\n script_name(\"Debian Security Advisory DSA 3287-1 (openssl - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-13 00:00:00 +0200 (Sat, 13 Jun 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3287.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|9|8)\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy), these problems have been fixed\nin version 1.0.1e-2+deb7u17.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1k-3+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1.0.2b-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2b-1.\n\nWe recommend that you upgrade your openssl packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176\nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered\nthat an invalid memory free could be triggered when buffering DTLS\ndata. This could allow remote attackers to cause a denial of service\n(crash) or potentially execute arbitrary code. This issue only\naffected the oldstable distribution (wheezy).\n\nCVE-2015-1788\nJoseph Barr-Pixton discovered that an infinite loop could be triggered\ndue to incorrect handling of malformed ECParameters structures. This\ncould allow remote attackers to cause a denial of service.\n\nCVE-2015-1789\nRobert Swiecki and Hanno Bck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790\nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791\nEmilia Ksper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause\na denial of service (crash).\n\nCVE-2015-1792\nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an\nunknown hash function OID. This could allow remote attackers to cause\na denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000\n).\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1e-2+deb7u17\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.2b-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcrypto1.0.0-udeb\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1k-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-14T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2015-11414", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1793", "CVE-2015-1789", "CVE-2015-0286", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-1791"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869742", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869742", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2015-11414\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869742\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-14 06:36:09 +0200 (Tue, 14 Jul 2015)\");\n script_cve_id(\"CVE-2015-1793\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-0209\", \"CVE-2015-4000\", \"CVE-2015-0286\",\n \"CVE-2015-0287\", \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2015-11414\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11414\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161747.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~11.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-14T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2015-11475", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1793", "CVE-2015-1789", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869740", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869740", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2015-11475\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869740\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-14 06:35:46 +0200 (Tue, 14 Jul 2015)\");\n script_cve_id(\"CVE-2015-1793\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-0209\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for openssl FEDORA-2015-11475\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-11475\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-July/161782.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~11.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-09T15:19:27", "description": "On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct\n vulnerabilities, and another fix that provides hardening protections against exploits as described\n in the Logjam research.\n\n Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more\n vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service\n (DoS) condition or corrupt portions of OpenSSL process memory.\n\n Cisco will release software updates that address these vulnerabilities.\n\n Workarounds that mitigate these vulnerabilities may be available.", "cvss3": {}, "published": "2016-05-12T00:00:00", "type": "openvas", "title": "Cisco NX-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-10-09T00:00:00", "id": "OPENVAS:1361412562310105692", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/o:cisco:nx-os\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105692\");\n script_cve_id(\"CVE-2015-1791\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2014-8176\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"2019-10-09T06:43:33+0000\");\n\n script_name(\"Cisco NX-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n script_tag(name:\"summary\", value:\"On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct\n vulnerabilities, and another fix that provides hardening protections against exploits as described\n in the Logjam research.\n\n Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more\n vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service\n (DoS) condition or corrupt portions of OpenSSL process memory.\n\n Cisco will release software updates that address these vulnerabilities.\n\n Workarounds that mitigate these vulnerabilities may be available.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-05-12 15:26:53 +0200 (Thu, 12 May 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_cisco_nx_os_version.nasl\");\n script_mandatory_keys(\"cisco_nx_os/version\", \"cisco_nx_os/model\", \"cisco_nx_os/device\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\nif( ! device = get_kb_item( \"cisco_nx_os/device\" ) ) exit( 0 );\nif( \"Nexus\" >!< device ) exit( 0 );\n\nif ( ! nx_model = get_kb_item( \"cisco_nx_os/model\" ) ) exit( 0 );\n\nif( \"1000V\" >< nx_model )\n{\n affected = make_list(\n \"4.0(4)SV1(1)\",\n \"4.0(4)SV1(2)\",\n \"4.0(4)SV1(3)\",\n \"4.0(4)SV1(3a)\",\n \"4.0(4)SV1(3b)\",\n \"4.0(4)SV1(3c)\",\n \"4.0(4)SV1(3d)\",\n \"4.2(1)SV1(4)\",\n \"4.2(1)SV1(4a)\",\n \"4.2(1)SV1(4b)\",\n \"4.2(1)SV1(5.1)\",\n \"4.2(1)SV1(5.1a)\",\n \"4.2(1)SV1(5.2)\",\n \"4.2(1)SV1(5.2b)\",\n \"4.2(1)SV2(1.1)\",\n \"4.2(1)SV2(1.1a)\",\n \"4.2(1)SV2(2.1)\",\n \"4.2(1)SV2(2.1a)\"\n );\n}\n\nif( nx_model =~ \"^3[0-9]+\" )\n{\n affected = make_list(\n \"5.0(3)U1(1)\",\n \"5.0(3)U1(1a)\",\n \"5.0(3)U1(1b)\",\n \"5.0(3)U1(1d)\",\n \"5.0(3)U1(2)\",\n \"5.0(3)U1(2a)\",\n \"5.0(3)U2(1)\",\n \"5.0(3)U2(2)\",\n \"5.0(3)U2(2a)\",\n \"5.0(3)U2(2b)\",\n \"5.0(3)U2(2c)\",\n \"5.0(3)U2(2d)\",\n \"5.0(3)U3(1)\",\n \"5.0(3)U3(2)\",\n \"5.0(3)U3(2a)\",\n \"5.0(3)U3(2b)\",\n \"5.0(3)U4(1)\",\n \"5.0(3)U5(1)\",\n \"5.0(3)U5(1a)\",\n \"5.0(3)U5(1b)\",\n \"5.0(3)U5(1c)\",\n \"5.0(3)U5(1d)\",\n \"5.0(3)U5(1e)\",\n \"5.0(3)U5(1f)\",\n \"5.0(3)U5(1g)\",\n \"5.0(3)U5(1h)\",\n \"6.0(2)U1(1)\",\n \"6.0(2)U1(1a)\",\n \"6.0(2)U1(2)\",\n \"6.0(2)U1(3)\",\n \"6.0(2)U1(4)\",\n \"6.0(2)U2(1)\",\n \"6.0(2)U2(2)\",\n \"6.0(2)U2(3)\",\n \"6.0(2)U2(4)\",\n \"6.0(2)U2(5)\",\n \"6.0(2)U2(6)\",\n \"6.0(2)U3(1)\",\n \"6.0(2)U3(2)\",\n \"6.0(2)U3(3)\",\n \"6.0(2)U3(4)\",\n \"6.0(2)U3(5)\",\n \"6.0(2)U4(1)\",\n \"6.0(2)U4(2)\",\n \"6.0(2)U4(3)\",\n \"6.0(2)U5(1)\"\n );\n}\n\nif( nx_model =~ \"^4[0-9]+\" )\n{\n affected = make_list(\n \"4.1(2)E1(1)\",\n \"4.1(2)E1(1b)\",\n \"4.1(2)E1(1d)\",\n \"4.1(2)E1(1e)\",\n \"4.1(2)E1(1f)\",\n \"4.1(2)E1(1g)\",\n \"4.1(2)E1(1h)\",\n \"4.1(2)E1(1i)\",\n \"4.1(2)E1(1j)\"\n );\n}\n\nif( nx_model =~ \"^5[0-9]+\" )\n{\n affected = make_list(\n \"4.0(0)N1(1a)\",\n \"4.0(0)N1(2)\",\n \"4.0(0)N1(2a)\",\n \"4.0(1a)N1(1)\",\n \"4.0(1a)N1(1a)\",\n \"4.0(1a)N2(1)\",\n \"4.0(1a)N2(1a)\",\n \"4.1(3)N1(1)\",\n \"4.1(3)N1(1a)\",\n \"4.1(3)N2(1)\",\n \"4.1(3)N2(1a)\",\n \"4.2(1)N1(1)\",\n \"4.2(1)N2(1)\",\n \"4.2(1)N2(1a)\",\n \"5.0(2)N1(1)\",\n \"5.0(2)N2(1)\",\n \"5.0(2)N2(1a)\",\n \"5.0(3)N1(1c)\",\n \"5.0(3)N2(1)\",\n \"5.0(3)N2(2)\",\n \"5.0(3)N2(2a)\",\n \"5.0(3)N2(2b)\",\n \"5.1(3)N1(1)\",\n \"5.1(3)N1(1a)\",\n \"5.1(3)N2(1)\",\n \"5.1(3)N2(1a)\",\n \"5.1(3)N2(1b)\",\n \"5.1(3)N2(1c)\",\n \"5.2(1)N1(1)\",\n \"5.2(1)N1(1a)\",\n \"5.2(1)N1(1b)\",\n \"5.2(1)N1(2)\",\n \"5.2(1)N1(2a)\",\n \"5.2(1)N1(3)\",\n \"5.2(1)N1(4)\",\n \"5.2(1)N1(5)\",\n \"5.2(1)N1(6)\",\n \"5.2(1)N1(7)\",\n \"5.2(1)N1(8)\",\n \"5.2(1)N1(8a)\",\n \"6.0(2)N1(1)\",\n \"6.0(2)N1(2)\",\n \"6.0(2)N1(2a)\",\n \"6.0(2)N2(1)\",\n \"6.0(2)N2(1b)\",\n \"6.0(2)N2(2)\",\n \"6.0(2)N2(3)\",\n \"6.0(2)N2(4)\",\n \"6.0(2)N2(5)\",\n \"7.0(0)N1(1)\",\n \"7.0(1)N1(1)\",\n \"7.0(2)N1(1)\",\n \"7.0(3)N1(1)\"\n );\n}\n\nif( nx_model =~ \"^6[0-9]+\" )\n{\n affected = make_list(\n \"6.0(2)N1(2)\",\n \"6.0(2)N1(2a)\",\n \"6.0(2)N2(1)\",\n \"6.0(2)N2(1b)\",\n \"6.0(2)N2(2)\",\n \"6.0(2)N2(3)\",\n \"6.0(2)N2(4)\",\n \"6.0(2)N2(5)\",\n \"7.0(0)N1(1)\",\n \"7.0(1)N1(1)\",\n \"7.0(2)N1(1)\",\n \"7.0(3)N1(1)\"\n );\n}\n\nif( nx_model =~ \"^7[0-9]+\" )\n{\n affected = make_list(\n \"4.1.(2)\",\n \"4.1.(3)\",\n \"4.1.(4)\",\n \"4.1.(5)\",\n \"4.2(3)\",\n \"4.2(4)\",\n \"4.2(6)\",\n \"4.2(8)\",\n \"4.2.(2a)\",\n \"5.0(2a)\",\n \"5.0(3)\",\n \"5.0(5)\",\n \"5.1(1)\",\n \"5.1(1a)\",\n \"5.1(3)\",\n \"5.1(4)\",\n \"5.1(5)\",\n \"5.1(6)\",\n \"5.2(1)\",\n \"5.2(3a)\",\n \"5.2(4)\",\n \"5.2(5)\",\n \"5.2(7)\",\n \"5.2(9)\",\n \"6.0(1)\",\n \"6.0(2)\",\n \"6.0(3)\",\n \"6.0(4)\",\n \"6.1(1)\",\n \"6.1(2)\",\n \"6.1(3)\",\n \"6.1(4)\",\n \"6.1(4a)\",\n \"6.2(10)\",\n \"6.2(2)\",\n \"6.2(2a)\",\n \"6.2(6)\",\n \"6.2(6b)\",\n \"6.2(8)\",\n \"6.2(8a)\",\n \"6.2(8b)\"\n );\n}\n\nif( nx_model =~ \"^N9K\" )\n{\n affected = make_list(\n \"11.0(1b)\",\n \"11.0(1c)\",\n \"6.1(2)I2(1)\",\n \"6.1(2)I2(2)\",\n \"6.1(2)I2(2a)\",\n \"6.1(2)I2(2b)\",\n \"6.1(2)I2(3)\",\n \"6.1(2)I3(1)\",\n \"6.1(2)I3(2)\",\n \"6.1(2)I3(3)\"\n );\n}\n\nforeach af ( affected )\n{\n if( version == af )\n {\n report = report_fixed_ver( installed_version:version, fixed_version: \"See advisory\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-16T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2015:1115-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871376", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871376", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2015:1115-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871376\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 06:12:09 +0200 (Tue, 16 Jun 2015)\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2015:1115-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a DTLS\nserver or client using OpenSSL to crash or, potentially, execute arbitrary\ncode. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash. (CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL. This\nissue could possibly cause a multi-threaded TLS/SSL client using OpenSSL\nto double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax\n(CMS) messages. A CMS message with an unknown hash function identifier\ncould cause an application using OpenSSL to enter an infinite loop.\n(CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan\nFratric as the original reporters of CVE-2014-8176, Robert Swiecki and\nHanno Bck as the original reporters of CVE-2015-1789, Michal Zalewski as\nthe original reporter of CVE-2015-1790, Emilia Ksper as the original\nreport of CVE-2015-1791 and Johannes Bauer as the original reporter of\nCVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1115-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00019.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7_1.8\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~42.el7_1.8\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7_1.8\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7_1.8\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6_6.11\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~30.el6_6.11\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6_6.11\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-2639-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842242", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842242", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openssl USN-2639-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842242\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-12 06:09:14 +0200 (Fri, 12 Jun 2015)\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\",\n \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openssl USN-2639-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Praveen Kariyanahalli, Ivan Fratric and\nFelix Groebert discovered that OpenSSL incorrectly handled memory when buffering\nDTLS data. A remote attacker could use this issue to cause OpenSSL to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-8176)\n\nJoseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed\nECParameters structures. A remote attacker could use this issue to cause\nOpenSSL to hang, resulting in a denial of service. (CVE-2015-1788)\n\nRobert Swiecki and Hanno B&#246 ck discovered that OpenSSL incorrectly handled\ncertain ASN1_TIME strings. A remote attacker could use this issue to cause\nOpenSSL to crash, resulting in a denial of service. (CVE-2015-1789)\n\nMichal Zalewski discovered that OpenSSL incorrectly handled missing content\nwhen parsing ASN.1-encoded PKCS#7 blobs. A remote attacker could use this\nissue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-1790)\n\nEmilia K&#228 sper discovered that OpenSSL incorrectly handled NewSessionTicket\nwhen being used by a multi-threaded client. A remote attacker could use\nthis issue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-1791)\n\nJohannes Bauer discovered that OpenSSL incorrectly handled verifying\nsignedData messages using the CMS code. A remote attacker could use this\nissue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1792)\n\nAs a security improvement, this update also modifies OpenSSL behaviour to\nreject DH key sizes below 768 bits, preventing a possible downgrade\nattack.\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2639-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2639-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu9.8\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu9.8\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1-4ubuntu5.31\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:49", "description": "Check the version of openssl", "cvss3": {}, "published": "2015-06-16T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1115 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1115 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882199\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 06:13:56 +0200 (Tue, 16 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1115 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a DTLS\nserver or client using OpenSSL to crash or, potentially, execute arbitrary\ncode. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash. (CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL. This\nissue could possibly cause a multi-threaded TLS/SSL client using OpenSSL\nto double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax\n(CMS) messages. A CMS message with an unknown hash function identifier\ncould cause an application using OpenSSL to enter an infinite loop.\n(CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan\nFratric as the original reporters of CVE-2014-8176, Robert Swiecki and\nHanno Bck as the original reporters of CVE-2015-1789, Michal Zalewski as\nthe original reporter of CVE-2015-1790, Emilia Ksper as the original\nreport of CVE-2015-1791 and Johannes Bauer as the original reporter of\nCVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1115\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021172.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~42.el7.8\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-09T15:20:32", "description": "On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct\n vulnerabilities, and another fix that provides hardening protections against exploits as described in the Logjam research.\n\n Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow\n an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory.\n\n Cisco will release software updates that address these vulnerabilities.\n\n Workarounds that mitigate these vulnerabilities may be available.", "cvss3": {}, "published": "2016-05-10T00:00:00", "type": "openvas", "title": "Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-10-09T00:00:00", "id": "OPENVAS:1361412562310105678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/o:cisco:ios_xe\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105678\");\n script_cve_id(\"CVE-2015-1791\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2014-8176\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"2019-10-09T06:43:33+0000\");\n\n script_name(\"Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n script_tag(name:\"summary\", value:\"On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct\n vulnerabilities, and another fix that provides hardening protections against exploits as described in the Logjam research.\n\n Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow\n an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory.\n\n Cisco will release software updates that address these vulnerabilities.\n\n Workarounds that mitigate these vulnerabilities may be available.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-05-10 10:53:28 +0200 (Tue, 10 May 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_cisco_ios_xe_version.nasl\");\n script_mandatory_keys(\"cisco_ios_xe/version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\naffected = make_list(\n '3.3.0S',\n '3.3.1S',\n '3.3.2S',\n '3.4.0S',\n '3.4.1S',\n '3.4.2S',\n '3.4.3S',\n '3.4.4S',\n '3.4.5S',\n '3.4.6S',\n '3.5.0S',\n '3.5.1S',\n '3.5.2S',\n '3.6.0S',\n '3.6.1S',\n '3.6.2S',\n '3.7.0S',\n '3.7.1S',\n '3.7.2S',\n '3.7.3S',\n '3.7.4S',\n '3.7.5S',\n '3.7.6S',\n '3.8.0S',\n '3.8.1S',\n '3.8.2S',\n '3.9.0S',\n '3.9.1S',\n '3.9.2S' );\n\nforeach af ( affected )\n{\n if( version == af )\n {\n report = report_fixed_ver( installed_version:version, fixed_version: \"See advisory\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:37", "description": "Oracle Linux Local Security Checks ELSA-2015-1115", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1115", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123099", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1115.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123099\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:59:21 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1115\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1115 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1115\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1115.html\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~42.el7_1.8\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6_6.11\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6_6.11\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~30.el6_6.11\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~30.el6_6.11\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:04", "description": "Check the version of openssl", "cvss3": {}, "published": "2015-06-16T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1115 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882198", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1115 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882198\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\",\n \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 06:13:40 +0200 (Tue, 16 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1115 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a DTLS\nserver or client using OpenSSL to crash or, potentially, execute arbitrary\ncode. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash. (CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL. This\nissue could possibly cause a multi-threaded TLS/SSL client using OpenSSL\nto double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax\n(CMS) messages. A CMS message with an unknown hash function identifier\ncould cause an application using OpenSSL to enter an infinite loop.\n(CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan\nFratric as the original reporters of CVE-2014-8176, Robert Swiecki and\nHanno Bck as the original reporters of CVE-2015-1789, Michal Zalewski as\nthe original reporter of CVE-2015-1790, Emilia Ksper as the original\nreport of CVE-2015-1791 and Johannes Bauer as the original reporter of\nCVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1115\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021173.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6.11\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6.11\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~30.el6.11\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~30.el6.11\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:49", "description": "This host is running OpenSSL and is prone\n to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310806745", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806745", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mult_dos_vuln02_dec15_lin.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806745\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_bugtraq_id(75156, 75157, 75161, 75154);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 09:41:47 +0530 (Tue, 01 Dec 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - An out-of-bounds read vulnerability in 'X509_cmp_time' function in\n 'crypto/x509/x509_vfy.c' script.\n\n - NULL pointer dereference vulnerability in 'PKCS7_dataDecodefunction' in\n 'crypto/pkcs7/pk7_doit.c' script.\n\n - 'ssl3_get_new_session_ticket' function in 'ssl/s3_clnt.c' script causes\n race condition while handling NewSessionTicket.\n\n - 'do_free_upto' function in 'crypto/cms/cms_smime.c' script verify infinite\n loop with unknown hash function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to cause a denial of service or possibly have unspecified other impact.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions before 0.9.8zg, 1.0.0\n before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL 0.9.8zg, or 1.0.0s or\n 1.0.1n or 1.0.2b or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^0\\.9\\.8\")\n{\n if(version_is_less(version:vers, test_version:\"0.9.8zg\"))\n {\n fix = \"0.9.8zg\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.0\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.0s\"))\n {\n fix = \"1.0.0s\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.1\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.1n\"))\n {\n fix = \"1.0.1n\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.2\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.2b\"))\n {\n fix = \"1.0.2b\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:46", "description": "This host is running OpenSSL and is prone\n to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310806744", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806744", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mult_dos_vuln02_dec15_win.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806744\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_bugtraq_id(75156, 75157, 75161, 75154);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 09:41:47 +0530 (Tue, 01 Dec 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"OpenSSL Multiple Denial of Service Vulnerabilities -02 Dec15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - An out-of-bounds read vulnerability in 'X509_cmp_time' function in\n 'crypto/x509/x509_vfy.c' script.\n\n - NULL pointer dereference vulnerability in 'PKCS7_dataDecodefunction' in\n 'crypto/pkcs7/pk7_doit.c' script.\n\n - 'ssl3_get_new_session_ticket' function in 'ssl/s3_clnt.c' script causes\n race condition while handling NewSessionTicket.\n\n - 'do_free_upto' function in 'crypto/cms/cms_smime.c' script verify infinite\n loop with unknown hash function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to cause a denial of service or possibly have unspecified other impact.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions before 0.9.8zg, 1.0.0\n before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL 0.9.8zg, or 1.0.0s or\n 1.0.1n or 1.0.2b or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^0\\.9\\.8\")\n{\n if(version_is_less(version:vers, test_version:\"0.9.8zg\"))\n {\n fix = \"0.9.8zg\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.0\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.0s\"))\n {\n fix = \"1.0.0s\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.1\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.1n\"))\n {\n fix = \"1.0.1n\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.2\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.2b\"))\n {\n fix = \"1.0.2b\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:02", "description": "Potential security vulnerabilities in OpenSSL have been addressed with HPE network products including iMC, VCX, Comware 5 and Comware 7. