According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability.
An out-of-bounds read error, known as the ‘Heartbleed Bug’, exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(73688);
script_version("1.16");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/25");
script_cve_id("CVE-2014-0160");
script_bugtraq_id(66690);
script_xref(name:"CERT", value:"720951");
script_xref(name:"EDB-ID", value:"32745");
script_xref(name:"EDB-ID", value:"32764");
script_xref(name:"EDB-ID", value:"32791");
script_xref(name:"EDB-ID", value:"32998");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/25");
script_name(english:"Junos Pulse Secure Access IVE / UAC OS OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is affected by an information disclosure
vulnerability.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the version of IVE / UAC OS
running on the remote host is affected by an information disclosure
vulnerability.
An out-of-bounds read error, known as the 'Heartbleed Bug', exists
related to handling TLS heartbeat extensions that could allow an
attacker to obtain sensitive information such as primary key material,
secondary key material, and other protected content.");
script_set_attribute(attribute:"see_also", value:"https://kb.juniper.net/InfoCenter/index?page=content&id=KB29004");
script_set_attribute(attribute:"see_also", value:"https://kb.juniper.net/InfoCenter/index?page=content&id=KB29007");
script_set_attribute(attribute:"see_also", value:"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10623");
script_set_attribute(attribute:"see_also", value:"http://www.heartbleed.com");
script_set_attribute(attribute:"see_also", value:"https://eprint.iacr.org/2014/140");
script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/vulnerabilities.html#2014-0160");
script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20140407.txt");
script_set_attribute(attribute:"solution", value:
"Upgrade to Juniper Junos IVE OS version 7.4R9.3 / 8.0R3.2 or later or
UAC OS version 4.4R10 / 5.0R3.2 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0160");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"in_the_news", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/24");
script_set_attribute(attribute:"patch_publication_date", value:"2014/04/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:ive_os");
script_set_attribute(attribute:"cpe", value:"cpe:/a:juniper:junos_pulse_secure_access_service");
script_set_attribute(attribute:"cpe", value:"cpe:/a:juniper:junos_pulse_access_control_service");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2014-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/Juniper/IVE OS/Version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
version = get_kb_item_or_exit('Host/Juniper/IVE OS/Version');
match = eregmatch(string:version, pattern:"^([\d.]+)[Rr]([0-9.]+)");
if (isnull(match)) exit(1, 'Error parsing version: ' + version);
release = match[1];
build = match[2];
# IVE OS
# 7.4R1 to 7.4R9
if (release == '7.4' && ver_compare(ver:build, fix:'9.3', strict:FALSE) == -1)
fix = '7.4r9.3';
# 8.0R1 to 8.0R3
else if (release == '8.0' && ver_compare(ver:build, fix:'3.2', strict:FALSE) == -1)
fix = '8.0r3.2';
# UAC OS
# 4.4R1 to 4.4R9
else if (release == '4.4' && ver_compare(ver:build, fix:'10', strict:FALSE) == -1)
fix = '4.4r10';
# 5.0R1 to 5.0R3
else if (release == '5.0' && ver_compare(ver:build, fix:'3.2', strict:FALSE) == -1)
fix = '5.0r3.2';
else
audit(AUDIT_INST_VER_NOT_VULN, 'IVE/UAC OS', version);
if (report_verbosity > 0)
{
report =
'\n Installed version : ' + version +
'\n Fixed version : ' + fix + '\n';
security_warning(port:0, extra:report);
}
else security_warning(0);
Vendor | Product | Version | CPE |
---|---|---|---|
juniper | ive_os | cpe:/o:juniper:ive_os | |
juniper | junos_pulse_secure_access_service | cpe:/a:juniper:junos_pulse_secure_access_service | |
juniper | junos_pulse_access_control_service | cpe:/a:juniper:junos_pulse_access_control_service |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
www.heartbleed.com
eprint.iacr.org/2014/140
kb.juniper.net/InfoCenter/index?page=content&id=JSA10623
kb.juniper.net/InfoCenter/index?page=content&id=KB29004
kb.juniper.net/InfoCenter/index?page=content&id=KB29007
www.openssl.org/news/secadv/20140407.txt
www.openssl.org/news/vulnerabilities.html#2014-0160