Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSSL_3_1_2.NASL
HistoryJul 19, 2023 - 12:00 a.m.

OpenSSL 3.1.0 < 3.1.2 Multiple Vulnerabilities

2023-07-1900:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
64
JSON

The version of OpenSSL installed on the remote host is prior to 3.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.1.2 advisory.

  • Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (‘p’ parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the ‘-check’ option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. (CVE-2023-3446)

  • Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue. (CVE-2023-2975)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(178477);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/15");

  script_cve_id("CVE-2023-2975", "CVE-2023-3446", "CVE-2023-3817");
  script_xref(name:"IAVA", value:"2023-A-0398-S");

  script_name(english:"OpenSSL 3.1.0 < 3.1.2 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"The remote service is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of OpenSSL installed on the remote host is prior to 3.1.2. It is, therefore, affected by multiple
vulnerabilities as referenced in the 3.1.2 advisory.

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key
    or DH parameters may experience long delays. Where the key or parameters that are being checked have been
    obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs
    various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too
    large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is
    over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or
    parameters that have been supplied. Some of those checks use the supplied modulus value even if it has
    already been found to be too large. An application that calls DH_check() and supplies a key or parameters
    obtained from an untrusted source could be vulernable to a Denial of Service attack. The function
    DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those
    other functions may similarly be affected. The other functions affected by this are DH_check_ex() and
    EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications
    when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The
    OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. (CVE-2023-3446)

  - Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated
    data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV
    algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding
    or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently
    unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated
    data entries along with the encryption. To authenticate empty data the application has to call
    EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input
    buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of
    performing the associated data authentication operation. The empty data thus will not be authenticated. As
    this issue does not affect non-empty associated data authentication and we expect it to be rare for an
    application to use empty associated data entries this is qualified as Low severity issue. (CVE-2023-2975)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0902d518");
  script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20230719.txt");
  script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20230731.txt");
  script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/policies/secpolicy.html");
  # https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fecbc0eb");
  # https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fef21110");
  script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20230714.txt");
  script_set_attribute(attribute:"see_also", value:"https://www.cve.org/CVERecord?id=CVE-2023-2975");
  script_set_attribute(attribute:"see_also", value:"https://www.cve.org/CVERecord?id=CVE-2023-3446");
  script_set_attribute(attribute:"see_also", value:"https://www.cve.org/CVERecord?id=CVE-2023-3817");
  script_set_attribute(attribute:"solution", value:
"Upgrade to OpenSSL version 3.1.2 or later.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-2975");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/07/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/07/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/19");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:openssl:openssl");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("openssl_version.nasl", "openssl_nix_installed.nbin", "openssl_win_installed.nbin");
  script_require_keys("installed_sw/OpenSSL");

  exit(0);
}

include('vcf.inc');
include('vcf_extras_openssl.inc');

var app_info = vcf::combined_get_app_info(app:'OpenSSL');

vcf::check_all_backporting(app_info:app_info);

var constraints = [
  { 'min_version' : '3.1.0', 'fixed_version' : '3.1.2' }
];

vcf::openssl::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
VendorProductVersionCPE
opensslopensslcpe:/a:openssl:openssl