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access.", "cvss3": {}, "published": "2016-07-06T00:00:00", "type": "openvas", "title": "HPE Network Products Remote Denial of Service (DoS), Unauthorized Access", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1793", "CVE-2015-1789", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-11-20T00:00:00", "id": "OPENVAS:1361412562310105798", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105798", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_comware_platform_hpsbhf03613.nasl 12431 2018-11-20 09:21:00Z asteins $\n#\n# HPE Network Products Remote Denial of Service (DoS), Unauthorized Access\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:hp:comware';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105798\");\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-1793\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12431 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-20 10:21:00 +0100 (Tue, 20 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-06 12:05:47 +0200 (Wed, 06 Jul 2016)\");\n script_name(\"HPE Network Products Remote Denial of Service (DoS), Unauthorized Access\");\n\n script_tag(name:\"summary\", value:\"Potential security vulnerabilities in OpenSSL have been addressed with HPE network products including iMC, VCX, Comware 5 and Comware 7. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access.\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"vuldetect\", value:\"Check the release version\");\n\n script_xref(name:\"URL\", value:'https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05184351');\n\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_hp_comware_platform_detect_snmp.nasl\");\n script_mandatory_keys(\"hp/comware_device\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE, nofork: TRUE) ) exit( 0 );\nif( ! model = get_kb_item( \"hp/comware_device/model\" ) ) exit( 0 );\nif( ! release = get_kb_item( \"hp/comware_device/release\" ) ) exit( 0 );\n\nif( model =~ '^1950-(24|48)G' )\n{\n report_fix = 'R3109P16';\n fix = '3109P16';\n}\n\nelse if( model =~ '^(A|A-?)95(0|1)(8|5|2)' )\n{\n report_fix = 'R1829P01';\n fix = '1829P01';\n}\n\nelse if( model =~ '^(A-)?MSR9(0|2)' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^MSR93' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^59(0|2)0' )\n{\n report_fix = 'R2422P01';\n fix = '2422P01';\n}\n\nelse if( model =~ '^58(0|2)0' )\n{\n report_fix = 'R1809P11';\n fix = '1809P11';\n}\n\nelse if( model =~ '(A-)?^MSR20-(2|4)' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^(A-)?MSR20-1[0-5]' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^(A|A-)?5500-' && \"EI Switch\" >< model )\n{\n report_fix = 'R2221P19';\n fix = '2221P19';\n}\n\nelse if( model =~ '^(A|A-)?5500-' && \"HI Switch\" >< model )\n{\n report_fix = 'R5501P17';\n fix = '5501P17';\n}\n\nelse if( model =~ '^(A-)?MSR20-(2|4)(0|1)' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ 'MSR20-1[0-5]' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^(A)?58(0|2)0(AF)?-(14|24|48)(G|XG)' )\n{\n report_fix = 'R1809P11';\n fix = '1809P11';\n}\n\nelse if( model =~ '870 ' )\n{\n report_fix = 'R2607P46';\n fix = '2607P46';\n}\n\nelse if( model =~ '^(A-)?MSR50' )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^(A)?5500-(24|48)-(4SFP|PoE+|SFP)' && ( \"HI Switch\" >< model || 'HI TAA-compliant Switch' >< model ) )\n{\n report_fix = 'R5501P17';\n fix = '5501P17';\n}\n\nelse if( model =~ '^(A|HSR)?66(0|1)[0-8]' && \"router\" >< tolower( model ))\n{\n report_fix = 'R3303P23';\n fix = '3303P23';\n}\n\nelse if( model =~ '^(A|HSR)?680(0|2|4|8)' )\n{\n report_fix = 'R7103P05';\n fix = '7103P05';\n}\n\nelse if( model =~ '^(A)?5120'&& ( \"EI Switch\" >< model || \"EI TAA-compliant Switch\" >< model ) )\n{\n report_fix = 'R2221P20';\n fix = '2221P20';\n}\n\nelse if( model =~ 'MSR30(12|64|44|24)' )\n{\n report_fix = 'R0305P04';\n fix = '0305P04';\n}\n\nelse if( model =~ '^FF 5930' )\n{\n report_fix = 'R2422P01';\n fix = '2422P01';\n}\n\nelse if( model =~ 'Firewall (A-)F1000-S-EI' )\n{\n report_fix = 'R3734P08';\n fix = '3734P08';\n}\n\nelse if( model =~ '^(A-)MSR30-1(6|1|0|)' && \"VCX\" >!< model )\n{\n report_fix = 'R2514P10';\n fix = '2514P10';\n}\n\nelse if( model =~ '^MSR40(0|6|8)0' )\n{\n report_fix = 'R0305P04';\n fix = '0305P04';\n}\n\nelse if( model =~ '^MSR100(2|3)-(4|8)' )\n{\n if( version =~ '^7\\\\.' )\n {\n report_fix = 'R0305P04';\n fix = '0305P04';\n }\n else\n {\n report_fix = 'R2514P10';\n fix = '2514P10';\n }\n}\n\nelse if( model =~ '^(A|A-)?125(0|1)(0|8|4)' )\n{\n report_fix = 'R1829P01';\n fix = '1829P01';\n}\n\nelse if( model =~ '(A|A-)?105(0|1)(8|4|2)^' || model =~ 'FF 1190(0|8)' )\n{\n report_fix = 'R7170';\n fix = '7170';\n}\n\nelse if( ( model =~ '^12500' || model =~ '^9500' || model =~ '^(7|10)500' || model =~ '^6600' || model =~ '^8800' || model =~ '^5820' ) && ( \"firewall\" >< tolower( model ) || 'vpn' >< tolower( model ) ) )\n{\n report_fix = 'R3181P07';\n fix = '3181P07';\n}\n\nelse if( model =~ '^129(0|1)[0-8]' )\n{\n report_fix = 'R1138P01';\n fix = '1138P01';\n}\n\nelse if( model =~ '^(FF )?79(0|1)(0|4)' )\n{\n report_fix = 'R2138P01';\n fix = '2138P01';\n}\n\nelse if( model =~ '^(A|A-)?5130-(24|48)-' )\n{\n report_fix = 'R3109P16';\n fix = '3109P16';\n}\n\nelse if( model =~ '^(A|A-)?5700-(48|40|32)' )\n{\n report_fix = 'R2422P01';\n fix = '2422P01';\n}\n\nelse if( model =~ '^75(0|1)(0|2|3|6)' )\n{\n if( version =~ '^7\\\\.' )\n {\n report_fix = 'R7170';\n fix = 'R7170';\n }\n else if( version =~ '^5\\\\.' )\n {\n report_fix = 'R6710P01';\n fix = '6710P01';\n }\n}\n\nif( ! fix ) exit( 0 );\n\nrelease = ereg_replace( pattern:'^R', string:release, replace:'' );\n\nif( revcomp( a:release, b:fix ) < 0 )\n{\n report = report_fixed_ver( installed_version:\"R\" + release, fixed_version:report_fix );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1184-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850877", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850877", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850877\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 13:21:44 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1184-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'OpenSSL'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL 0.9.8j was updated to fix several security issues.\n\n * CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed\n by rejecting connections with DH parameters shorter than 1024 bits.\n We now also generate 2048-bit DH parameters by default.\n\n * CVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\n * CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\n * CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent\n was fixed.\n\n * CVE-2015-1792: A CMS verification infinite loop when using an\n unknown hash function was fixed.\n\n * CVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\n * CVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\n locking regression.\n\n * fixed a timing side channel in RSA decryption (bnc#929678)\n\n Additional changes:\n\n * In the default SSL cipher string EXPORT ciphers are now disabled.\n This will only get active if applications get rebuilt and actually\n use this string. (bnc#931698)\n\n * Added the ECC ciphersuites to the DEFAULT cipher class (bnc#879179)\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1184-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac\", rpm:\"libopenssl0_9_8-hmac~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac-32bit\", rpm:\"libopenssl0_9_8-hmac-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for openssl (SUSE-SU-2015:1143-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850964", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850964", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850964\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 15:07:49 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for openssl (SUSE-SU-2015:1143-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update of openssl fixes the following security issues:\n\n - CVE-2015-4000 (bsc#931698)\n\n * The Logjam Attack / weakdh.org\n\n * reject connections with DH parameters shorter than 1024 bits\n\n * generates 2048-bit DH parameters by default\n\n - CVE-2015-1788 (bsc#934487)\n\n * Malformed ECParameters causes infinite loop\n\n - CVE-2015-1789 (bsc#934489)\n\n * Exploitable out-of-bounds read in X509_cmp_time\n\n - CVE-2015-1790 (bsc#934491)\n\n * PKCS7 crash with missing EnvelopedContent\n\n - CVE-2015-1792 (bsc#934493)\n\n * CMS verify infinite loop with unknown hash function\n\n - CVE-2015-1791 (bsc#933911)\n\n * race condition in NewSessionTicket\n\n - CVE-2015-3216 (bsc#933898)\n\n * Crash in ssleay_rand_bytes due to locking regression\n\n - fix a timing side channel in RSA decryption (bnc#929678)\");\n\n script_tag(name:\"affected\", value:\"openssl on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1143-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~25.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1i~25.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1182-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850749", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850749", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850749\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 14:25:01 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1182-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'OpenSSL'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL 0.9.8k was updated to fix several security issues:\n\n * CVE-2015-4000: The Logjam Attack (weakdh.org) has been addressed by\n rejecting connections with DH parameters shorter than 1024 bits.\n 2048-bit DH parameters are now generated by default.\n\n * CVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\n * CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\n * CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent\n was fixed.\n\n * CVE-2015-1792: A CMS verification infinite loop when using an\n unknown hash function was fixed.\n\n * CVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\n * CVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\n locking regression.\n\n * Fixed a timing side channel in RSA decryption. (bsc#929678)\n\n Additional changes:\n\n * In the default SSL cipher string EXPORT ciphers are now disabled.\n This will only get active if applications get rebuilt and actually\n use this string. (bsc#931698)\n\n * Added the ECC ciphersuites to the DEFAULT cipher class. (bsc#879179)\n\n Security Issues:\n\n * CVE-2015-1788\n\n * CVE-2015-1789\n\n * CVE-2015-1790\n\n * CVE-2015-1791\n\n * CVE-2015-1792\n\n * CVE-2015-3216\n\n * CVE-2015-4000\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1182-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac\", rpm:\"libopenssl0_9_8-hmac~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac-32bit\", rpm:\"libopenssl0_9_8-hmac-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-x86\", rpm:\"libopenssl0_9_8-x86~0.9.8j~0.72.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1184-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851077", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851077", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851077\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 19:35:01 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for OpenSSL (SUSE-SU-2015:1184-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'OpenSSL'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL 0.9.8j was updated to fix several security issues.\n\n * CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed\n by rejecting connections with DH parameters shorter than 1024 bits.\n We now also generate 2048-bit DH parameters by default.\n\n * CVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\n * CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\n * CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent\n was fixed.\n\n * CVE-2015-1792: A CMS verification infinite loop when using an\n unknown hash function was fixed.\n\n * CVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\n * CVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\n locking regression.\n\n * fixed a timing side channel in RSA decryption (bnc#929678)\n\n Additional changes:\n\n * In the default SSL cipher string EXPORT ciphers are now disabled.\n This will only get active if applications get rebuilt and actually\n use this string. (bnc#931698)\n\n * Added the ECC ciphersuites to the DEFAULT cipher class (bnc#879179)\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on SUSE Linux Enterprise Server 11 SP1 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1184-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP1\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac\", rpm:\"libopenssl0_9_8-hmac~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-hmac-32bit\", rpm:\"libopenssl0_9_8-hmac-32bit~0.9.8j~0.72.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for compat-openssl098 (SUSE-SU-2015:1150-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850914", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850914", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850914\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 14:14:23 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for compat-openssl098 (SUSE-SU-2015:1150-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'compat-openssl098'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update fixes the following security issues:\n\n - CVE-2015-4000 (boo#931698)\n\n * The Logjam Attack / weakdh.org\n\n * reject connections with DH parameters shorter than 1024 bits\n\n * generates 2048-bit DH parameters by default\n\n - CVE-2015-1788 (boo#934487)\n\n * Malformed ECParameters causes infinite loop\n\n - CVE-2015-1789 (boo#934489)\n\n * Exploitable out-of-bounds read in X509_cmp_time\n\n - CVE-2015-1790 (boo#934491)\n\n * PKCS7 crash with missing EnvelopedContent\n\n - CVE-2015-1792 (boo#934493)\n\n * CMS verify infinite loop with unknown hash function\n\n - CVE-2015-1791 (boo#933911)\n\n * race condition in NewSessionTicket\n\n - CVE-2015-3216 (boo#933898)\n\n * Crash in ssleay_rand_bytes due to locking regression\n\n * modified openssl-1.0.1i-fipslocking.patch\n\n - fix timing side channel in RSA decryption (bnc#929678)\n\n - add ECC ciphersuites to DEFAULT (bnc#879179)\n\n - Disable EXPORT ciphers by default (bnc#931698, comment #3)\");\n\n script_tag(name:\"affected\", value:\"compat-openssl098 on SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1150-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLED12\\.0SP0\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl098-debugsource\", rpm:\"compat-openssl098-debugsource~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-32bit\", rpm:\"libopenssl0_9_8-32bit~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo\", rpm:\"libopenssl0_9_8-debuginfo~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl0_9_8-debuginfo-32bit\", rpm:\"libopenssl0_9_8-debuginfo-32bit~0.9.8j~78.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl (openSUSE-SU-2015:1139-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-3216", "CVE-2015-1791"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850661", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850661", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850661\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\",\n \"CVE-2015-1792\", \"CVE-2015-3216\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:23:36 +0200 (Fri, 26 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for openssl (openSUSE-SU-2015:1139-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"openssl was updated to fix six security issues.\n\n The following vulnerabilities were fixed:\n\n * CVE-2015-4000: The Logjam Attack / weakdh.org. Rject connections with DH\n parameters shorter than 768 bits, generates 2048-bit DH parameters by\n default. (boo#931698)\n\n * CVE-2015-1788: Malformed ECParameters causes infinite loop (boo#934487)\n\n * CVE-2015-1789: Exploitable out-of-bounds read in X509_cmp_time\n (boo#934489)\n\n * CVE-2015-1790: PKCS7 crash with missing EnvelopedContent (boo#934491)\n\n * CVE-2015-1792: CMS verify infinite loop with unknown hash function\n (boo#934493)\n\n * CVE-2015-1791: race condition in NewSessionTicket (boo#933911)\n\n * CVE-2015-3216: Crash in ssleay_rand_bytes due to locking regression\n (boo#933898)\");\n\n script_tag(name:\"affected\", value:\"openssl on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1139-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-devel-32bit\", rpm:\"libopenssl-devel-32bit~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~1.0.1k~11.72.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-09-18T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libressl (openSUSE-SU-2015:1277-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1792", "CVE-2014-3572", "CVE-2015-0206", "CVE-2015-1789", "CVE-2015-0286", "CVE-2015-0288", "CVE-2014-8275", "CVE-2014-3570", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-0209", "CVE-2015-1790", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-0205"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850678", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850678\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-09-18 10:33:35 +0200 (Fri, 18 Sep 2015)\");\n script_cve_id(\"CVE-2014-3570\", \"CVE-2014-3572\", \"CVE-2014-8176\", \"CVE-2014-8275\", \"CVE-2015-0205\", \"CVE-2015-0206\", \"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for libressl (openSUSE-SU-2015:1277-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libressl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"libressl was updated to version 2.2.1 to fix 16 security issues.\n\n LibreSSL is a fork of OpenSSL. Because of that CVEs affecting OpenSSL\n often also affect LibreSSL.\n\n These security issues were fixed:\n\n - CVE-2014-3570: The BN_sqr implementation in OpenSSL before 0.9.8zd,\n 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k did not properly calculate\n the square of a BIGNUM value, which might make it easier for remote\n attackers to defeat cryptographic protection mechanisms via unspecified\n vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c,\n and crypto/bn/bn_asm.c (bsc#912296).\n\n - CVE-2014-3572: The ssl3_get_key_exchange function in s3_clnt.c in\n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n allowed remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks\n and trigger a loss of forward secrecy by omitting the ServerKeyExchange\n message (bsc#912015).\n\n - CVE-2015-1792: The do_free_upto function in crypto/cms/cms_smime.c in\n OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and\n 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of\n service (infinite loop) via vectors that trigger a NULL value of a BIO\n data structure, as demonstrated by an unrecognized X.660 OID for a hash\n function (bsc#934493).\n\n - CVE-2014-8275: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1\n before 1.0.1k did not enforce certain constraints on certificate data,\n which allowed remote attackers to defeat a fingerprint-based\n certificate-blacklist protection mechanism by including crafted data\n within a certificate's unsigned portion, related to\n crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c,\n and crypto/x509/x_all.c (bsc#912018).\n\n - CVE-2015-0209: Use-after-free vulnerability in the d2i_ECPrivateKey\n function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allowed\n remote attackers to cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other impact via a\n malformed Elliptic Curve (EC) private-key file that is improperly\n handled during import (bsc#919648).\n\n - CVE-2015-1789: The X509_cmp_time function in crypto/x509/x509_vfy.c in\n OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and\n 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of\n service (out-of-bounds read and application crash) via a crafted length\n field in ASN1_TIME data, as demonstrated by an attack against a server\n that supports client authentication with a custom verific ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"libressl on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1277-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"libcrypto34\", rpm:\"libcrypto34~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcrypto34-debuginfo\", rpm:\"libcrypto34-debuginfo~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl\", rpm:\"libressl~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-debuginfo\", rpm:\"libressl-debuginfo~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-debugsource\", rpm:\"libressl-debugsource~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-devel\", rpm:\"libressl-devel~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libssl33\", rpm:\"libssl33~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libssl33-debuginfo\", rpm:\"libssl33-debuginfo~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtls4\", rpm:\"libtls4~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtls4-debuginfo\", rpm:\"libtls4-debuginfo~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcrypto34-32bit\", rpm:\"libcrypto34-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcrypto34-debuginfo-32bit\", rpm:\"libcrypto34-debuginfo-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-devel-32bit\", rpm:\"libressl-devel-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libssl33-32bit\", rpm:\"libssl33-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libssl33-debuginfo-32bit\", rpm:\"libssl33-debuginfo-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtls4-32bit\", rpm:\"libtls4-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libtls4-debuginfo-32bit\", rpm:\"libtls4-debuginfo-32bit~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libressl-devel-doc\", rpm:\"libressl-devel-doc~2.2.1~2.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:06", "description": "IPFire 2.17 - Core Update 91 fixes multiple security vulnerabilities.", "cvss3": {}, "published": "2015-06-30T00:00:00", "type": "openvas", "title": "IPFire 2.17 - Core Update 91", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1789", "CVE-2015-4171", "CVE-2014-8176", "CVE-2015-1788", "CVE-2015-3991", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310105308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105308", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ipfire_2_17_core_91.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# IPFire 2.17 - Core Update 91\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105308\");\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2015-1791\", \"CVE-2014-8176\", \"CVE-2015-3991\", \"CVE-2015-4171\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12106 $\");\n\n script_name(\"IPFire 2.17 - Core Update 91\");\n\n script_xref(name:\"URL\", value:\"http://www.ipfire.org/news/ipfire-2-17-core-update-91-released\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The followinig vulnerabilities are fixed with IPFire 2.17 - Core Update 91:\nOpenSSL security vulnerabilities:\n\nThere are six security vulnerabilities that are fixed in version 1.0.2b of openssl. This version contained an ABI\nbreakage bug that required us to wait for a fix for that and rebuild this Core Update.\n\nAmong these are fixes for the Logjam vulnerability and others that are filed under CVE-2015-1788, CVE-2015-1789,\nCVE-2015-1790, CVE-2015-1792, CVE-2015-1791, and CVE-2014-8176.\n\nStrongSwan IPsec security vulnerability:\n\nIn strongSwan 5.3.1, a security vulnerability that is filed under CVE-2015-3991 was fixed. A denial-of-service and\npotential code execution was possible with specially crafted IKE messages.\n\nIPFire ships now version 5.3.2 which fixes an second vulnerability (CVE-2015-4171).\");\n\n script_tag(name:\"solution\", value:\"Update to IPFire 2.17 - Core Update 91\");\n script_tag(name:\"summary\", value:\"IPFire 2.17 - Core Update 91 fixes multiple security vulnerabilities.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-30 12:19:16 +0200 (Tue, 30 Jun 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ipfire/system-release\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nif( ! rls = get_kb_item( \"ipfire/system-release\" ) ) exit( 0 );\nif( \"IPFire\" >!< rls ) exit( 0 );\n\nvers = eregmatch( pattern:'IPFire ([0-9.]+[^ ]*)', string:rls );\nif( ! isnull( vers[1] ) ) version = vers[1];\n\nif( ! version ) exit( 0 );\n\nc = eregmatch( pattern:'core([0-9]+)', string:rls );\nif( ! isnull( c[1] ) )\n core = c[1];\nelse\n core = 0;\n\nchk_version = version + '.' + core;\n\nif( version_is_less( version:chk_version, test_version: \"2.17.91\" ) )\n{\n report = 'Installed version: ' + version + ' core' + core +'\\n' +\n 'Fixed version: 2.17 core91\\n';\n\n security_message( data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:21", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2009:1335 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880738", "href": "http://plugins.openvas.org/nasl.php?oid=880738", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2009:1335 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a full-strength\n general purpose cryptography library. Datagram TLS (DTLS) is a protocol\n based on TLS that is capable of securing datagram transport (for example,\n UDP).