5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.028 Low
EPSS
Percentile
90.8%
The version of OpenSSL installed on the remote host is prior to 0.9.6i. It is, therefore, affected by a vulnerability as referenced in the 0.9.6i advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(200207);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/07");
script_cve_id("CVE-2003-0078");
script_name(english:"OpenSSL 0.9.6 < 0.9.6i Vulnerability");
script_set_attribute(attribute:"synopsis", value:
"The remote service is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of OpenSSL installed on the remote host is prior to 0.9.6i. It is, therefore, affected by a vulnerability as
referenced in the 0.9.6i advisory.
- ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC
computation if an incorrect block cipher padding is used, which causes an information leak (timing
discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between
padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the
Vaudenay timing attack. (CVE-2003-0078)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.cve.org/CVERecord?id=CVE-2003-0078");
script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20030219.txt");
script_set_attribute(attribute:"solution", value:
"Upgrade to OpenSSL version 0.9.6i or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2003-0078");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2003/02/19");
script_set_attribute(attribute:"patch_publication_date", value:"2003/02/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/06/07");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:openssl:openssl");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("openssl_version.nasl", "openssl_nix_installed.nbin", "openssl_win_installed.nbin");
script_require_keys("installed_sw/OpenSSL");
exit(0);
}
include('vcf.inc');
include('vcf_extras_openssl.inc');
var app_info = vcf::combined_get_app_info(app:'OpenSSL');
vcf::check_all_backporting(app_info:app_info);
var constraints = [
{ 'min_version' : '0.9.6', 'fixed_version' : '0.9.6i' }
];
vcf::openssl::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);