Related

openvas 53
nessus 81
mageia 2
cloudfoundry 1
ubuntu 4
osv 9
ibm 8
prion 2
ubuntucve 1
slackware 1
amazon 4
broadcom 1
debiancve 2
cve 3
alpinelinux 2
redos 2
f5 3
debian 1
oraclelinux 4
redhat 5
almalinux 2
aix 1
ics 1
cgr 1
openssl 2
freebsd 1
redhatcve 1
wolfi 1
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0253)
2023-09-11 00:00:00
Mageia: Security Advisory (MGASA-2023-0273)
2023-10-02 00:00:00
Ubuntu: Security Advisory (USN-6450-1)
2023-10-25 00:00:00
nessus
nessus
OpenSSL 3.0.0 < 3.0.10 Multiple Vulnerabilities
2023-07-19 00:00:00
Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-306)
2023-08-24 00:00:00
Ubuntu 22.04 LTS / 23.04 / 23.10 : OpenSSL vulnerabilities (USN-6450-1)
2023-10-24 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerability
2023-09-11 16:07:54
Updated quictls packages fix security vulnerabilities
2023-09-30 22:15:40
cloudfoundry
cloudfoundry
USN-6450-1: OpenSSL vulnerabilities | Cloud Foundry
2023-11-09 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2023-10-24 00:00:00
OpenSSL vulnerabilities
2023-10-18 00:00:00
OpenSSL vulnerabilities
2023-10-25 00:00:00
osv
osv
openssl vulnerabilities
2023-10-24 16:14:24
openssl vulnerabilities
2023-10-18 19:51:24
openssl vulnerabilities
2023-10-25 12:40:20
ibm
ibm
Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM Rational ClearCase
2024-03-13 14:30:55
Security Bulletin: Due to the use of OpenSSL, IBM CICS TX Advanced is vulnerable to a denial of service (DOS) (CVE-2023-3817 and CVE-2023-3446).
2024-02-13 17:00:03
Security Bulletin: Multiple vulnerabilities in OpenSSL affect AIX
2023-09-11 17:03:01
prion
prion
Design/Logic Flaw
2023-07-31 16:15:00
Null pointer dereference
2023-07-14 12:15:00
ubuntucve
ubuntucve
CVE-2023-3817
2023-07-31 00:00:00
slackware
slackware
[slackware-security] openssl
2023-08-02 17:08:29
amazon
amazon
Medium: edk2
2023-08-17 11:58:00
Medium: openssl
2023-09-08 16:52:00
Medium: openssl
2023-09-27 22:15:00
broadcom
broadcom
Excessive time spent checking DH q parameter value (CVE-2023-3817)
2024-04-16 00:00:00
debiancve
debiancve
CVE-2023-3817
2023-07-31 16:15:10
CVE-2023-2975
2023-07-14 12:15:09
cve
cve
CVE-2023-3817
2023-07-31 16:15:10
CVE-2023-2975
2023-07-14 12:15:09
CVE-2023-3446
2023-07-19 12:15:10
alpinelinux
alpinelinux
CVE-2023-3817
2023-07-31 16:15:10
CVE-2023-2975
2023-07-14 12:15:09
redos
redos
ROS-20230907-04
2023-09-07 00:00:00
ROS-20230915-14
2023-09-15 00:00:00
f5
f5
K000137969 : OpenSSL vulnerability CVE-2023-3817
2023-12-19 00:00:00
K000135633 : OpenSSL vulnerability CVE-2023-2975
2023-07-27 00:00:00
K000136903 : OpenSSL Diffie-Hellman vulnerability CVE-2023-3446
2023-09-19 00:00:00
debian
debian
[SECURITY] [DLA 3530-1] openssl security update
2023-08-16 05:56:58
oraclelinux
oraclelinux
openssl security update
2024-01-10 00:00:00
openssl security update
2023-12-18 00:00:00
openssl and openssl-fips-provider security update
2024-05-03 00:00:00
redhat
redhat
(RHSA-2023:7877) Low: openssl security update
2023-12-18 07:10:45
(RHSA-2024:0154) Low: openssl security update
2024-01-10 16:25:10
(RHSA-2024:0208) Low: openssl security update
2024-01-11 21:04:17
almalinux
almalinux
Low: openssl security update
2023-12-19 00:00:00
Low: openssl and openssl-fips-provider security update
2024-04-30 00:00:00
aix
aix
Multiple vulnerabilities in OpenSSL affect AIX
2023-09-11 10:43:54
ics
ics
Siemens SIMATIC MV500
2023-11-16 12:00:00
cgr
cgr
CVE-2023-2975 vulnerabilities
2024-05-09 15:29:34
openssl
openssl
Vulnerability in OpenSSL CVE-2023-2975
2023-07-07 00:00:00
Vulnerability in OpenSSL CVE-2023-3446
2023-07-13 00:00:00
freebsd
freebsd
OpenSSL -- AES-SIV implementation ignores empty associated data entries
2023-07-14 00:00:00
redhatcve
redhatcve
CVE-2023-2975
2023-07-19 05:03:13
wolfi
wolfi
CVE-2023-3446 vulnerabilities
2024-05-09 15:29:55
JSON
Related for OPENSSL_3_1_2.NASL
openvas53nessus81mageia2cloudfoundry1ubuntu4osv9ibm8prion2ubuntucve1slackware1amazon4broadcom1debiancve2cve3alpinelinux2redos2f53debian1oraclelinux4redhat5almalinux2aix1ics1cgr1openssl2freebsd1redhatcve1wolfi1