\n\n Multiple denial of service flaws were discovered in OpenSSL's DTLS\n implementation. A remote attacker could use these flaws to cause a DTLS\n server to use excessive amounts of memory, or crash on an invalid memory\n access or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\n CVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n \n Note: These flaws only affect applications that use DTLS. Red Hat does not\n ship any DTLS client or server applications in Red Hat Enterprise Linux.\n \n An input validation flaw was found in the handling of the BMPString and\n UniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\n function. An attacker could use this flaw to create a specially-crafted\n X.509 certificate that could cause applications using the affected function\n to crash when printing certificate contents. (CVE-2009-0590)\n \n Note: The affected function is rarely used. No application shipped with Red\n Hat Enterprise Linux calls this function, for example.\n \n These updated packages also fix the following bugs:\n \n * "openssl smime -verify -in" verifies the signature of the input file and\n the "-verify" switch expects a signed or encrypted input file. Previously,\n running openssl on an S/MIME file that was not encrypted or signed caused\n openssl to segfault. With this update, the input file is now checked for a\n signature or encryption. Consequently, openssl now returns an error and\n quits when attempting to verify an unencrypted or unsigned S/MIME file.\n (BZ#472440)\n \n * when generating RSA keys, pairwise tests were called even in non-FIPS\n mode. This prevented small keys from being generated. With this update,\n generating keys in non-FIPS mode no longer calls the pairwise tests and\n keys as small as 32-bits can be generated in this mode. Note: In FIPS mode,\n pairwise tests are still called and keys generated in this mode must still\n be 1024-bits or larger. (BZ#479817)\n \n As well, these updated packages add the following enhancements:\n \n * both the libcrypto and libssl shared libraries, which are part of the\n OpenSSL FIPS module, are now checked for integrity on initialization of\n FIPS mode. (BZ#475798)\n \n * an issuing Certificate Authority (CA) allows multiple certificate\n templates to inherit the CA's Common Name (CN). Be ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openssl on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-September/016149.html\");\n script_id(880738);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1335\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\",\n \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_name(\"CentOS Update for openssl CESA-2009:1335 centos5 i386\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:55", "description": "The remote host is missing updates to openssl announced in\nadvisory CESA-2009:1335.", "cvss3": {}, "published": "2009-09-21T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1335 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64935", "href": "http://plugins.openvas.org/nasl.php?oid=64935", "sourceData": "#CESA-2009:1335 64935 2\n# $Id: ovcesa2009_1335.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1335 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1335\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1335\";\ntag_summary = \"The remote host is missing updates to openssl announced in\nadvisory CESA-2009:1335.\";\n\n\n\nif(description)\n{\n script_id(64935);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1335 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:56", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1335.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.", "cvss3": {}, "published": "2009-09-09T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1335", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64799", "href": "http://plugins.openvas.org/nasl.php?oid=64799", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1335.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1335 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"OpenSSL users should upgrade to these updated packages, which resolve these\nissues and add these enhancements.\n\nPlease note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1335.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.\";\n\n\n\n\nif(description)\n{\n script_id(64799);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1335\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1335.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:06", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1335.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.", "cvss3": {}, "published": "2009-09-09T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1335", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064799", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064799", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1335.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1335 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"OpenSSL users should upgrade to these updated packages, which resolve these\nissues and add these enhancements.\n\nPlease note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1335.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a full-strength\ngeneral purpose cryptography library. Datagram TLS (DTLS) is a protocol\nbased on TLS that is capable of securing datagram transport (for example,\nUDP).\n\nMultiple denial of service flaws were discovered in OpenSSL's DTLS\nimplementation. A remote attacker could use these flaws to cause a DTLS\nserver to use excessive amounts of memory, or crash on an invalid memory\naccess or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\nCVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\nNote: These flaws only affect applications that use DTLS. Red Hat does not\nship any DTLS client or server applications in Red Hat Enterprise Linux.\n\nAn input validation flaw was found in the handling of the BMPString and\nUniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\nfunction. An attacker could use this flaw to create a specially-crafted\nX.509 certificate that could cause applications using the affected function\nto crash when printing certificate contents. (CVE-2009-0590)\n\nNote: The affected function is rarely used. No application shipped with Red\nHat Enterprise Linux calls this function, for example.\";\n\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64799\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-09 02:15:49 +0200 (Wed, 09 Sep 2009)\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1335\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1335.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:48", "description": "The remote host is missing updates to openssl announced in\nadvisory CESA-2009:1335.", "cvss3": {}, "published": "2009-09-21T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1335 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064935", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064935", "sourceData": "#CESA-2009:1335 64935 2\n# $Id: ovcesa2009_1335.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1335 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1335\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1335\";\ntag_summary = \"The remote host is missing updates to openssl announced in\nadvisory CESA-2009:1335.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64935\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-21 23:13:00 +0200 (Mon, 21 Sep 2009)\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1335 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2009:1335 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880738", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880738", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2009:1335 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-September/016149.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880738\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1335\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\",\n \"CVE-2009-1386\", \"CVE-2009-1387\");\n script_name(\"CentOS Update for openssl CESA-2009:1335 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 5\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a full-strength\n general purpose cryptography library. Datagram TLS (DTLS) is a protocol\n based on TLS that is capable of securing datagram transport (for example,\n UDP).\n\n Multiple denial of service flaws were discovered in OpenSSL's DTLS\n implementation. A remote attacker could use these flaws to cause a DTLS\n server to use excessive amounts of memory, or crash on an invalid memory\n access or NULL pointer dereference. (CVE-2009-1377, CVE-2009-1378,\n CVE-2009-1379, CVE-2009-1386, CVE-2009-1387)\n\n Note: These flaws only affect applications that use DTLS. Red Hat does not\n ship any DTLS client or server applications in Red Hat Enterprise Linux.\n\n An input validation flaw was found in the handling of the BMPString and\n UniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex()\n function. An attacker could use this flaw to create a specially-crafted\n X.509 certificate that could cause applications using the affected function\n to crash when printing certificate contents. (CVE-2009-0590)\n\n Note: The affected function is rarely used. No application shipped with Red\n Hat Enterprise Linux calls this function, for example.\n\n These updated packages also fix the following bugs:\n\n * 'openssl smime -verify -in' verifies the signature of the input file and\n the '-verify' switch expects a signed or encrypted input file. Previously,\n running openssl on an S/MIME file that was not encrypted or signed caused\n openssl to segfault. With this update, the input file is now checked for a\n signature or encryption. Consequently, openssl now returns an error and\n quits when attempting to verify an unencrypted or unsigned S/MIME file.\n (BZ#472440)\n\n * when generating RSA keys, pairwise tests were called even in non-FIPS\n mode. This prevented small keys from being generated. With this update,\n generating keys in non-FIPS mode no longer calls the pairwise tests and\n keys as small as 32-bits can be generated in this mode. Note: In FIPS mode,\n pairwise tests are still called and keys generated in this mode must still\n be 1024-bits or larger. (BZ#479817)\n\n As well, these updated packages add the following enhancements:\n\n * both the libcrypto and libssl shared libraries, which are part of the\n OpenSSL FIPS module, are now checked for integrity on initialization of\n FIPS mode. (BZ#475798)\n\n * an issuing Certificate Authority (CA) allows multiple certificate\n templates to inherit the CA's Common Name (CN). Be ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:52", "description": "The OpenSSL library used in Junos OS is prone to multiple\nvulnerabilities.", "cvss3": {}, "published": "2015-11-24T00:00:00", "type": "openvas", "title": "Junos Multiple OpenSSL Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1792", "CVE-2015-1793", "CVE-2015-1789", "CVE-2015-1788", "CVE-2015-1790", "CVE-2015-1791"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310106048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106048", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_junos_cve-2015-1791.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# Junos Multiple OpenSSL Vulnerabilities\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/o:juniper:junos';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106048\");\n script_version(\"$Revision: 12106 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-24 11:15:58 +0700 (Tue, 24 Nov 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2015-1791\", \"CVE-2015-1793\", \"CVE-2015-1790\", \"CVE-2015-1792\", \"CVE-2015-1788\",\n \"CVE-2015-1789\");\n\n script_name(\"Junos Multiple OpenSSL Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_family(\"JunOS Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_ssh_junos_get_version.nasl\", \"gb_junos_snmp_version.nasl\");\n script_mandatory_keys(\"Junos/Version\");\n\n script_tag(name:\"summary\", value:\"The OpenSSL library used in Junos OS is prone to multiple\nvulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable OS build is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL library used in Junos OS is prone to multiple\nvulnerabilities.\nCVE-2015-1791: Race condition in the ssl3_get_new_session_ticket function.\nCVE-2015-1793: Error in the implementation of the alternative certificate chain logic.\nCVE-2015-1790: DoS vulnerability in the PKCS7_dataDecode function.\nCVE-2015-1792: DoS vulnerability in the do_free_upto function.\nCVE-2015-1788: DoS vulnerability in the BN_GF2m_mod_inv function.\nCVE-2015-1789: DoS vulnerability in the X509_cmp_time function.\");\n\n script_tag(name:\"impact\", value:\"The vulnerabilities range from denial of service to security bypass.\");\n\n script_tag(name:\"affected\", value:\"Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1\");\n\n script_tag(name:\"solution\", value:\"New builds of Junos OS software are available from Juniper. As a\nworkaround disable J-Web and disable SSL service for JUNOScript and only use Netconf.\");\n\n script_xref(name:\"URL\", value:\"http://kb.juniper.net/JSA10694\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\n\nif (!version = get_app_version(cpe: CPE, nofork: TRUE))\n exit(0);\n\nif (version =~ \"^12\") {\n if ((revcomp(a: version, b: \"12.1X44-D55\") < 0) &&\n (revcomp(a: version, b: \"12.1X44\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.1X46-D40\") < 0) &&\n (revcomp(a: version, b: \"12.1X46\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.1X47-D25\") < 0) &&\n (revcomp(a: version, b: \"12.1X47\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.3R11\") < 0) &&\n (revcomp(a: version, b: \"12.3\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"12.3X48-D20\") < 0) &&\n (revcomp(a: version, b: \"12.3X48\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^13\") {\n if (revcomp(a: version, b: \"13.2X51-D40\") < 0) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"13.3R7\") < 0) &&\n (revcomp(a: version, b: \"13.3\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^14\") {\n if (revcomp(a: version, b: \"14.1R6\") < 0) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"14.2R4\") < 0) &&\n (revcomp(a: version, b: \"14.2\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nif (version =~ \"^15\") {\n if (revcomp(a: version, b: \"15.1R2\") < 0) {\n security_message(port: 0, data: version);\n exit(0);\n }\n else if ((revcomp(a: version, b: \"15.1X49-D20\") < 0) &&\n (revcomp(a: version, b: \"15.1X49\") >= 0)) {\n security_message(port: 0, data: version);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-openssl FEDORA-2015-6951", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0286", "CVE-2015-0288", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-0287", "CVE-2015-0289"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869605", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869605", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-openssl FEDORA-2015-6951\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869605\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:27:06 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0293\", \"CVE-2015-0287\", \"CVE-2015-0286\",\n \"CVE-2015-0289\", \"CVE-2015-0288\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-openssl FEDORA-2015-6951\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-openssl on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-6951\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-openssl\", rpm:\"mingw-openssl~1.0.2a~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-05-05T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-openssl FEDORA-2015-6855", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0286", "CVE-2015-0288", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-0287", "CVE-2015-0289"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869342", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-openssl FEDORA-2015-6855\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869342\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-05 06:12:25 +0200 (Tue, 05 May 2015)\");\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0293\", \"CVE-2015-0287\", \"CVE-2015-0286\",\n \"CVE-2015-0289\", \"CVE-2015-0288\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-openssl FEDORA-2015-6855\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-openssl on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-6855\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-openssl\", rpm:\"mingw-openssl~1.0.2a~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:59:08", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-498)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0286", "CVE-2015-0288", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-0287", "CVE-2015-0289"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120164", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120164", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120164\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:57 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-498)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenSSL. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-498.html\");\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0293\", \"CVE-2015-0287\", \"CVE-2015-0286\", \"CVE-2015-0289\", \"CVE-2015-0288\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1k~1.84.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1k~1.84.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1k~1.84.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1k~1.84.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1k~1.84.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for openssl (SUSE-SU-2015:0541-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0286", "CVE-2015-0288", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-0287", "CVE-2015-0289"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850844", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850844", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850844\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\",\n \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 12:12:22 +0200 (Thu, 15 Oct 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for openssl (SUSE-SU-2015:0541-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL was updated to fix various security issues.\n\n The following security issues were fixed:\n\n - CVE-2015-0209: A Use After Free following d2i_ECPrivatekey error was\n fixed which could lead to crashes for attacker supplied Elliptic Curve\n keys. This could be exploited over SSL connections with client supplied\n keys.\n\n - CVE-2015-0286: A segmentation fault in ASN1_TYPE_cmp was fixed that\n could be exploited by attackers when e.g. client authentication is used.\n This could be exploited over SSL connections.\n\n - CVE-2015-0287: A ASN.1 structure reuse memory corruption was fixed. This\n problem can not be exploited over regular SSL connections, only if\n specific client programs use specific ASN.1 routines.\n\n - CVE-2015-0288: A X509_to_X509_REQ NULL pointer dereference was fixed,\n which could lead to crashes. This function is not commonly used, and not\n reachable over SSL methods.\n\n - CVE-2015-0289: Several PKCS7 NULL pointer dereferences were fixed, which\n could lead to crashes of programs using the PKCS7 APIs. The SSL apis do\n not use those by default.\n\n - CVE-2015-0293: Denial of service via reachable assert in SSLv2 servers,\n could be used by remote attackers to terminate the server process. Note\n that this requires SSLv2 being allowed, which is not the default.\");\n\n script_tag(name:\"affected\", value:\"openssl on SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:0541-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLED12\\.0SP0\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.1i~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.1i~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.1i~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo-32bit\", rpm:\"libopenssl1_0_0-debuginfo-32bit~1.0.1i~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debugsource\", rpm:\"openssl-debugsource~1.0.1i~20.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:35", "description": "This host is running OpenSSL and is prone\n to multiple vulnerabilities.", "cvss3": {}, "published": "2015-11-26T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Vulnerabilities -02 Nov15 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0286", "CVE-2015-0288", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-0287", "CVE-2015-0289"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310806733", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806733", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mult_vuln02_nov15_win.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL Multiple Vulnerabilities -02 Nov15 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806733\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2015-0293\", \"CVE-2015-0289\", \"CVE-2015-0288\", \"CVE-2015-0287\",\n \"CVE-2015-0286\", \"CVE-2015-0209\");\n script_bugtraq_id(73232, 73231, 73237, 73227, 73225, 73239);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-26 11:33:57 +0530 (Thu, 26 Nov 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"OpenSSL Multiple Vulnerabilities -02 Nov15 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - Error in 'SSLv2' implementation.\n\n - Incorrect handling of missing outer ContentInfo when parsing PKCS#7\n structures in PKCS#7 implementation.\n\n - 'X509_to_X509_REQ' function in 'crypto/x509/x509_req.c' script incorrectly\n handle invalid certificate keys.\n\n - Incorrect handling of ASN.1 structure reuse.\n\n - 'ASN1_TYPE_cmp' function in 'crypto/asn1/a_type.c' script incorrectly handle\n boolean-type comparisons.\n\n - Use-after-free vulnerability in the 'd2i_ECPrivateKey' function in\n 'crypto/ec/ec_asn1.c' script.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an remote\n attackers to cause a denial of service or execute arbitrary code or possibly\n have unspecified other impact .\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions before 0.9.8zf, 1.0.0\n before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL 0.9.8zf or 1.0.0r or\n 1.0.1m or 1.0.2a or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/USN-2537-1\");\n script_xref(name:\"URL\", value:\"https://bto.bluecoat.com/security-advisory/sa92\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20150319.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^1\\.0\\.2\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.2a\"))\n {\n fix = \"1.0.2a\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.1\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.1m\"))\n {\n fix = \"1.0.1m\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.0\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.0r\"))\n {\n fix = \"1.0.0r\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^0\\.9\\.8\")\n{\n if(version_is_less(version:vers, test_version:\"0.9.8zf\"))\n {\n fix = \"0.9.8zf\";\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:27", "description": "This host is running OpenSSL and is prone\n to multiple vulnerabilities.", "cvss3": {}, "published": "2015-11-26T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Vulnerabilities -02 Nov15 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0286", "CVE-2015-0288", "CVE-2015-0293", "CVE-2015-0209", "CVE-2015-0287", "CVE-2015-0289"], "modified": "2019-02-27T00:00:00", "id": "OPENVAS:1361412562310806731", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806731", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_openssl_mult_vuln02_nov15_lin.nasl 13898 2019-02-27 08:37:43Z cfischer $\n#\n# OpenSSL Multiple Vulnerabilities -02 Nov15 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.806731\");\n script_version(\"$Revision: 13898 $\");\n script_cve_id(\"CVE-2015-0293\", \"CVE-2015-0289\", \"CVE-2015-0288\", \"CVE-2015-0287\",\n \"CVE-2015-0286\", \"CVE-2015-0209\");\n script_bugtraq_id(73232, 73231, 73237, 73227, 73225, 73239);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-27 09:37:43 +0100 (Wed, 27 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-11-26 11:33:57 +0530 (Thu, 26 Nov 2015)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"OpenSSL Multiple Vulnerabilities -02 Nov15 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running OpenSSL and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - Error in 'SSLv2' implementation.\n\n - Incorrect handling of missing outer ContentInfo when parsing PKCS#7\n structures in PKCS#7 implementation.\n\n - 'X509_to_X509_REQ' function in 'crypto/x509/x509_req.c' script incorrectly\n handle invalid certificate keys.\n\n - Incorrect handling of ASN.1 structure reuse.\n\n - 'ASN1_TYPE_cmp' function in 'crypto/asn1/a_type.c' script incorrectly handle\n boolean-type comparisons.\n\n - Use-after-free vulnerability in the 'd2i_ECPrivateKey' function in\n 'crypto/ec/ec_asn1.c' script.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an remote\n attackers to cause a denial of service or execute arbitrary code or possibly\n have unspecified other impact .\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions before 0.9.8zf, 1.0.0\n before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to OpenSSL 0.9.8zf or 1.0.0r or\n 1.0.1m or 1.0.2a or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/USN-2537-1\");\n script_xref(name:\"URL\", value:\"https://bto.bluecoat.com/security-advisory/sa92\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20150319.