Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.HP_ONEVIEW_1_10.NASL
HistoryJul 24, 2014 - 12:00 a.m.

HP OneView < 1.10 OpenSSL Multiple Vulnerabilities (HPSBGN03068)

2014-07-2400:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
67
JSON

The version of HP OneView installed on the remote host is 1.0, 1.01, or 1.05. It is, therefore, affected by the following vulnerabilities related to the included OpenSSL libraries :

  • An error exists in the function ‘ssl3_read_bytes’ that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if ‘SSL_MODE_RELEASE_BUFFERS’ is enabled. (CVE-2010-5298)

  • An error exists in the function ‘do_ssl3_write’ that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if ‘SSL_MODE_RELEASE_BUFFERS’ is enabled. (CVE-2014-0198)

  • An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.
    (CVE-2014-0224)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(76776);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2010-5298", "CVE-2014-0198", "CVE-2014-0224");
  script_bugtraq_id(66801, 67193, 67899);
  script_xref(name:"CERT", value:"978508");
  script_xref(name:"HP", value:"emr_na-c04368264");
  script_xref(name:"HP", value:"HPSBGN03068");
  script_xref(name:"HP", value:"SSRT101004");

  script_name(english:"HP OneView < 1.10 OpenSSL Multiple Vulnerabilities (HPSBGN03068)");
  script_summary(english:"Checks the version of HP OneView.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has an application installed that is affected by
multiple OpenSSL related vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of HP OneView installed on the remote host is 1.0, 1.01,
or 1.05. It is, therefore, affected by the following vulnerabilities
related to the included OpenSSL libraries :

  - An error exists in the function 'ssl3_read_bytes'
    that could allow data to be injected into other
    sessions or allow denial of service attacks. Note
    this issue is only exploitable if
    'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)

  - An error exists in the function 'do_ssl3_write' that
    could allow a NULL pointer to be dereferenced leading
    to denial of service attacks. Note this issue is
    exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is
    enabled. (CVE-2014-0198)

  - An unspecified error exists that could allow an
    attacker to cause usage of weak keying material
    leading to simplified man-in-the-middle attacks.
    (CVE-2014-0224)");
  # https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04368264
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4400eebb");
  script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/532783/30/0/threaded");
  script_set_attribute(attribute:"solution", value:
"Upgrade to HP OneView 1.10 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0224");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/07/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/07/24");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:oneview");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("hp_oneview_detect.nbin");
  script_require_keys("www/hp_oneview");
  script_require_ports("Services/www", 80, 443);

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("webapp_func.inc");

port = get_http_port(default:443);

install = get_install_from_kb(appname:'hp_oneview', port:port, exit_on_fail:TRUE);

appname = 'HP OneView';
dir = install['dir'];
install_loc = build_url(port:port, qs:dir + "/");

version = install["ver"];
if (version == UNKNOWN_VER)  audit(AUDIT_UNKNOWN_WEB_APP_VER, appname, install_loc);

if ('build' >< version)
{
  ver = version - strstr(version, ' build');
}

if (
  ver =~ '^1\\.0(0)?$' ||
  ver =~ '^1\\.01$' ||
  ver =~ '^1\\.05$'
)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  URL               : ' + install_loc +
      '\n  Installed version : ' + ver +
      '\n  Fixed version     : 1.10\n';
    security_warning(port:port, extra:report);
  }
  else security_warning(port);
  exit(0);
}
else audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, install_loc, ver);
VendorProductVersionCPE
hponeviewcpe:/a:hp:oneview

