Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

EulerOS Virtualization 2.11.0 : shim (EulerOS-SA-2024-1731)

🗓️ 29 May 2024 00:00:00Reported by This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.Type 
nessus
 nessus🔗 www.tenable.com👁 17 Views

Vulnerability in OpenSSL certificate chain verification in EulerOS Virtualization 2.11.0

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: IBM InfoSphere Information Server is affected by OpenSSL Vulnerability (CVE-2023-0464)
19 Mar 202423:18
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.
28 Mar 202419:50
ibm
IBM Security Bulletins		Security Bulletin: CVE-2023-0464 may affect IBM CICS TX Advanced 10.1
8 Jun 202318:15
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in FOS firmware used by IBM b-type SAN directors and switches.
1 May 202421:21
ibm
IBM Security Bulletins		Security Bulletin: Due to use of OpenSSL, IBM Tivoli Netcool System Service Monitors/Application Service Monitors is vulnerable to a denial of service.
23 Oct 202313:16
ibm
IBM Security Bulletins		Security Bulletin: IBM Master Data Management is vulnerable to specially crafted certificate chains in OpenSSL leading to a denial of service (CVE-2023-0464)
25 Oct 202420:40
ibm
IBM Security Bulletins		Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related OpenSSL
6 Oct 202307:46
ibm
IBM Security Bulletins		Security Bulletin: IBM Watson Explorer affected by vulnerability in OpenSSL
30 Jun 202313:51
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Automation.
18 Apr 202415:34
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM Rational ClearCase.
3 Oct 202314:03
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(198098);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/29");

  script_cve_id("CVE-2023-0464");

  script_name(english:"EulerOS Virtualization 2.11.0 : shim (EulerOS-SA-2024-1731)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is
affected by the following vulnerabilities :

    A security vulnerability has been identified in all supported versions of OpenSSL related to the
    verification of X.509 certificate chains that include policy constraints.  Attackers may be able to
    exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of
    computational resources, leading to a denial-of-service (DoS) attack on affected systems.Policy processing
    is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities
    or by calling the `X509_VERIFY_PARAM_set1_policies()' function.(CVE-2023-0464)

Tenable has extracted the preceding description block directly from the EulerOS Virtualization shim security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2024-1731
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c6f40844");
  script_set_attribute(attribute:"solution", value:
"Update the affected shim packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-0464");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/03/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/05/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/05/29");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:shim");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.11.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "2.11.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.11.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "x86" >!< cpu) audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

var flag = 0;

var pkgs = [
  "shim-15.4-2.h25.eulerosv2r11"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "shim");
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
29 May 2024 00:00Current
7High risk
Vulners AI Score7
CVSS37.5
EPSS0.016
eulerosvirtualizationopensslcertificate chainvulnerabilitydenial of servicepolicy constraintscomputational resources
17
.json
Report