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^1\\.0\\.2\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.2a\"))\n {\n fix = \"1.0.2a\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.1\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.1m\"))\n {\n fix = \"1.0.1m\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^1\\.0\\.0\")\n{\n if(version_is_less(version:vers, test_version:\"1.0.0r\"))\n {\n fix = \"1.0.0r\";\n VULN = TRUE;\n }\n}\nelse if(vers =~ \"^0\\.9\\.8\")\n{\n if(version_is_less(version:vers, test_version:\"0.9.8zf\"))\n {\n fix = \"0.9.8zf\";\n VULN = TRUE;\n }\n}\nif(VULN)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:05", "description": "Oracle Linux Local Security Checks ELSA-2009-1335", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1335", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1386", "CVE-2009-1379", "CVE-2009-1377", "CVE-2006-7250", "CVE-2009-1387", "CVE-2009-1378", "CVE-2009-0590"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122445", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122445", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1335.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122445\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:45:30 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1335\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1335 - openssl security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1335\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1335.html\");\n script_cve_id(\"CVE-2009-0590\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1386\", \"CVE-2009-1387\", \"CVE-2006-7250\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~12.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~12.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~12.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:18", "description": "Oracle Linux Local Security Checks ELSA-2015-1197", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1197", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1789", "CVE-2015-1790"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123086", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123086", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1197.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123086\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:59:12 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1197\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1197 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1197\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1197.html\");\n script_cve_id(\"CVE-2015-4000\", \"CVE-2015-1789\", \"CVE-2015-1790\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~36.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~36.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~36.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:46", "description": "Check the version of openssl", "cvss3": {}, "published": "2015-07-03T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1197 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1789", "CVE-2015-1790"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882215", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882215", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1197 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882215\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-03 06:11:00 +0200 (Fri, 03 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1197 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them to decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-1789\nand CVE-2015-1790. Upstream acknowledges Robert Swiecki and Hanno Bock as\nthe original reporters of CVE-2015-1789, and Michal Zalewski as the\noriginal reporter of CVE-2015-1790.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1197\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-July/021230.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~36.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~36.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~36.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-01T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2015:1197-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000", "CVE-2015-1789", "CVE-2015-1790"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871385", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871385", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2015:1197-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871385\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-01 06:28:09 +0200 (Wed, 01 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2015:1197-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of\nOpenSSL. A specially crafted X.509 certificate or a Certificate Revocation\nList (CRL) could possibly cause a TLS/SSL server or client using OpenSSL\nto crash. (CVE-2015-1789)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to crash.\n(CVE-2015-1790)\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them to decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-1789\nand CVE-2015-1790. Upstream acknowledges Robert Swiecki and Hanno Bock as\nthe original reporters of CVE-2015-1789, and Michal Zalewski as the\noriginal reporter of CVE-2015-1790.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1197-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00042.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~36.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~36.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~36.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~36.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2023-01-28T14:37:13", "description": "Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets Layer toolkit.\n\nCVE-2014-8176\n\nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that an invalid memory free could be triggered when buffering DTLS data.\nThis could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code. This issue only affected the oldstable distribution (wheezy).\n\nCVE-2015-1789\n\nRobert Swiecki and Hanno B??ck discovered that the X509_cmp_time function could read a few bytes out of bounds. This could allow remote attackers to cause a denial of service (crash) via crafted certificates and CRLs.\n\nCVE-2015-1790\n\nMichal Zalewski discovered that the PKCS#7 parsing code did not properly handle missing content which could lead to a NULL pointer dereference. This could allow remote attackers to cause a denial of service (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791\n\nEmilia K??sper discovered that a race condition could occur due to incorrect handling of NewSessionTicket in a multi-threaded client, leading to a double free. This could allow remote attackers to cause a denial of service (crash).\n\nCVE-2015-1792\n\nJohannes Bauer discovered that the CMS code could enter an infinite loop when verifying a signedData message, if presented with an unknown hash function OID. This could allow remote attackers to cause a denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters shorter than 768 bits as a countermeasure against the Logjam attack (CVE-2015-4000).\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-18T00:00:00", "type": "nessus", "title": "Debian DLA-247-1 : openssl security update (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libcrypto0.9.8-udeb", "p-cpe:/a:debian:debian_linux:libssl-dev", "p-cpe:/a:debian:debian_linux:libssl0.9.8", "p-cpe:/a:debian:debian_linux:libssl0.9.8-dbg", "p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-247.NASL", "href": "https://www.tenable.com/plugins/nessus/84253", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-247-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84253);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75159,\n 75161\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Debian DLA-247-1 : openssl security update (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\nCVE-2014-8176\n\nPraveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that\nan invalid memory free could be triggered when buffering DTLS data.\nThis could allow remote attackers to cause a denial of service (crash)\nor potentially execute arbitrary code. This issue only affected the\noldstable distribution (wheezy).\n\nCVE-2015-1789\n\nRobert Swiecki and Hanno B??ck discovered that the X509_cmp_time\nfunction could read a few bytes out of bounds. This could allow remote\nattackers to cause a denial of service (crash) via crafted\ncertificates and CRLs.\n\nCVE-2015-1790\n\nMichal Zalewski discovered that the PKCS#7 parsing code did not\nproperly handle missing content which could lead to a NULL pointer\ndereference. This could allow remote attackers to cause a denial of\nservice (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\nCVE-2015-1791\n\nEmilia K??sper discovered that a race condition could occur due to\nincorrect handling of NewSessionTicket in a multi-threaded client,\nleading to a double free. This could allow remote attackers to cause a\ndenial of service (crash).\n\nCVE-2015-1792\n\nJohannes Bauer discovered that the CMS code could enter an infinite\nloop when verifying a signedData message, if presented with an unknown\nhash function OID. This could allow remote attackers to cause a denial\nof service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000).\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2015/06/msg00013.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/squeeze-lts/openssl\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrypto0.9.8-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcrypto0.9.8-udeb\", reference:\"0.9.8o-4squeeze21\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl-dev\", reference:\"0.9.8o-4squeeze21\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8o-4squeeze21\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8o-4squeeze21\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"openssl\", reference:\"0.9.8o-4squeeze21\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-03T15:11:54", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - improved fix for (CVE-2015-1791)\n\n - add missing parts of CVE-2015-0209 fix for corectness although unexploitable\n\n - fix CVE-2014-8176 - invalid free in DTLS buffering code\n\n - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time\n\n - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent\n\n - fix CVE-2015-1791 - race condition handling NewSessionTicket\n\n - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function\n\n - fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on read in multithreaded applications", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-16T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : openssl (OVMSA-2015-0070)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-0209", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:openssl", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2015-0070.NASL", "href": "https://www.tenable.com/plugins/nessus/84203", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0070.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84203);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-0209\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_bugtraq_id(73196, 73239, 75154, 75156, 75157, 75159, 75161, 75219);\n\n script_name(english:\"OracleVM 3.3 : openssl (OVMSA-2015-0070)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - improved fix for (CVE-2015-1791)\n\n - add missing parts of CVE-2015-0209 fix for corectness\n although unexploitable\n\n - fix CVE-2014-8176 - invalid free in DTLS buffering code\n\n - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time\n\n - fix CVE-2015-1790 - PKCS7 crash with missing\n EncryptedContent\n\n - fix CVE-2015-1791 - race condition handling\n NewSessionTicket\n\n - fix CVE-2015-1792 - CMS verify infinite loop with\n unknown hash function\n\n - fix CVE-2015-3216 - regression in RAND locking that can\n cause segfaults on read in multithreaded applications\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2015-June/000318.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"openssl-1.0.1e-30.el6_6.11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:31", "description": "The OpenSSL team reports :\n\n- Missing DHE man-in-the-middle protection (Logjam) (CVE-2015-4000)\n\n- Malformed ECParameters causes infinite loop (CVE-2015-1788)\n\n- Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n\n- PKCS#7 crash with missing EnvelopedContent (CVE-2015-1790)\n\n- CMS verify infinite loop with unknown hash function (CVE-2015-1792)\n\n- Race condition handling NewSessionTicket (CVE-2015-1791)\n\n- Invalid free in DTLS (CVE-2014-8176)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-12T00:00:00", "type": "nessus", "title": "FreeBSD : openssl -- multiple vulnerabilities (8305e215-1080-11e5-8ba2-000c2980a9f3) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libressl", "p-cpe:/a:freebsd:freebsd:linux-c6-openssl", "p-cpe:/a:freebsd:freebsd:mingw32-openssl", "p-cpe:/a:freebsd:freebsd:openssl", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_8305E215108011E58BA2000C2980A9F3.NASL", "href": "https://www.tenable.com/plugins/nessus/84133", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84133);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\"\n );\n script_xref(name:\"FreeBSD\", value:\"SA-15:10.openssl\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"FreeBSD : openssl -- multiple vulnerabilities (8305e215-1080-11e5-8ba2-000c2980a9f3) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The OpenSSL team reports :\n\n- Missing DHE man-in-the-middle protection (Logjam) (CVE-2015-4000)\n\n- Malformed ECParameters causes infinite loop (CVE-2015-1788)\n\n- Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)\n\n- PKCS#7 crash with missing EnvelopedContent (CVE-2015-1790)\n\n- CMS verify infinite loop with unknown hash function (CVE-2015-1792)\n\n- Race condition handling NewSessionTicket (CVE-2015-1791)\n\n- Invalid free in DTLS (CVE-2014-8176)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n # https://vuxml.freebsd.org/freebsd/8305e215-1080-11e5-8ba2-000c2980a9f3.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8779dead\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libressl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-c6-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mingw32-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"openssl<1.0.2_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mingw32-openssl>=1.0.1<1.0.2b\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-c6-openssl<1.0.1e_6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libressl<2.1.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:32", "description": "LOGJAM: A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. (CVE-2015-4000)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially crafted SSL/TLS certificate or CRL (Certificate Revocation List), which when parsed by an application would cause that application to crash.\n(CVE-2015-1789)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-1790)\n\nA race condition was found in the session handling code of OpenSSL. An attacker could cause a multi-threaded SSL/TLS server to crash.\n(CVE-2015-1791)\n\nA denial of service flaw was found in OpenSSL in the way it verified certain signed messages using CMS (Cryptographic Message Syntax). A remote attacker could cause an application using OpenSSL to use excessive amounts of memory by sending a specially crafted message for verification. (CVE-2015-1792)\n\nAn invalid-free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could send a specially crafted message to the peer, which could cause the application to crash or potentially cause arbitrary code execution.\n(CVE-2014-8176)\n\nA regression was found in the ssleay_rand_bytes() function. This could lead a multi-threaded application to crash. (CVE-2015-3216)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-18T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : openssl (ALAS-2015-550) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-550.NASL", "href": "https://www.tenable.com/plugins/nessus/84251", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-550.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84251);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-3216\",\n \"CVE-2015-4000\"\n );\n script_xref(name:\"ALAS\", value:\"2015-550\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2015-550) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"LOGJAM: A flaw was found in the way the TLS protocol composes the\nDiffie-Hellman exchange (for both export and non-export grade cipher\nsuites). An attacker could use this flaw to downgrade a DHE connection\nto use export-grade key sizes, which could then be broken by\nsufficient pre-computation. This can lead to a passive\nman-in-the-middle attack in which the attacker is able to decrypt all\ntraffic. (CVE-2015-4000)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL, which is used to test the expiry dates of SSL/TLS\ncertificates. An attacker could possibly use a specially crafted\nSSL/TLS certificate or CRL (Certificate Revocation List), which when\nparsed by an application would cause that application to crash.\n(CVE-2015-1789)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. An attacker able to make an application using\nOpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input\ncould cause that application to crash. TLS/SSL clients and servers\nusing OpenSSL were not affected by this flaw. (CVE-2015-1790)\n\nA race condition was found in the session handling code of OpenSSL. An\nattacker could cause a multi-threaded SSL/TLS server to crash.\n(CVE-2015-1791)\n\nA denial of service flaw was found in OpenSSL in the way it verified\ncertain signed messages using CMS (Cryptographic Message Syntax). A\nremote attacker could cause an application using OpenSSL to use\nexcessive amounts of memory by sending a specially crafted message for\nverification. (CVE-2015-1792)\n\nAn invalid-free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could send a\nspecially crafted message to the peer, which could cause the\napplication to crash or potentially cause arbitrary code execution.\n(CVE-2014-8176)\n\nA regression was found in the ssleay_rand_bytes() function. This could\nlead a multi-threaded application to crash. (CVE-2015-3216)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2015-550.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update openssl' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.1k-10.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.1k-10.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.1k-10.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.1k-10.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.1k-10.86.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:23", "description": "The remote host is affected by the vulnerability described in GLSA-201506-02 (OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in OpenSSL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker can cause Denial of Service and information disclosure.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-23T00:00:00", "type": "nessus", "title": "GLSA-201506-02 : OpenSSL: Multiple vulnerabilities (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201506-02.NASL", "href": "https://www.tenable.com/plugins/nessus/84330", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201506-02.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84330);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75159,\n 75161\n );\n script_xref(name:\"GLSA\", value:\"201506-02\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"GLSA-201506-02 : OpenSSL: Multiple vulnerabilities (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-201506-02\n(OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in OpenSSL. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can cause Denial of Service and information\n disclosure.\n \nWorkaround :\n\n There is no known workaround at this time.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/201506-02\");\n script_set_attribute(attribute:\"solution\", value:\n\"All OpenSSL 1.0.1 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.0.1o'\n All OpenSSL 0.9.8 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8z_p7'\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 1.0.1o\", \"rge 0.9.8z_p7\", \"rge 0.9.8z_p8\", \"rge 0.9.8z_p9\", \"rge 0.9.8z_p10\", \"rge 0.9.8z_p11\", \"rge 0.9.8z_p12\", \"rge 0.9.8z_p13\", \"rge 0.9.8z_p14\", \"rge 0.9.8z_p15\"), vulnerable:make_list(\"lt 1.0.1o\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:40", "description": "Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets Layer toolkit.\n\n - CVE-2014-8176 Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that an invalid memory free could be triggered when buffering DTLS data. This could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code. This issue only affected the oldstable distribution (wheezy).\n\n - CVE-2015-1788 Joseph Barr-Pixton discovered that an infinite loop could be triggered due to incorrect handling of malformed ECParameters structures. This could allow remote attackers to cause a denial of service.\n\n - CVE-2015-1789 Robert Swiecki and Hanno Bock discovered that the X509_cmp_time function could read a few bytes out of bounds. This could allow remote attackers to cause a denial of service (crash) via crafted certificates and CRLs.\n\n - CVE-2015-1790 Michal Zalewski discovered that the PKCS#7 parsing code did not properly handle missing content which could lead to a NULL pointer dereference. This could allow remote attackers to cause a denial of service (crash) via crafted ASN.1-encoded PKCS#7 blobs.\n\n - CVE-2015-1791 Emilia Kasper discovered that a race condition could occur due to incorrect handling of NewSessionTicket in a multi-threaded client, leading to a double free. This could allow remote attackers to cause a denial of service (crash).\n\n - CVE-2015-1792 Johannes Bauer discovered that the CMS code could enter an infinite loop when verifying a signedData message, if presented with an unknown hash function OID. This could allow remote attackers to cause a denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters shorter than 768 bits as a countermeasure against the Logjam attack (CVE-2015-4000 ).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-15T00:00:00", "type": "nessus", "title": "Debian DSA-3287-1 : openssl - security update (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3287.NASL", "href": "https://www.tenable.com/plugins/nessus/84170", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3287. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84170);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\"\n );\n script_xref(name:\"DSA\", value:\"3287\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Debian DSA-3287-1 : openssl - security update (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\n\n - CVE-2014-8176\n Praveen Kariyanahalli, Ivan Fratric and Felix Groebert\n discovered that an invalid memory free could be\n triggered when buffering DTLS data. This could allow\n remote attackers to cause a denial of service (crash) or\n potentially execute arbitrary code. This issue only\n affected the oldstable distribution (wheezy).\n\n - CVE-2015-1788\n Joseph Barr-Pixton discovered that an infinite loop\n could be triggered due to incorrect handling of\n malformed ECParameters structures. This could allow\n remote attackers to cause a denial of service.\n\n - CVE-2015-1789\n Robert Swiecki and Hanno Bock discovered that the\n X509_cmp_time function could read a few bytes out of\n bounds. This could allow remote attackers to cause a\n denial of service (crash) via crafted certificates and\n CRLs.\n\n - CVE-2015-1790\n Michal Zalewski discovered that the PKCS#7 parsing code\n did not properly handle missing content which could lead\n to a NULL pointer dereference. This could allow remote\n attackers to cause a denial of service (crash) via\n crafted ASN.1-encoded PKCS#7 blobs.\n\n - CVE-2015-1791\n Emilia Kasper discovered that a race condition could\n occur due to incorrect handling of NewSessionTicket in a\n multi-threaded client, leading to a double free. This\n could allow remote attackers to cause a denial of\n service (crash).\n\n - CVE-2015-1792\n Johannes Bauer discovered that the CMS code could enter\n an infinite loop when verifying a signedData message, if\n presented with an unknown hash function OID. This could\n allow remote attackers to cause a denial of service.\n\nAdditionally OpenSSL will now reject handshakes using DH parameters\nshorter than 768 bits as a countermeasure against the Logjam attack\n(CVE-2015-4000 ).\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-8176\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-1789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-1790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-1791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-1792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-4000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/wheezy/openssl\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/openssl\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2015/dsa-3287\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the openssl packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 1.0.1e-2+deb7u17.