Related

ibm 35
nessus 83
ics 1
openvas 21
vmware 2
kaspersky 1
securityvulns 4
ubuntu 1
altlinux 4
redhat 3
centos 1
thn 1
citrix 1
oraclelinux 2
slackware 1
gentoo 1
fortinet 1
huawei 1
intel 1
amazon 1
cisco 1
mariadbunix 2
veracode 2
prion 2
ubuntucve 2
cve 2
freebsd_advisory 2
debiancve 2
f5 4
mageia 2
freebsd 2
openssl 2
aix 2
checkpoint_advisories 1
debian 1
suse 1
osv 1
threatpost 1
nodejsblog 1
ibm
ibm
Security Bulletin: IBM Real-time Compression Appliance is exposed to the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298.
2018-06-18 00:08:27
Security Bulletin: IBM QRadar SIEM 7.1 MR2, and 7.2 MR2 are affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298
2018-06-16 21:18:17
Security Bulletin: IBM Sterling Connect:Express for UNIX is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470
2020-07-24 22:49:37
nessus
nessus
Blue Coat ProxySG 6.5.x Multiple OpenSSL Vulnerabilities
2014-06-20 00:00:00
VMware Workstation < 9.0.4 / 10.0.3 OpenSSL Library Multiple Vulnerabilities (Linux)
2014-07-10 00:00:00
VMware OVF Tool 3.x < 3.5.2 Multiple OpenSSL Vulnerabilities (VMSA-2014-0006) (Mac OS X)
2014-08-20 00:00:00
ics
ics
Siemens OpenSSL Vulnerabilities (Update G)
2018-08-29 12:00:00
openvas
openvas
VMSA-2014-0006: VMware product updates address OpenSSL security vulnerabilities (remote check)
2014-06-13 00:00:00
VMware Security Updates for vCenter Server (VMSA-2014-0006)
2014-07-04 00:00:00
VMware ESXi updates address OpenSSL security vulnerabilities (VMSA-2014-0006)
2014-06-13 00:00:00
vmware
vmware
VMware product updates address OpenSSL security vulnerabilities
2014-06-10 00:00:00
VMware product updates address OpenSSL security vulnerabilities
2014-06-10 00:00:00
kaspersky
kaspersky
KLA10382 Multiple vulnerabilities in VMware
2014-06-10 00:00:00
securityvulns
securityvulns
[USN-2192-1] OpenSSL vulnerabilities
2014-05-05 00:00:00
OpenSSL race conditions
2014-05-05 00:00:00
FreeBSD Security Advisory FreeBSD-SA-14:09.openssl [REVISED]
2014-05-01 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-05-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package openssl10 version 1.0.1h-alt1
2014-06-05 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.1h-alt1
2014-06-05 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 1.0.1h-alt1
2014-06-05 00:00:00
redhat
redhat
(RHSA-2014:0679) Important: openssl security update
2014-06-10 00:00:00
(RHSA-2014:0628) Important: openssl security update
2014-06-05 00:00:00
(RHSA-2014:0625) Important: openssl security update
2014-06-05 00:00:00
centos
centos
openssl security update
2014-06-05 13:06:47
thn
thn
OpenSSL Vulnerable to Man-in-the-Middle Attack and Several Other Bugs
2014-06-05 05:49:00
citrix
citrix
Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)
2014-06-06 04:00:00
oraclelinux
oraclelinux
openssl security update
2014-06-05 00:00:00
openssl security update
2014-07-23 00:00:00
slackware
slackware
[slackware-security] openssl
2014-06-06 05:27:11
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2014-07-27 00:00:00
fortinet
fortinet
Multiple Vulnerabilities in OpenSSL
2014-06-06 00:00:00
huawei
huawei
Security Advisory-Multiple OpenSSL vulnerabilities on Huawei products
2014-06-13 00:00:00
intel
intel
Multiple Security Issues with Intel® Manycore Platform Software Stack (Intel® MPSS) release 3.x
2014-08-26 00:00:00
amazon
amazon
Important: openssl
2014-06-04 15:45:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
2014-06-05 22:40:00
mariadbunix
mariadbunix
CVE-2010-5298
2014-04-14 22:38:00
CVE-2014-0198
2014-05-06 10:44:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:47
Denial Of Service (DoS) Through Null Pointer Dereference
2017-02-07 02:22:26
prion
prion
Race condition
2014-04-14 22:38:00
Null pointer dereference
2014-05-06 10:44:00
ubuntucve
ubuntucve
CVE-2010-5298
2014-04-14 00:00:00
CVE-2014-0198
2014-05-02 00:00:00
cve
cve
CVE-2010-5298
2014-04-14 22:38:00
CVE-2014-0198
2014-05-06 10:44:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:09.openssl
2014-04-30 00:00:00
FreeBSD-SA-14:10.openssl
2014-05-13 00:00:00
debiancve
debiancve
CVE-2010-5298
2014-04-14 22:38:00
CVE-2014-0198
2014-05-06 10:44:00
f5
f5
SOL15328 - OpenSSL vulnerability CVE-2010-5298
2014-06-13 00:00:00
K15328 : OpenSSL vulnerability CVE-2010-5298
2014-06-20 00:00:00
SOL15329 - SSL_MODE_RELEASE_BUFFERS vulnerability CVE-2014-0198
2014-06-13 00:00:00
mageia
mageia
Updated openssl packages fix CVE-2010-5298
2014-04-23 20:04:21
Updated openssl packages fix CVE-2014-0198
2014-05-03 20:37:45
freebsd
freebsd
OpenSSL -- Remote Data Injection / DoS
2010-02-09 00:00:00
OpenSSL -- NULL pointer dereference / DoS
2014-05-02 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2010-5298
2014-04-08 00:00:00
Vulnerability in OpenSSL CVE-2014-0198
2014-04-21 00:00:00
aix
aix
AIX OpenSSL Vulnerability
2014-06-06 05:44:06
AIX OpenSSL Vulnerabilities (Multiple CVEs)
2014-06-11 06:39:27
checkpoint_advisories
checkpoint_advisories
OpenSSL do_ssl3_write Denial of Service (CVE-2014-0198)
2014-05-19 00:00:00
debian
debian
[SECURITY] [DSA 2931-1] openssl security update
2014-05-18 12:55:05
suse
suse
Security update for OpenSSL 1.0 (critical)
2014-06-06 09:04:15
osv
osv
openssl - security update
2014-05-18 00:00:00
threatpost
threatpost
SSL Pulse Scans Quantify Vulnerable OpenSSL Servers
2014-06-13 14:05:55
nodejsblog
nodejsblog
OpenSSL and Breaking UTF-8 Change (fixed in Node v0.8.27 and v0.10.29)
2014-06-16 00:00:00
JSON
Related for HP_ONEVIEW_1_10.NASL
ibm35nessus83ics1openvas21vmware2kaspersky1securityvulns4ubuntu1altlinux4redhat3centos1thn1citrix1oraclelinux2slackware1gentoo1fortinet1huawei1intel1amazon1cisco1mariadbunix2veracode2prion2ubuntucve2cve2freebsd_advisory2debiancve2f54mageia2freebsd2openssl2aix2checkpoint_advisories1debian1suse1osv1threatpost1nodejsblog1