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 1.0.1k-3+deb8u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libssl-dev\", reference:\"1.0.1e-2+deb7u17\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl-doc\", reference:\"1.0.1e-2+deb7u17\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl1.0.0\", reference:\"1.0.1e-2+deb7u17\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl1.0.0-dbg\", reference:\"1.0.1e-2+deb7u17\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openssl\", reference:\"1.0.1e-2+deb7u17\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libcrypto1.0.0-udeb\", reference:\"1.0.1k-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl-dev\", reference:\"1.0.1k-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl-doc\", reference:\"1.0.1k-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl1.0.0\", reference:\"1.0.1k-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl1.0.0-dbg\", reference:\"1.0.1k-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openssl\", reference:\"1.0.1k-3+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:55", "description": "The version of OpenSSL installed on the remote AIX host is affected by multiple vulnerabilities :\n\n - An invalid free memory error exists due to improper validation of user-supplied input when a DTLS peer receives application data between ChangeCipherSpec and Finished messages. A remote attacker can exploit this to corrupt memory, resulting in a denial of service or the execution of arbitrary code. (CVE-2014-8176)\n\n - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks.\n (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)\n\n - A man-in-the-middle vulnerability, known as Logjam, exists due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-07-20T00:00:00", "type": "nessus", "title": "AIX OpenSSL Advisory : openssl_advisory14.asc (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:ibm:aix", "cpe:/a:openssl:openssl"], "id": "AIX_OPENSSL_ADVISORY14.NASL", "href": "https://www.tenable.com/plugins/nessus/84880", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84880);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75159,\n 75161\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"AIX OpenSSL Advisory : openssl_advisory14.asc (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host has a version of OpenSSL installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of OpenSSL installed on the remote AIX host is affected by\nmultiple vulnerabilities :\n\n - An invalid free memory error exists due to improper\n validation of user-supplied input when a DTLS peer\n receives application data between ChangeCipherSpec and\n Finished messages. A remote attacker can exploit this to\n corrupt memory, resulting in a denial of service or\n the execution of arbitrary code. (CVE-2014-8176)\n\n - A denial of service vulnerability exists when processing\n an ECParameters structure due to an infinite loop that\n occurs when a specified curve is over a malformed binary\n polynomial field. A remote attacker can exploit this to\n perform a denial of service against any system that\n processes public keys, certificate requests, or\n certificates. This includes TLS clients and TLS servers\n with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper\n validation of the content and length of the ASN1_TIME\n string by the X509_cmp_time() function. A remote\n attacker can exploit this, via a malformed certificate\n and CRLs of various sizes, to cause a segmentation\n fault, resulting in a denial of service condition. TLS\n clients that verify CRLs are affected. TLS clients and\n servers with client authentication enabled may be\n affected if they use custom verification callbacks.\n (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing inner\n 'EncryptedContent'. This allows a remote attacker, via\n specially crafted ASN.1-encoded PKCS#7 blobs with\n missing content, to cause a denial of service condition\n or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that\n occurs when a NewSessionTicket is received by a\n multi-threaded client when attempting to reuse a\n previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code\n due to an infinite loop that occurs when verifying a\n signedData message. A remote attacker can exploit this\n to cause a denial of service condition. (CVE-2015-1792)\n\n - A man-in-the-middle vulnerability, known as Logjam,\n exists due to a flaw in the SSL/TLS protocol. A remote\n attacker can exploit this flaw to downgrade connections\n using ephemeral Diffie-Hellman key exchange to 512-bit\n export-grade cryptography. (CVE-2015-4000)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory14.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-01.ibm.com/marketing/iwm/iwm/web/preLogin.do?source=aixbp\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"A fix is available and can be downloaded from the AIX website.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"AIX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\ninclude(\"aix.inc\");\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item(\"Host/AIX/version\");\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevel != \"AIX-5.3\" && oslevel != \"AIX-6.1\" && oslevel != \"AIX-7.1\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 5.3 / 6.1 / 7.1\", oslevel);\n}\n\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This AIX package check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\n#0.9.8.2505\nif (aix_check_ifix(release:\"5.3\", patch:\"IV74809s9b\", package:\"openssl.base\", minfilesetver:\"0.0.0.0\", maxfilesetver:\"0.9.8.2505\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", patch:\"IV74809s9b\", package:\"openssl.base\", minfilesetver:\"0.0.0.0\", maxfilesetver:\"0.9.8.2505\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", patch:\"IV74809s9b\", package:\"openssl.base\", minfilesetver:\"0.0.0.0\", maxfilesetver:\"0.9.8.2505\") < 0) flag++;\n\n#12.9.8.2505\nif (aix_check_ifix(release:\"5.3\", patch:\"IV74809s9c\", package:\"openssl.base\", minfilesetver:\"12.0.0.0\", maxfilesetver:\"12.9.8.2505\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", patch:\"IV74809s9c\", package:\"openssl.base\", minfilesetver:\"12.0.0.0\", maxfilesetver:\"12.9.8.2505\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", patch:\"IV74809s9c\", package:\"openssl.base\", minfilesetver:\"12.0.0.0\", maxfilesetver:\"12.9.8.2505\") < 0) flag++;\n\n# Check 1.0.1 versions only after other two pass, this one has the\n# potential to audit out early.\nif (flag == 0)\n{\n #1.0.1.514\n # ifix on POWER8 machines is IV75570m9a. ifix on all others is IV74809s9a\n aix_processor = get_kb_item(\"Host/AIX/processor\");\n if (empty_or_null(aix_processor)) audit(AUDIT_KB_MISSING, \"Host/AIX/processor\");\n ifix = \"(IV74809s9a|IV75570m9a)\";\n if (\"POWER8\" >< aix_processor) ifix = \"IV75570m9a\";\n if (aix_check_ifix(release:\"5.3\", patch:ifix, package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.514\") < 0) flag++;\n if (aix_check_ifix(release:\"6.1\", patch:ifix, package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.514\") < 0) flag++;\n if (aix_check_ifix(release:\"7.1\", patch:ifix, package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.514\") < 0) flag++;\n}\n\nif (flag)\n{\n aix_report_extra = ereg_replace(string:aix_report_get(), pattern:\"[()]\", replace:\"\");\n aix_report_extra = ereg_replace(string:aix_report_extra, pattern:\"[|]\", replace:\" or \");\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_extra);\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl.base\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:23", "description": "An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Scientific Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-17T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20150615)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-libs", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "p-cpe:/a:fermilab:scientific_linux:openssl-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150615_OPENSSL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/84226", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84226);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20150615)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a\nDTLS server or client using OpenSSL to crash or, potentially, execute\narbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with\nScientific Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL. A specially crafted X.509 certificate or a Certificate\nRevocation List (CRL) could possibly cause a TLS/SSL server or client\nusing OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using\nOpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message\nSyntax (CMS) messages. A CMS message with an unknown hash function\nidentifier could cause an application using OpenSSL to enter an\ninfinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to\ncrash. (CVE-2015-1790)\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1506&L=scientific-linux-errata&F=&S=&P=6990\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ed986b1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"openssl-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7_1.8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:22", "description": "From Red Hat Security Advisory 2015:1115 :\n\nUpdated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Bock as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Kasper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-16T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : openssl (ELSA-2015-1115)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-libs", "p-cpe:/a:oracle:linux:openssl-perl", "p-cpe:/a:oracle:linux:openssl-static", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-1115.NASL", "href": "https://www.tenable.com/plugins/nessus/84202", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1115 and \n# Oracle Linux Security Advisory ELSA-2015-1115 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84202);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_bugtraq_id(73239, 75154, 75156, 75157, 75159, 75161);\n script_xref(name:\"RHSA\", value:\"2015:1115\");\n\n script_name(english:\"Oracle Linux 6 / 7 : openssl (ELSA-2015-1115)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1115 :\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a\nDTLS server or client using OpenSSL to crash or, potentially, execute\narbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL. A specially crafted X.509 certificate or a Certificate\nRevocation List (CRL) could possibly cause a TLS/SSL server or client\nusing OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using\nOpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message\nSyntax (CMS) messages. A CMS message with an unknown hash function\nidentifier could cause an application using OpenSSL to enter an\ninfinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to\ncrash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and\nIvan Fratric as the original reporters of CVE-2014-8176, Robert\nSwiecki and Hanno Bock as the original reporters of CVE-2015-1789,\nMichal Zalewski as the original reporter of CVE-2015-1790, Emilia\nKasper as the original report of CVE-2015-1791 and Johannes Bauer as\nthe original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-June/005125.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-June/005126.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"openssl-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7_1.8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-libs / openssl-perl / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:23", "description": "Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-8176)\n\nJoseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed ECParameters structures. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1788)\n\nRobert Swiecki and Hanno Bock discovered that OpenSSL incorrectly handled certain ASN1_TIME strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-1789)\n\nMichal Zalewski discovered that OpenSSL incorrectly handled missing content when parsing ASN.1-encoded PKCS#7 blobs. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-1790)\n\nEmilia Kasper discovered that OpenSSL incorrectly handled NewSessionTicket when being used by a multi-threaded client. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-1791)\n\nJohannes Bauer discovered that OpenSSL incorrectly handled verifying signedData messages using the CMS code. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1792)\n\nAs a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 768 bits, preventing a possible downgrade attack.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-12T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : openssl vulnerabilities (USN-2639-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2639-1.NASL", "href": "https://www.tenable.com/plugins/nessus/84148", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2639-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84148);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_bugtraq_id(75159);\n script_xref(name:\"USN\", value:\"2639-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : openssl vulnerabilities (USN-2639-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that\nOpenSSL incorrectly handled memory when buffering DTLS data. A remote\nattacker could use this issue to cause OpenSSL to crash, resulting in\na denial of service, or possibly execute arbitrary code.\n(CVE-2014-8176)\n\nJoseph Barr-Pixton discovered that OpenSSL incorrectly handled\nmalformed ECParameters structures. A remote attacker could use this\nissue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1788)\n\nRobert Swiecki and Hanno Bock discovered that OpenSSL incorrectly\nhandled certain ASN1_TIME strings. A remote attacker could use this\nissue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-1789)\n\nMichal Zalewski discovered that OpenSSL incorrectly handled missing\ncontent when parsing ASN.1-encoded PKCS#7 blobs. A remote attacker\ncould use this issue to cause OpenSSL to crash, resulting in a denial\nof service. (CVE-2015-1790)\n\nEmilia Kasper discovered that OpenSSL incorrectly handled\nNewSessionTicket when being used by a multi-threaded client. A remote\nattacker could use this issue to cause OpenSSL to crash, resulting in\na denial of service. (CVE-2015-1791)\n\nJohannes Bauer discovered that OpenSSL incorrectly handled verifying\nsignedData messages using the CMS code. A remote attacker could use\nthis issue to cause OpenSSL to hang, resulting in a denial of service.\n(CVE-2015-1792)\n\nAs a security improvement, this update also modifies OpenSSL behaviour\nto reject DH key sizes below 768 bits, preventing a possible downgrade\nattack.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2639-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libssl1.0.0 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|14\\.10|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1-4ubuntu5.31\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1f-1ubuntu2.15\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1f-1ubuntu9.8\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1f-1ubuntu11.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl1.0.0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-29T14:40:56", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Bock as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Kasper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-16T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : openssl (RHSA-2015:1115)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-libs", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.6", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-1115.NASL", "href": "https://www.tenable.com/plugins/nessus/84204", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1115. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84204);\n script_version(\"2.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_bugtraq_id(75154, 75156, 75157, 75159, 75161);\n script_xref(name:\"RHSA\", value:\"2015:1115\");\n\n script_name(english:\"RHEL 6 / 7 : openssl (RHSA-2015:1115)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a\nDTLS server or client using OpenSSL to crash or, potentially, execute\narbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL. A specially crafted X.509 certificate or a Certificate\nRevocation List (CRL) could possibly cause a TLS/SSL server or client\nusing OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using\nOpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message\nSyntax (CMS) messages. A CMS message with an unknown hash function\nidentifier could cause an application using OpenSSL to enter an\ninfinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to\ncrash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and\nIvan Fratric as the original reporters of CVE-2014-8176, Robert\nSwiecki and Hanno Bock as the original reporters of CVE-2015-1789,\nMichal Zalewski as the original reporter of CVE-2015-1790, Emilia\nKasper as the original report of CVE-2015-1791 and Johannes Bauer as\nthe original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20150611.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3216\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1115\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-30.el6_6.11\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"openssl-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-debuginfo-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-devel-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-libs-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.8\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-static-1.0.1e-42.el7_1.8\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:37:40", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and Ivan Fratric as the original reporters of CVE-2014-8176, Robert Swiecki and Hanno Bock as the original reporters of CVE-2015-1789, Michal Zalewski as the original reporter of CVE-2015-1790, Emilia Kasper as the original report of CVE-2015-1791 and Johannes Bauer as the original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-16T00:00:00", "type": "nessus", "title": "CentOS 6 / 7 : openssl (CESA-2015:1115)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-libs", "p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-static", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-1115.NASL", "href": "https://www.tenable.com/plugins/nessus/84199", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1115 and \n# CentOS Errata and Security Advisory 2015:1115 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84199);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-8176\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\", \"CVE-2015-3216\");\n script_bugtraq_id(75154, 75156, 75157, 75159, 75161);\n script_xref(name:\"RHSA\", value:\"2015:1115\");\n\n script_name(english:\"CentOS 6 / 7 : openssl (CESA-2015:1115)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid free flaw was found in the way OpenSSL handled certain DTLS\nhandshake messages. A malicious DTLS client or server could cause a\nDTLS server or client using OpenSSL to crash or, potentially, execute\narbitrary code. (CVE-2014-8176)\n\nA flaw was found in the way the OpenSSL packages shipped with Red Hat\nEnterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes()\nfunction. This issue could possibly cause a multi-threaded application\nusing OpenSSL to perform an out-of-bounds read and crash.\n(CVE-2015-3216)\n\nAn out-of-bounds read flaw was found in the X509_cmp_time() function\nof OpenSSL. A specially crafted X.509 certificate or a Certificate\nRevocation List (CRL) could possibly cause a TLS/SSL server or client\nusing OpenSSL to crash. (CVE-2015-1789)\n\nA race condition was found in the session handling code of OpenSSL.\nThis issue could possibly cause a multi-threaded TLS/SSL client using\nOpenSSL to double free session ticket data and crash. (CVE-2015-1791)\n\nA flaw was found in the way OpenSSL handled Cryptographic Message\nSyntax (CMS) messages. A CMS message with an unknown hash function\nidentifier could cause an application using OpenSSL to enter an\ninfinite loop. (CVE-2015-1792)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. A specially crafted PKCS#7 input with missing\nEncryptedContent data could cause an application using OpenSSL to\ncrash. (CVE-2015-1790)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and\nCVE-2015-1792 flaws. Upstream acknowledges Praveen Kariyanahalli and\nIvan Fratric as the original reporters of CVE-2014-8176, Robert\nSwiecki and Hanno Bock as the original reporters of CVE-2015-1789,\nMichal Zalewski as the original reporter of CVE-2015-1790, Emilia\nKasper as the original report of CVE-2015-1791 and Johannes Bauer as\nthe original reporter of CVE-2015-1792.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-June/021172.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?045df2f1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-June/021173.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?30c569d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-8176\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-1.0.1e-30.el6.11\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-devel-1.0.1e-30.el6.11\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-perl-1.0.1e-30.el6.11\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-static-1.0.1e-30.el6.11\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7.8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7.8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7.8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7.8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7.8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-libs / openssl-perl / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T14:41:48", "description": "Versions of OpenSSL prior to 1.0.1n, or 1.0.2b are unpatched for the following vulnerabilities :\n\n - A man-in-the-middle vulnerability, known as Logjam, exists due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000)\n\n - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)\n\n - An off-by-one overflow condition affects the BN_rand() function in 'crypto/bn/random.c'. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a buffer overflow, resulting in a denial of service.\n\n - An off-by-one overflow condition affects the BN_bn2hex() function in 'crypto/bn/bn_print.c'. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a buffer overflow, potentially resulting in a denial of service or another, more severe impact.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-22T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.1 < 1.0.1n / 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "8790.PRM", "href": "https://www.tenable.com/plugins/nnm/8790", "sourceData": "Binary data 8790.prm", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:12", "description": "According to its banner, the remote web server uses a version of OpenSSL 1.0.2 prior to 1.0.2b. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected.\n TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)\n\n - A man-in-the-middle vulnerability, known as Logjam, exists due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-12T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_2B.NASL", "href": "https://www.tenable.com/plugins/nessus/84154", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84154);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"OpenSSL 1.0.2 < 1.0.2b Multiple Vulnerabilities (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL 1.0.2 prior to 1.0.2b. The OpenSSL library is, therefore,\naffected by the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing\n an ECParameters structure due to an infinite loop that\n occurs when a specified curve is over a malformed binary\n polynomial field. A remote attacker can exploit this to\n perform a denial of service against any system that\n processes public keys, certificate requests, or\n certificates. This includes TLS clients and TLS servers\n with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper\n validation of the content and length of the\n ASN1_TIME string by the X509_cmp_time() function. A\n remote attacker can exploit this, via a malformed\n certificate and CRLs of various sizes, to cause a\n segmentation fault, resulting in a denial of service\n condition. TLS clients that verify CRLs are affected.\n TLS clients and servers with client authentication\n enabled may be affected if they use custom verification\n callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing inner\n 'EncryptedContent'. This allows a remote attacker, via\n specially crafted ASN.1-encoded PKCS#7 blobs with\n missing content, to cause a denial of service condition\n or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that\n occurs when a NewSessionTicket is received by a\n multi-threaded client when attempting to reuse a\n previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code\n due to an infinite loop that occurs when verifying a\n signedData message. A remote attacker can exploit this\n to cause a denial of service condition. (CVE-2015-1792)\n\n - A man-in-the-middle vulnerability, known as Logjam,\n exists due to a flaw in the SSL/TLS protocol. A remote\n attacker can exploit this flaw to downgrade connections\n using ephemeral Diffie-Hellman key exchange to 512-bit\n export-grade cryptography. (CVE-2015-4000)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://weakdh.org/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.2b or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.2b', min:\"1.0.2\", severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:42", "description": "According to its banner, the remote web server uses a version of OpenSSL 1.0.1 prior to 1.0.1n. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected.\n TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)\n\n - A man-in-the-middle vulnerability exists, known as Logjam, due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-12T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.1 < 1.0.1n Multiple Vulnerabilities (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_1N.NASL", "href": "https://www.tenable.com/plugins/nessus/84153", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84153);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"OpenSSL 1.0.1 < 1.0.1n Multiple Vulnerabilities (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL 1.0.1 prior to 1.0.1n. The OpenSSL library is, therefore,\naffected by the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing\n an ECParameters structure due to an infinite loop that\n occurs when a specified curve is over a malformed binary\n polynomial field. A remote attacker can exploit this to\n perform a denial of service against any system that\n processes public keys, certificate requests, or\n certificates. This includes TLS clients and TLS servers\n with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper\n validation of the content and length of the\n ASN1_TIME string by the X509_cmp_time() function. A\n remote attacker can exploit this, via a malformed\n certificate and CRLs of various sizes, to cause a\n segmentation fault, resulting in a denial of service\n condition. TLS clients that verify CRLs are affected.\n TLS clients and servers with client authentication\n enabled may be affected if they use custom verification\n callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing inner\n 'EncryptedContent'. This allows a remote attacker, via\n specially crafted ASN.1-encoded PKCS#7 blobs with\n missing content, to cause a denial of service condition\n or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that\n occurs when a NewSessionTicket is received by a\n multi-threaded client when attempting to reuse a\n previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code\n due to an infinite loop that occurs when verifying a\n signedData message. A remote attacker can exploit this\n to cause a denial of service condition. (CVE-2015-1792)\n\n - A man-in-the-middle vulnerability exists, known as\n Logjam, due to a flaw in the SSL/TLS protocol. A remote\n attacker can exploit this flaw to downgrade connections\n using ephemeral Diffie-Hellman key exchange to 512-bit\n export-grade cryptography. (CVE-2015-4000)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://weakdh.org/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.1n or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.1n', min:\"1.0.1\", severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:27", "description": "Multiple moderate and low impact security issues fixed.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-25T00:00:00", "type": "nessus", "title": "Fedora 21 : openssl-1.0.1k-10.fc21 (2015-10108)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-10108.NASL", "href": "https://www.tenable.com/plugins/nessus/84375", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-10108.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84375);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_xref(name:\"FEDORA\", value:\"2015-10108\");\n\n script_name(english:\"Fedora 21 : openssl-1.0.1k-10.fc21 (2015-10108)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple moderate and low impact security issues fixed.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1228603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1228604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1228607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1228608\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2295ddd6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"openssl-1.0.1k-10.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:26", "description": "Multiple moderate and low impact security issues fixed.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-22T00:00:00", "type": "nessus", "title": "Fedora 22 : openssl-1.0.1k-10.fc22 (2015-10047)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-10047.NASL", "href": "https://www.tenable.com/plugins/nessus/84301", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-10047.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84301);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_xref(name:\"FEDORA\", value:\"2015-10047\");\n\n script_name(english:\"Fedora 22 : openssl-1.0.1k-10.fc22 (2015-10047)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple moderate and low impact security issues fixed.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1228603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1228604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1228607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1228608\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0f4a99cd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"openssl-1.0.1k-10.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:59:19", "description": "OpenSSL 0.9.8j was updated to fix several security issues.\n\nCVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by rejecting connections with DH parameters shorter than 1024 bits. We now also generate 2048-bit DH parameters by default.\n\nCVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\nCVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\nCVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was fixed.\n\nCVE-2015-1792: A CMS verification infinite loop when using an unknown hash function was fixed.\n\nCVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\nCVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to locking regression.\n\nfixed a timing side channel in RSA decryption (bnc#929678)\n\nAdditional changes :\n\nIn the default SSL cipher string EXPORT ciphers are now disabled. This will only get active if applications get rebuilt and actually use this string. (bnc#931698)\n\nAdded the ECC ciphersuites to the DEFAULT cipher class (bnc#879179)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-07-06T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : OpenSSL (SUSE-SU-2015:1184-1) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-devel", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-1184-1.NASL", "href": "https://www.tenable.com/plugins/nessus/84548", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1184-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84548);\n script_version(\"2.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-3216\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161,\n 75219\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"SUSE SLES11 Security Update : OpenSSL (SUSE-SU-2015:1184-1) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"OpenSSL 0.9.8j was updated to fix several security issues.\n\nCVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by\nrejecting connections with DH parameters shorter than 1024 bits. We\nnow also generate 2048-bit DH parameters by default.\n\nCVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\nCVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\nCVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was\nfixed.\n\nCVE-2015-1792: A CMS verification infinite loop when using an unknown\nhash function was fixed.\n\nCVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\nCVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\nlocking regression.\n\nfixed a timing side channel in RSA decryption (bnc#929678)\n\nAdditional changes :\n\nIn the default SSL cipher string EXPORT ciphers are now disabled. This\nwill only get active if applications get rebuilt and actually use this\nstring. (bnc#931698)\n\nAdded the ECC ciphersuites to the DEFAULT cipher class (bnc#879179)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=929678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=931698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=933911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934493\");\n # https://download.suse.com/patch/finder/?keywords=ab1c52f77471cf8a61e7eae79f57f9bf\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0e541e2a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1788/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1789/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1790/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1791/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1792/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3216/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-4000/\");\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151184-1.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6d18e8f2\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP1 LTSS :\n\nzypper in -t patch slessp1-libopenssl-devel=10794\n\nTo bring your system up-to-date, use 'zypper patch'.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"s390x\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"libopenssl-devel-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"libopenssl0_9_8-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"libopenssl0_9_8-hmac-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"openssl-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"openssl-doc-0.9.8j-0.72.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:26", "description": "openssl was updated to fix six security issues.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-4000: The Logjam Attack / weakdh.org. Rject connections with DH parameters shorter than 768 bits, generates 2048-bit DH parameters by default.\n (boo#931698)\n\n - CVE-2015-1788: Malformed ECParameters causes infinite loop (boo#934487)\n\n - CVE-2015-1789: Exploitable out-of-bounds read in X509_cmp_time (boo#934489)\n\n - CVE-2015-1790: PKCS7 crash with missing EnvelopedContent (boo#934491)\n\n - CVE-2015-1792: CMS verify infinite loop with unknown hash function (boo#934493)\n\n - CVE-2015-1791: race condition in NewSessionTicket (boo#933911)\n\n - CVE-2015-3216: Crash in ssleay_rand_bytes due to locking regression (boo#933898)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl (openSUSE-2015-447) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debugsource", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-447.NASL", "href": "https://www.tenable.com/plugins/nessus/84414", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-447.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84414);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-3216\",\n \"CVE-2015-4000\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-2015-447) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"openssl was updated to fix six security issues.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-4000: The Logjam Attack / weakdh.org. Rject\n connections with DH parameters shorter than 768 bits,\n generates 2048-bit DH parameters by default.\n (boo#931698)\n\n - CVE-2015-1788: Malformed ECParameters causes infinite\n loop (boo#934487)\n\n - CVE-2015-1789: Exploitable out-of-bounds read in\n X509_cmp_time (boo#934489)\n\n - CVE-2015-1790: PKCS7 crash with missing EnvelopedContent\n (boo#934491)\n\n - CVE-2015-1792: CMS verify infinite loop with unknown\n hash function (boo#934493)\n\n - CVE-2015-1791: race condition in NewSessionTicket\n (boo#933911)\n\n - CVE-2015-3216: Crash in ssleay_rand_bytes due to locking\n regression (boo#933898)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=931698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=933898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=933911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934494\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl-devel-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl1_0_0-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl1_0_0-debuginfo-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-debuginfo-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-debugsource-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1k-11.72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl-devel-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-debuginfo-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-hmac-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-debuginfo-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-debugsource-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1k-2.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1k-2.24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl-devel-32bit / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:59:19", "description": "OpenSSL 0.9.8k was updated to fix several security issues :\n\nCVE-2015-4000: The Logjam Attack (weakdh.org) has been addressed by rejecting connections with DH parameters shorter than 1024 bits.\n2048-bit DH parameters are now generated by default.\n\nCVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\nCVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\nCVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was fixed.\n\nCVE-2015-1792: A CMS verification infinite loop when using an unknown hash function was fixed.\n\nCVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\nCVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to locking regression.\n\nFixed a timing side channel in RSA decryption. (bsc#929678)\n\nAdditional changes :\n\nIn the default SSL cipher string EXPORT ciphers are now disabled. This will only get active if applications get rebuilt and actually use this string. (bsc#931698)\n\nAdded the ECC ciphersuites to the DEFAULT cipher class. (bsc#879179)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-07-07T00:00:00", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : OpenSSL (SUSE-SU-2015:1182-2) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-1182-2.NASL", "href": "https://www.tenable.com/plugins/nessus/84559", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1182-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84559);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-3216\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161,\n 75219\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : OpenSSL (SUSE-SU-2015:1182-2) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"OpenSSL 0.9.8k was updated to fix several security issues :\n\nCVE-2015-4000: The Logjam Attack (weakdh.org) has been addressed by\nrejecting connections with DH parameters shorter than 1024 bits.\n2048-bit DH parameters are now generated by default.\n\nCVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\nCVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\nCVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was\nfixed.\n\nCVE-2015-1792: A CMS verification infinite loop when using an unknown\nhash function was fixed.\n\nCVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\nCVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\nlocking regression.\n\nFixed a timing side channel in RSA decryption. (bsc#929678)\n\nAdditional changes :\n\nIn the default SSL cipher string EXPORT ciphers are now disabled. This\nwill only get active if applications get rebuilt and actually use this\nstring. (bsc#931698)\n\nAdded the ECC ciphersuites to the DEFAULT cipher class. (bsc#879179)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=879179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=929678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=931698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=933898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=933911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934493\");\n # https://download.suse.com/patch/finder/?keywords=fcf228a4143edf49a5ca32558bfe9721\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1bcc8915\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1788/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1789/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1790/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1791/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1792/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3216/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-4000/\");\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151182-2.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?46cf76fa\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11 SP3 :\n\nzypper in -t patch sdksp3-libopenssl-devel=10781\n\nSUSE Linux Enterprise Server 11 SP3 for VMware :\n\nzypper in -t patch slessp3-libopenssl-devel=10781\n\nSUSE Linux Enterprise Server 11 SP3 :\n\nzypper in -t patch slessp3-libopenssl-devel=10781\n\nSUSE Linux Enterprise Desktop 11 SP3 :\n\nzypper in -t patch sledsp3-libopenssl-devel=10781\n\nTo bring your system up-to-date, use 'zypper patch'.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libopenssl0_9_8-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"libopenssl0_9_8-hmac-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"openssl-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"openssl-doc-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"openssl-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"libopenssl0_9_8-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"openssl-0.9.8j-0.72.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:58:57", "description": "OpenSSL 0.9.8j was updated to fix several security issues.\n\nCVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by rejecting connections with DH parameters shorter than 1024 bits. We now also generate 2048-bit DH parameters by default.\n\nCVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\nCVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\nCVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was fixed.\n\nCVE-2015-1792: A CMS verification infinite loop when using an unknown hash function was fixed.\n\nCVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\nCVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to locking regression.\n\nfixed a timing side channel in RSA decryption (bnc#929678)\n\nAdditional changes :\n\nIn the default SSL cipher string EXPORT ciphers are now disabled. This will only get active if applications get rebuilt and actually use this string. (bnc#931698)\n\nAdded the ECC ciphersuites to the DEFAULT cipher class (bnc#879179)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-07-07T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : OpenSSL (SUSE-SU-2015:1184-2) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-devel", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-1184-2.NASL", "href": "https://www.tenable.com/plugins/nessus/84561", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1184-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84561);\n script_version(\"2.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-3216\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161,\n 75219\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"SUSE SLES11 Security Update : OpenSSL (SUSE-SU-2015:1184-2) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"OpenSSL 0.9.8j was updated to fix several security issues.\n\nCVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by\nrejecting connections with DH parameters shorter than 1024 bits. We\nnow also generate 2048-bit DH parameters by default.\n\nCVE-2015-1788: Malformed ECParameters could cause an infinite loop.\n\nCVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n\nCVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent was\nfixed.\n\nCVE-2015-1792: A CMS verification infinite loop when using an unknown\nhash function was fixed.\n\nCVE-2015-1791: Fixed a race condition in NewSessionTicket creation.\n\nCVE-2015-3216: Fixed a potential crash in ssleay_rand_bytes due to\nlocking regression.\n\nfixed a timing side channel in RSA decryption (bnc#929678)\n\nAdditional changes :\n\nIn the default SSL cipher string EXPORT ciphers are now disabled. This\nwill only get active if applications get rebuilt and actually use this\nstring. (bnc#931698)\n\nAdded the ECC ciphersuites to the DEFAULT cipher class (bnc#879179)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=929678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=931698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=933911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934493\");\n # https://download.suse.com/patch/finder/?keywords=75ca56dc2ed43571b870081da3f3b615\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bba27a17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1788/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1789/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1790/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1791/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1792/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3216/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-4000/\");\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151184-2.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1071f86d\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP2 LTSS :\n\nzypper in -t patch slessp2-libopenssl-devel=10795\n\nTo bring your system up-to-date, use 'zypper patch'.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libopenssl-devel-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libopenssl0_9_8-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"libopenssl0_9_8-hmac-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"openssl-0.9.8j-0.72.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"openssl-doc-0.9.8j-0.72.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:26", "description": "This update fixes the following security issues :\n\n - CVE-2015-4000 (boo#931698)\n\n - The Logjam Attack / weakdh.org\n\n - reject connections with DH parameters shorter than 1024 bits\n\n - generates 2048-bit DH parameters by default\n\n - CVE-2015-1788 (boo#934487)\n\n - Malformed ECParameters causes infinite loop\n\n - CVE-2015-1789 (boo#934489)\n\n - Exploitable out-of-bounds read in X509_cmp_time\n\n - CVE-2015-1790 (boo#934491)\n\n - PKCS7 crash with missing EnvelopedContent\n\n - CVE-2015-1792 (boo#934493)\n\n - CMS verify infinite loop with unknown hash function\n\n - CVE-2015-1791 (boo#933911)\n\n - race condition in NewSessionTicket\n\n - CVE-2015-3216 (boo#933898)\n\n - Crash in ssleay_rand_bytes due to locking regression\n\n - modified openssl-1.0.1i-fipslocking.patch\n\n - fix timing side channel in RSA decryption (bnc#929678)\n\n - add ECC ciphersuites to DEFAULT (bnc#879179)\n\n - Disable EXPORT ciphers by default (bnc#931698, comment #3)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-29T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2015:1150-1) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:compat-openssl098-debugsource", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2015-1150-1.NASL", "href": "https://www.tenable.com/plugins/nessus/84442", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1150-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84442);\n script_version(\"2.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-3216\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161,\n 75219\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2015:1150-1) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update fixes the following security issues :\n\n - CVE-2015-4000 (boo#931698)\n\n - The Logjam Attack / weakdh.org\n\n - reject connections with DH parameters shorter than 1024\n bits\n\n - generates 2048-bit DH parameters by default\n\n - CVE-2015-1788 (boo#934487)\n\n - Malformed ECParameters causes infinite loop\n\n - CVE-2015-1789 (boo#934489)\n\n - Exploitable out-of-bounds read in X509_cmp_time\n\n - CVE-2015-1790 (boo#934491)\n\n - PKCS7 crash with missing EnvelopedContent\n\n - CVE-2015-1792 (boo#934493)\n\n - CMS verify infinite loop with unknown hash function\n\n - CVE-2015-1791 (boo#933911)\n\n - race condition in NewSessionTicket\n\n - CVE-2015-3216 (boo#933898)\n\n - Crash in ssleay_rand_bytes due to locking regression\n\n - modified openssl-1.0.1i-fipslocking.patch\n\n - fix timing side channel in RSA decryption (bnc#929678)\n\n - add ECC ciphersuites to DEFAULT (bnc#879179)\n\n - Disable EXPORT ciphers by default (bnc#931698, comment\n #3)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=879179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=929678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=931698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=933898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=933911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1788/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1789/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1790/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1791/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1792/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3216/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-4000/\");\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151150-1.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4eea51db\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Legacy Software 12 :\n\nzypper in -t patch SUSE-SLE-Module-Legacy-12-2015-285=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-285=1\n\nTo bring your system up-to-date, use 'zypper patch'.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:compat-openssl098-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"compat-openssl098-debugsource-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-32bit-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-debuginfo-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"compat-openssl098-debugsource-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-0.9.8j-78.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8j-78.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openssl098\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:12", "description": "This update of openssl fixes the following security issues :\n\n - CVE-2015-4000 (bsc#931698)\n\n - The Logjam Attack / weakdh.org\n\n - reject connections with DH parameters shorter than 1024 bits\n\n - generates 2048-bit DH parameters by default\n\n - CVE-2015-1788 (bsc#934487)\n\n - Malformed ECParameters causes infinite loop\n\n - CVE-2015-1789 (bsc#934489)\n\n - Exploitable out-of-bounds read in X509_cmp_time\n\n - CVE-2015-1790 (bsc#934491)\n\n - PKCS7 crash with missing EnvelopedContent\n\n - CVE-2015-1792 (bsc#934493)\n\n - CMS verify infinite loop with unknown hash function\n\n - CVE-2015-1791 (bsc#933911)\n\n - race condition in NewSessionTicket\n\n - CVE-2015-3216 (bsc#933898)\n\n - Crash in ssleay_rand_bytes due to locking regression\n\n - fix a timing side channel in RSA decryption (bnc#929678)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-26T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:1143-1) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3216", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2015-1143-1.NASL", "href": "https://www.tenable.com/plugins/nessus/84426", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1143-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84426);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-3216\",\n \"CVE-2015-4000\"\n );\n script_bugtraq_id(\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75161,\n 75219\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:1143-1) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update of openssl fixes the following security issues :\n\n - CVE-2015-4000 (bsc#931698)\n\n - The Logjam Attack / weakdh.org\n\n - reject connections with DH parameters shorter than 1024\n bits\n\n - generates 2048-bit DH parameters by default\n\n - CVE-2015-1788 (bsc#934487)\n\n - Malformed ECParameters causes infinite loop\n\n - CVE-2015-1789 (bsc#934489)\n\n - Exploitable out-of-bounds read in X509_cmp_time\n\n - CVE-2015-1790 (bsc#934491)\n\n - PKCS7 crash with missing EnvelopedContent\n\n - CVE-2015-1792 (bsc#934493)\n\n - CMS verify infinite loop with unknown hash function\n\n - CVE-2015-1791 (bsc#933911)\n\n - race condition in NewSessionTicket\n\n - CVE-2015-3216 (bsc#933898)\n\n - Crash in ssleay_rand_bytes due to locking regression\n\n - fix a timing side channel in RSA decryption (bnc#929678)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=926597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=929678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=931698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=933898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=933911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=934493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1788/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1789/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1790/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1791/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-1792/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-3216/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-4000/\");\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151143-1.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1fad401c\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-282=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-282=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-282=1\n\nTo bring your system up-to-date, use 'zypper patch'.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-hmac-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-debuginfo-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-debugsource-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-32bit-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1i-25.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-debugsource-1.0.1i-25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-28T14:24:27", "description": "The Cisco Application Control Engine (ACE) software installed on the remote Cisco ACE 4710 device or ACE30 module is version A5 prior to A5(3.3). It is, therefore, affected by multiple vulnerabilities :\n\n - An invalid free memory error exists due to improper validation of user-supplied input when a DTLS peer receives application data between ChangeCipherSpec and Finished messages. A remote attacker can exploit this to corrupt memory, resulting in a denial of service or the execution of arbitrary code. (CVE-2014-8176)\n\n - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks.\n (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. A remote attacker can exploit this to cause a denial of service condition or other potential unspecified impact. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)\n\n - The symmetric-key feature in the receive function requires a correct message authentication code (MAC) only if the MAC field has a nonzero length. This makes it easier for a man-in-the-middle attacker to spoof packets by omitting the MAC. (CVE-2015-1798)\n\n - A flaw exists in the symmetric-key feature in the receive function when handling a specially crafted packet sent to one of two hosts that are peering with each other. This allows an attacker to cause the next attempt by the servers to synchronize to fail.\n (CVE-2015-1799)\n\n - A man-in-the-middle vulnerability, known as Logjam, exists due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000)\n\n - A flaw exists in the TLS 1.x implementation in the Cavium SDK due to a failure to check the first byte of the padding bytes. A man-in-the-middle attacker can exploit this, by sending specially crafted requests to the server, to induce requests that allow determining the plaintext chunks of data. This vulnerability is a variant of the POODLE attack. (CVE-2015-4595)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-06-01T00:00:00", "type": "nessus", "title": "Cisco ACE 4710 Appliance / ACE30 Module Multiple Vulnerabilities (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8176", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-1798", "CVE-2015-1799", "CVE-2015-4000", "CVE-2015-4595"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:cisco:application_control_engine_software", "cpe:/a:openssl:openssl"], "id": "CISCO_ACE_A5_3_3.NASL", "href": "https://www.tenable.com/plugins/nessus/91427", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91427);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-8176\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\",\n \"CVE-2015-1798\",\n \"CVE-2015-1799\",\n \"CVE-2015-4000\",\n \"CVE-2015-4595\"\n );\n script_bugtraq_id(\n 73950,\n 73951,\n 74733,\n 75154,\n 75156,\n 75157,\n 75158,\n 75159,\n 75161\n );\n script_xref(name:\"CERT\", value:\"374268\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCut83796\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCuu82343\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCuv33150\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Cisco ACE 4710 Appliance / ACE30 Module Multiple Vulnerabilities (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Cisco Application Control Engine (ACE) software installed on the\nremote Cisco ACE 4710 device or ACE30 module is version A5 prior to\nA5(3.3). It is, therefore, affected by multiple vulnerabilities :\n\n - An invalid free memory error exists due to improper\n validation of user-supplied input when a DTLS peer\n receives application data between ChangeCipherSpec and\n Finished messages. A remote attacker can exploit this to\n corrupt memory, resulting in a denial of service or\n the execution of arbitrary code. (CVE-2014-8176)\n\n - A denial of service vulnerability exists when processing\n an ECParameters structure due to an infinite loop that\n occurs when a specified curve is over a malformed binary\n polynomial field. A remote attacker can exploit this to\n perform a denial of service against any system that\n processes public keys, certificate requests, or\n certificates. This includes TLS clients and TLS servers\n with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper\n validation of the content and length of the ASN1_TIME\n string by the X509_cmp_time() function. A remote\n attacker can exploit this, via a malformed certificate\n and CRLs of various sizes, to cause a segmentation\n fault, resulting in a denial of service condition. TLS\n clients that verify CRLs are affected. TLS clients and\n servers with client authentication enabled may be\n affected if they use custom verification callbacks.\n (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing inner\n 'EncryptedContent'. This allows a remote attacker, via\n specially crafted ASN.1-encoded PKCS#7 blobs with\n missing content, to cause a denial of service condition\n or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that\n occurs when a NewSessionTicket is received by a\n multi-threaded client when attempting to reuse a\n previous ticket. A remote attacker can exploit this to\n cause a denial of service condition or other potential\n unspecified impact. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code\n due to an infinite loop that occurs when verifying a\n signedData message. A remote attacker can exploit this\n to cause a denial of service condition. (CVE-2015-1792)\n\n - The symmetric-key feature in the receive function\n requires a correct message authentication code (MAC)\n only if the MAC field has a nonzero length. This makes\n it easier for a man-in-the-middle attacker to spoof\n packets by omitting the MAC. (CVE-2015-1798)\n\n - A flaw exists in the symmetric-key feature in the\n receive function when handling a specially crafted\n packet sent to one of two hosts that are peering with\n each other. This allows an attacker to cause the next\n attempt by the servers to synchronize to fail.\n (CVE-2015-1799)\n\n - A man-in-the-middle vulnerability, known as Logjam,\n exists due to a flaw in the SSL/TLS protocol. A remote\n attacker can exploit this flaw to downgrade connections\n using ephemeral Diffie-Hellman key exchange to 512-bit\n export-grade cryptography. (CVE-2015-4000)\n\n - A flaw exists in the TLS 1.x implementation in the\n Cavium SDK due to a failure to check the first byte of\n the padding bytes. A man-in-the-middle attacker can\n exploit this, by sending specially crafted requests to\n the server, to induce requests that allow determining\n the plaintext chunks of data. This vulnerability is a\n variant of the POODLE attack. (CVE-2015-4595)\");\n # https://www.cisco.com/c/en/us/td/docs/app_ntwk_services/data_center_app_services/ace_appliances/VA5_3_x/release/note/ACE_app_rn_A53x.html#pgfId-947807\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8bf8fa00\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.cisco.com/bugsearch/bug/CSCut83796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.cisco.com/bugsearch/bug/CSCuu82343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.cisco.com/bugsearch/bug/CSCuv33150\");\n # https://vivaldi.net/en-US/userblogs/entry/there-are-more-poodles-in-the-forest\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0f38496c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://weakdh.org/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Cisco ACE version A5(3.3) or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cisco:application_control_engine_software\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"cisco_ace_version.nasl\");\n script_require_keys(\"Host/Cisco/ACE/Version\", \"Host/Cisco/ACE/Model\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Host/Cisco/ACE/Version\");\nmodel = get_kb_item_or_exit(\"Host/Cisco/ACE/Model\");\n\nif (model != \"4710\" && model != \"ACE30\") audit(AUDIT_DEVICE_NOT_VULN, \"Cisco ACE \" + model);\n\nif (\n version =~ \"^A[34][^0-9]\" ||\n version =~ \"^A5\$[0-2][^0-9]\" ||\n version =~ \"^A5\\(3(\\.[0-2][a-z]*)?\$\"\n)\n{\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : A5(3.3)' +\n '\\n';\n security_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Cisco ACE\", version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-03T15:14:32", "description": "libressl was updated to version 2.2.1 to fix 16 security issues.\n\nLibreSSL is a fork of OpenSSL. Because of that CVEs affecting OpenSSL often also affect LibreSSL.\n\nThese security issues were fixed :\n\n - CVE-2014-3570: The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k did not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (bsc#912296).\n\n - CVE-2014-3572: The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allowed remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (bsc#912015).\n\n - CVE-2015-1792: The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function (bsc#934493).\n\n - CVE-2014-8275: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k did not enforce certain constraints on certificate data, which allowed remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (bsc#912018).\n\n - CVE-2015-0209: Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import (bsc#919648).\n\n - CVE-2015-1789: The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback (bsc#934489).\n\n - CVE-2015-1788: The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b did not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allowed remote attackers to cause a denial of service (infinite loop) via a session that used an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication (bsc#934487).\n\n - CVE-2015-1790: The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that used ASN.1 encoding and lacks inner EncryptedContent data (bsc#934491).\n\n - CVE-2015-0287: The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a did not reinitialize CHOICE and ADB data structures, which might allowed attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse (bsc#922499).\n\n - CVE-2015-0286: The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a did not properly perform boolean-type comparisons, which allowed remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that used the certificate-verification feature (bsc#922496).\n\n - CVE-2015-0289: The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a did not properly handle a lack of outer ContentInfo, which allowed attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (bsc#922500).\n\n - CVE-2015-0288: The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allowed attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key (bsc#920236).\n\n - CVE-2014-8176: The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allowed remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data (bsc#934494).\n\n - CVE-2015-4000: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, did not properly convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the 'Logjam' issue (bsc#931600).\n\n - CVE-2015-0205: The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allowed remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (bsc#912293).\n\n - CVE-2015-0206: Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allowed remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection (bsc#912292).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-07-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libressl (openSUSE-2015-507) (Logjam)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3570", "CVE-2014-3572", "CVE-2014-8176", "CVE-2014-8275", "CVE-2015-0205", "CVE-2015-0206", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1792", "CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libcrypto34", "p-cpe:/a:novell:opensuse:libcrypto34-32bit", "p-cpe:/a:novell:opensuse:libcrypto34-debuginfo", "p-cpe:/a:novell:opensuse:libcrypto34-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libressl", "p-cpe:/a:novell:opensuse:libressl-debuginfo", "p-cpe:/a:novell:opensuse:libressl-debugsource", "p-cpe:/a:novell:opensuse:libressl-devel", "p-cpe:/a:novell:opensuse:libressl-devel-32bit", "p-cpe:/a:novell:opensuse:libssl33", "p-cpe:/a:novell:opensuse:libssl33-32bit", "p-cpe:/a:novell:opensuse:libssl33-debuginfo", "p-cpe:/a:novell:opensuse:libssl33-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libtls4", "p-cpe:/a:novell:opensuse:libtls4-32bit", "p-cpe:/a:novell:opensuse:libtls4-debuginfo", "p-cpe:/a:novell:opensuse:libtls4-debuginfo-32bit", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-507.NASL", "href": "https://www.tenable.com/plugins/nessus/84998", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-507.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84998);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2014-3570\",\n \"CVE-2014-3572\",\n \"CVE-2014-8176\",\n \"CVE-2014-8275\",\n \"CVE-2015-0205\",\n \"CVE-2015-0206\",\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1792\",\n \"CVE-2015-4000\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"openSUSE Security Update : libressl (openSUSE-2015-507) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"libressl was updated to version 2.2.1 to fix 16 security issues.\n\nLibreSSL is a fork of OpenSSL. Because of that CVEs affecting OpenSSL\noften also affect LibreSSL.\n\nThese security issues were fixed :\n\n - CVE-2014-3570: The BN_sqr implementation in OpenSSL\n before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before\n 1.0.1k did not properly calculate the square of a BIGNUM\n value, which might make it easier for remote attackers\n to defeat cryptographic protection mechanisms via\n unspecified vectors, related to crypto/bn/asm/mips.pl,\n crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c\n (bsc#912296).\n\n - CVE-2014-3572: The ssl3_get_key_exchange function in\n s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k allowed remote SSL\n servers to conduct ECDHE-to-ECDH downgrade attacks and\n trigger a loss of forward secrecy by omitting the\n ServerKeyExchange message (bsc#912015).\n\n - CVE-2015-1792: The do_free_upto function in\n crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0\n before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before\n 1.0.2b allowed remote attackers to cause a denial of\n service (infinite loop) via vectors that trigger a NULL\n value of a BIO data structure, as demonstrated by an\n unrecognized X.660 OID for a hash function (bsc#934493).\n\n - CVE-2014-8275: OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k did not enforce certain\n constraints on certificate data, which allowed remote\n attackers to defeat a fingerprint-based\n certificate-blacklist protection mechanism by including\n crafted data within a certificate's unsigned portion,\n related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and\n crypto/x509/x_all.c (bsc#912018).\n\n - CVE-2015-0209: Use-after-free vulnerability in the\n d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in\n OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1\n before 1.0.1m, and 1.0.2 before 1.0.2a might allowed\n remote attackers to cause a denial of service (memory\n corruption and application crash) or possibly have\n unspecified other impact via a malformed Elliptic Curve\n (EC) private-key file that is improperly handled during\n import (bsc#919648).\n\n - CVE-2015-1789: The X509_cmp_time function in\n crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0\n before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before\n 1.0.2b allowed remote attackers to cause a denial of\n service (out-of-bounds read and application crash) via a\n crafted length field in ASN1_TIME data, as demonstrated\n by an attack against a server that supports client\n authentication with a custom verification callback\n (bsc#934489).\n\n - CVE-2015-1788: The BN_GF2m_mod_inv function in\n crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0\n before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before\n 1.0.2b did not properly handle ECParameters structures\n in which the curve is over a malformed binary polynomial\n field, which allowed remote attackers to cause a denial\n of service (infinite loop) via a session that used an\n Elliptic Curve algorithm, as demonstrated by an attack\n against a server that supports client authentication\n (bsc#934487).\n\n - CVE-2015-1790: The PKCS7_dataDecodefunction in\n crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0\n before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before\n 1.0.2b allowed remote attackers to cause a denial of\n service (NULL pointer dereference and application crash)\n via a PKCS#7 blob that used ASN.1 encoding and lacks\n inner EncryptedContent data (bsc#934491).\n\n - CVE-2015-0287: The ASN1_item_ex_d2i function in\n crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0\n before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before\n 1.0.2a did not reinitialize CHOICE and ADB data\n structures, which might allowed attackers to cause a\n denial of service (invalid write operation and memory\n corruption) by leveraging an application that relies on\n ASN.1 structure reuse (bsc#922499).\n\n - CVE-2015-0286: The ASN1_TYPE_cmp function in\n crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0\n before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before\n 1.0.2a did not properly perform boolean-type\n comparisons, which allowed remote attackers to cause a\n denial of service (invalid read operation and\n application crash) via a crafted X.509 certificate to an\n endpoint that used the certificate-verification feature\n (bsc#922496).\n\n - CVE-2015-0289: The PKCS#7 implementation in OpenSSL\n before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before\n 1.0.1m, and 1.0.2 before 1.0.2a did not properly handle\n a lack of outer ContentInfo, which allowed attackers to\n cause a denial of service (NULL pointer dereference and\n application crash) by leveraging an application that\n processes arbitrary PKCS#7 data and providing malformed\n data with ASN.1 encoding, related to\n crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c\n (bsc#922500).\n\n - CVE-2015-0288: The X509_to_X509_REQ function in\n crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0\n before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before\n 1.0.2a might allowed attackers to cause a denial of\n service (NULL pointer dereference and application crash)\n via an invalid certificate key (bsc#920236).\n\n - CVE-2014-8176: The dtls1_clear_queues function in\n ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before\n 1.0.0m, and 1.0.1 before 1.0.1h frees data structures\n without considering that application data can arrive\n between a ChangeCipherSpec message and a Finished\n message, which allowed remote DTLS peers to cause a\n denial of service (memory corruption and application\n crash) or possibly have unspecified other impact via\n unexpected application data (bsc#934494).\n\n - CVE-2015-4000: The TLS protocol 1.2 and earlier, when a\n DHE_EXPORT ciphersuite is enabled on a server but not on\n a client, did not properly convey a DHE_EXPORT choice,\n which allowed man-in-the-middle attackers to conduct\n cipher-downgrade attacks by rewriting a ClientHello with\n DHE replaced by DHE_EXPORT and then rewriting a\n ServerHello with DHE_EXPORT replaced by DHE, aka the\n 'Logjam' issue (bsc#931600).\n\n - CVE-2015-0205: The ssl3_get_cert_verify function in\n s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1\n before 1.0.1k accepts client authentication with a\n Diffie-Hellman (DH) certificate without requiring a\n CertificateVerify message, which allowed remote\n attackers to obtain access without knowledge of a\n private key via crafted TLS Handshake Protocol traffic\n to a server that recognizes a Certification Authority\n with DH support (bsc#912293).\n\n - CVE-2015-0206: Memory leak in the dtls1_buffer_record\n function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and\n 1.0.1 before 1.0.1k allowed remote attackers to cause a\n denial of service (memory consumption) by sending many\n duplicate records for the next epoch, leading to failure\n of replay detection (bsc#912292).\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=912015\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=912018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=912292\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=912293\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=912296\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=919648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=920236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922496\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922499\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922500\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=931600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934491\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=934494\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=937891\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libressl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcrypto34\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcrypto34-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcrypto34-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcrypto34-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libressl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libressl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libressl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libressl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libressl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libssl33\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libssl33-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libssl33-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libssl33-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtls4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtls4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtls4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtls4-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libcrypto34-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libcrypto34-debuginfo-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libressl-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libressl-debuginfo-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libressl-debugsource-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libressl-devel-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libssl33-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libssl33-debuginfo-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libtls4-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libtls4-debuginfo-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libcrypto34-32bit-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libcrypto34-debuginfo-32bit-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libressl-devel-32bit-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libssl33-32bit-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libssl33-debuginfo-32bit-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libtls4-32bit-2.2.1-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libtls4-debuginfo-32bit-2.2.1-2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcrypto34 / libcrypto34-32bit / libcrypto34-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T14:41:47", "description": "Versions of OpenSSL prior to 0.9.8zg, or 1.0.0 prior to 1.0.0s are unpatched for the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)\n\n - An off-by-one overflow condition affects the BN_rand() function in 'crypto/bn/random.c'. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a buffer overflow, resulting in a denial of service.\n\n - An off-by-one overflow condition affects the BN_bn2hex() function in 'crypto/bn/bn_print.c'. The issue is triggered as user-supplied input is not properly validated. This may allow an attacker to cause a buffer overflow, potentially resulting in a denial of service or another, more severe impact.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-22T00:00:00", "type": "nessus", "title": "OpenSSL 0.9.8 < 0.9.8zg / 1.0.0 < 1.0.0s Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "8791.PRM", "href": "https://www.tenable.com/plugins/nnm/8791", "sourceData": "Binary data 8791.prm", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:13", "description": "According to its banner, the remote web server uses a version of OpenSSL 1.0.0 prior to 1.0.0s. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected.\n TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-12T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.0 < 1.0.0s Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2019-01-02T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_0S.NASL", "href": "https://www.tenable.com/plugins/nessus/84152", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84152);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/01/02 16:37:56\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\"\n );\n script_bugtraq_id(\n 75154,\n 75156,\n 75157,\n 75158,\n 75161\n );\n\n script_name(english:\"OpenSSL 1.0.0 < 1.0.0s Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL 1.0.0 prior to 1.0.0s. The OpenSSL library is, therefore,\naffected by the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing\n an ECParameters structure due to an infinite loop that\n occurs when a specified curve is over a malformed binary\n polynomial field. A remote attacker can exploit this to\n perform a denial of service against any system that\n processes public keys, certificate requests, or\n certificates. This includes TLS clients and TLS servers\n with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper\n validation of the content and length of the\n ASN1_TIME string by the X509_cmp_time() function. A\n remote attacker can exploit this, via a malformed\n certificate and CRLs of various sizes, to cause a\n segmentation fault, resulting in a denial of service\n condition. TLS clients that verify CRLs are affected.\n TLS clients and servers with client authentication\n enabled may be affected if they use custom verification\n callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing inner\n 'EncryptedContent'. This allows a remote attacker, via\n specially crafted ASN.1-encoded PKCS#7 blobs with\n missing content, to cause a denial of service condition\n or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that\n occurs when a NewSessionTicket is received by a\n multi-threaded client when attempting to reuse a\n previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code\n due to an infinite loop that occurs when verifying a\n signedData message. A remote attacker can exploit this\n to cause a denial of service condition. (CVE-2015-1792)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.0s or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.0s', min:\"1.0.0\", severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:42", "description": "According to its banner, the remote web server uses a version of OpenSSL 0.9.8 prior to 0.9.8zg. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing an ECParameters structure due to an infinite loop that occurs when a specified curve is over a malformed binary polynomial field. A remote attacker can exploit this to perform a denial of service against any system that processes public keys, certificate requests, or certificates. This includes TLS clients and TLS servers with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected.\n TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner 'EncryptedContent'. This allows a remote attacker, via specially crafted ASN.1-encoded PKCS#7 blobs with missing content, to cause a denial of service condition or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that occurs when a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code due to an infinite loop that occurs when verifying a signedData message. A remote attacker can exploit this to cause a denial of service condition. (CVE-2015-1792)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-12T00:00:00", "type": "nessus", "title": "OpenSSL 0.9.8 < 0.9.8zg Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2019-01-02T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_8ZG.NASL", "href": "https://www.tenable.com/plugins/nessus/84151", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84151);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/01/02 16:37:56\");\n\n script_cve_id(\n \"CVE-2015-1788\",\n \"CVE-2015-1789\",\n \"CVE-2015-1790\",\n \"CVE-2015-1791\",\n \"CVE-2015-1792\"\n );\n script_bugtraq_id(\n 75154,\n 75156,\n 75157,\n 75158,\n 75161\n );\n\n script_name(english:\"OpenSSL 0.9.8 < 0.9.8zg Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL 0.9.8 prior to 0.9.8zg. The OpenSSL library is, therefore,\naffected by the following vulnerabilities :\n\n - A denial of service vulnerability exists when processing\n an ECParameters structure due to an infinite loop that\n occurs when a specified curve is over a malformed binary\n polynomial field. A remote attacker can exploit this to\n perform a denial of service against any system that\n processes public keys, certificate requests, or\n certificates. This includes TLS clients and TLS servers\n with client authentication enabled. (CVE-2015-1788)\n\n - A denial of service vulnerability exists due to improper\n validation of the content and length of the\n ASN1_TIME string by the X509_cmp_time() function. A\n remote attacker can exploit this, via a malformed\n certificate and CRLs of various sizes, to cause a\n segmentation fault, resulting in a denial of service\n condition. TLS clients that verify CRLs are affected.\n TLS clients and servers with client authentication\n enabled may be affected if they use custom verification\n callbacks. (CVE-2015-1789)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing inner\n 'EncryptedContent'. This allows a remote attacker, via\n specially crafted ASN.1-encoded PKCS#7 blobs with\n missing content, to cause a denial of service condition\n or other potential unspecified impacts. (CVE-2015-1790)\n\n - A double-free error exists due to a race condition that\n occurs when a NewSessionTicket is received by a\n multi-threaded client when attempting to reuse a\n previous ticket. (CVE-2015-1791)\n\n - A denial of service vulnerability exists in the CMS code\n due to an infinite loop that occurs when verifying a\n signedData message. A remote attacker can exploit this\n to cause a denial of service condition. (CVE-2015-1792)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150611.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 0.9.8gz or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'0.9.8zg', min:\"0.9.8\", severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:56:52", "description": "New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-06-12T00:00:00", "type": "nessus", "title": "Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-162-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2015-162-01.NASL", "href": "https://www.tenable.com/plugins/nessus/84126", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2015-162-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84126);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1788\", \"CVE-2015-1789\", \"CVE-2015-1790\", \"CVE-2015-1791\", \"CVE-2015-1792\");\n script_xref(name:\"SSA\", value:\"2015-162-01\");\n\n script_name(english:\"Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-162-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New openssl packages are available for Slackware 13.0, 13.1, 13.37,\n14.0, 14.1, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.750596\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cf3fe0df\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.0\", pkgname:\"openssl\", pkgver:\"0.9.8zg\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zg\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8zg\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zg\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"openssl\", pkgver:\"0.9.8zg\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zg\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8zg\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zg\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"openssl\", pkgver:\"0.9.8zg\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zg\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8zg\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zg\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"openssl\", pkgver:\"1.0.1n\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1n\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1n\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1n\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"openssl\", pkgver:\"1.0.1n\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1n\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1n\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1n\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"1.0.1n\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1n\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1n\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1n\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:33", "description": "According to its banner, the remote web server uses a version of OpenSSL 0.9.8 prior to 0.9.8zf. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A use-after-free condition exists in the d2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)\n\n - A key disclosure vulnerability exists in the SSLv2 implementation in the get_client_master_key() function due to the acceptance of a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher. A man-in-the-middle attacker can exploit this to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle.\n (CVE-2016-0703) \n - An information disclosure vulnerability exists in the SSLv2 implementation in the get_client_master_key() function due to incorrectly overwriting MASTER-KEY bytes during use of export cipher suites. A remote attacker can exploit this to create a Bleichenbacher oracle.\n (CVE-2016-0704)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "OpenSSL 0.9.8 < 0.9.8zf Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293", "CVE-2016-0703", "CVE-2016-0704"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_8ZF.NASL", "href": "https://www.tenable.com/plugins/nessus/82030", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82030);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-0293\",\n \"CVE-2016-0703\",\n \"CVE-2016-0704\"\n );\n script_bugtraq_id(\n 73225,\n 73227,\n 73231,\n 73232,\n 73237,\n 73239\n );\n\n script_name(english:\"OpenSSL 0.9.8 < 0.9.8zf Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL 0.9.8 prior to 0.9.8zf. The OpenSSL library is, therefore,\naffected by the following vulnerabilities :\n\n - A use-after-free condition exists in the\n d2i_ECPrivateKey() function due to improper processing\n of malformed EC private key files during import. A\n remote attacker can exploit this to dereference or free\n already freed memory, resulting in a denial of service\n or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp()\n function due to improperly performed boolean-type\n comparisons. A remote attacker can exploit this, via a\n crafted X.509 certificate to an endpoint that uses the\n certificate-verification feature, to cause an invalid\n read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to\n a failure to reinitialize 'CHOICE' and 'ADB' data\n structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write\n operation and memory corruption, resulting in a denial\n of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the\n X509_to_X509_REQ() function due to improper processing\n of certificate keys. This allows a remote attacker, via\n a crafted X.509 certificate, to cause a denial of\n service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing outer\n ContentInfo. This allows a remote attacker, using an\n application that processes arbitrary PKCS#7 data and\n providing malformed data with ASN.1 encoding, to cause\n a denial of service. (CVE-2015-0289)\n\n - A flaw exists in servers that both support SSLv2 and\n enable export cipher suites due to improper\n implementation of SSLv2. A remote attacker can exploit\n this, via a crafted CLIENT-MASTER-KEY message, to cause\n a denial of service. (CVE-2015-0293)\n\n - A key disclosure vulnerability exists in the SSLv2\n implementation in the get_client_master_key() function\n due to the acceptance of a nonzero CLIENT-MASTER-KEY\n CLEAR-KEY-LENGTH value for an arbitrary cipher. A\n man-in-the-middle attacker can exploit this to determine\n the MASTER-KEY value and decrypt TLS ciphertext data by\n leveraging a Bleichenbacher RSA padding oracle.\n (CVE-2016-0703)\n \n - An information disclosure vulnerability exists in the\n SSLv2 implementation in the get_client_master_key()\n function due to incorrectly overwriting MASTER-KEY bytes\n during use of export cipher suites. A remote attacker\n can exploit this to create a Bleichenbacher oracle.\n (CVE-2016-0704)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150319.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20160301.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 0.9.8zf or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'0.9.8zf', min:\"0.9.8\", severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:16", "description": "According to its banner, the remote web server uses a version of OpenSSL 1.0.0 prior to 1.0.0r. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A use-after-free condition exists in the d2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)\n\n - A key disclosure vulnerability exists in the SSLv2 implementation in the get_client_master_key() function due to the acceptance of a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher. A man-in-the-middle attacker can exploit this to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle.\n (CVE-2016-0703) \n - An information disclosure vulnerability exists in the SSLv2 implementation in the get_client_master_key() function due to incorrectly overwriting MASTER-KEY bytes during use of export cipher suites. A remote attacker can exploit this to create a Bleichenbacher oracle.\n (CVE-2016-0704)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.0 < 1.0.0r Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293", "CVE-2016-0703", "CVE-2016-0704"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_0R.NASL", "href": "https://www.tenable.com/plugins/nessus/82031", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82031);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-0293\",\n \"CVE-2016-0703\",\n \"CVE-2016-0704\"\n );\n script_bugtraq_id(\n 73225,\n 73227,\n 73231,\n 73232,\n 73237,\n 73239\n );\n\n script_name(english:\"OpenSSL 1.0.0 < 1.0.0r Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL 1.0.0 prior to 1.0.0r. The OpenSSL library is, therefore,\naffected by the following vulnerabilities :\n\n - A use-after-free condition exists in the\n d2i_ECPrivateKey() function due to improper processing\n of malformed EC private key files during import. A\n remote attacker can exploit this to dereference or free\n already freed memory, resulting in a denial of service\n or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp()\n function due to improperly performed boolean-type\n comparisons. A remote attacker can exploit this, via a\n crafted X.509 certificate to an endpoint that uses the\n certificate-verification feature, to cause an invalid\n read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to\n a failure to reinitialize 'CHOICE' and 'ADB' data\n structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write\n operation and memory corruption, resulting in a denial\n of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the\n X509_to_X509_REQ() function due to improper processing\n of certificate keys. This allows a remote attacker, via\n a crafted X.509 certificate, to cause a denial of\n service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing outer\n ContentInfo. This allows a remote attacker, using an\n application that processes arbitrary PKCS#7 data and\n providing malformed data with ASN.1 encoding, to cause\n a denial of service. (CVE-2015-0289)\n\n - A flaw exists in servers that both support SSLv2 and\n enable export cipher suites due to improper\n implementation of SSLv2. A remote attacker can exploit\n this, via a crafted CLIENT-MASTER-KEY message, to cause\n a denial of service. (CVE-2015-0293)\n\n - A key disclosure vulnerability exists in the SSLv2\n implementation in the get_client_master_key() function\n due to the acceptance of a nonzero CLIENT-MASTER-KEY\n CLEAR-KEY-LENGTH value for an arbitrary cipher. A\n man-in-the-middle attacker can exploit this to determine\n the MASTER-KEY value and decrypt TLS ciphertext data by\n leveraging a Bleichenbacher RSA padding oracle.\n (CVE-2016-0703)\n \n - An information disclosure vulnerability exists in the\n SSLv2 implementation in the get_client_master_key()\n function due to incorrectly overwriting MASTER-KEY bytes\n during use of export cipher suites. A remote attacker\n can exploit this to create a Bleichenbacher oracle.\n (CVE-2016-0704)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150319.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20160301.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.0r or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.0r', min:\"1.0.0\", severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:17", "description": "According to its banner, the remote web server uses a version of OpenSSL 1.0.1 prior to 1.0.1m. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A use-after-free condition exists in the d2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)\n\n - A key disclosure vulnerability exists in the SSLv2 implementation in the get_client_master_key() function due to the acceptance of a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher. A man-in-the-middle attacker can exploit this to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle.\n (CVE-2016-0703) \n - An information disclosure vulnerability exists in the SSLv2 implementation in the get_client_master_key() function due to incorrectly overwriting MASTER-KEY bytes during use of export cipher suites. A remote attacker can exploit this to create a Bleichenbacher oracle.\n (CVE-2016-0704)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.1 < 1.0.1m Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293", "CVE-2016-0703", "CVE-2016-0704"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_1M.NASL", "href": "https://www.tenable.com/plugins/nessus/82032", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82032);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-0293\",\n \"CVE-2016-0703\",\n \"CVE-2016-0704\"\n );\n script_bugtraq_id(\n 73225,\n 73227,\n 73231,\n 73232,\n 73237,\n 73239\n );\n\n script_name(english:\"OpenSSL 1.0.1 < 1.0.1m Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL 1.0.1 prior to 1.0.1m. The OpenSSL library is, therefore,\naffected by the following vulnerabilities :\n\n - A use-after-free condition exists in the\n d2i_ECPrivateKey() function due to improper processing\n of malformed EC private key files during import. A\n remote attacker can exploit this to dereference or free\n already freed memory, resulting in a denial of service\n or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp()\n function due to improperly performed boolean-type\n comparisons. A remote attacker can exploit this, via a\n crafted X.509 certificate to an endpoint that uses the\n certificate-verification feature, to cause an invalid\n read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to\n a failure to reinitialize 'CHOICE' and 'ADB' data\n structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write\n operation and memory corruption, resulting in a denial\n of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the\n X509_to_X509_REQ() function due to improper processing\n of certificate keys. This allows a remote attacker, via\n a crafted X.509 certificate, to cause a denial of\n service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing outer\n ContentInfo. This allows a remote attacker, using an\n application that processes arbitrary PKCS#7 data and\n providing malformed data with ASN.1 encoding, to cause\n a denial of service. (CVE-2015-0289)\n\n - A flaw exists in servers that both support SSLv2 and\n enable export cipher suites due to improper\n implementation of SSLv2. A remote attacker can exploit\n this, via a crafted CLIENT-MASTER-KEY message, to cause\n a denial of service. (CVE-2015-0293)\n\n - A key disclosure vulnerability exists in the SSLv2\n implementation in the get_client_master_key() function\n due to the acceptance of a nonzero CLIENT-MASTER-KEY\n CLEAR-KEY-LENGTH value for an arbitrary cipher. A\n man-in-the-middle attacker can exploit this to determine\n the MASTER-KEY value and decrypt TLS ciphertext data by\n leveraging a Bleichenbacher RSA padding oracle.\n (CVE-2016-0703)\n \n - An information disclosure vulnerability exists in the\n SSLv2 implementation in the get_client_master_key()\n function due to incorrectly overwriting MASTER-KEY bytes\n during use of export cipher suites. A remote attacker\n can exploit this to create a Bleichenbacher oracle.\n (CVE-2016-0704)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150319.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20160301.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.1m or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.1m', min:\"1.0.1\", severity:SECURITY_WARNING);\n", &q

EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1548)

Description

Related