Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2012-277.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : gnutls (openSUSE-SU-2012:0620-1)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

3 vulnerabilities were discovered for the gnutls packages in openSUSE version 12.1.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2012-277.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(74627);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2012-1569", "CVE-2012-1573", "CVE-2012-1663");

  script_name(english:"openSUSE Security Update : gnutls (openSUSE-SU-2012:0620-1)");
  script_summary(english:"Check for the openSUSE-2012-277 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"3 vulnerabilities were discovered for the gnutls packages in openSUSE
version 12.1."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=752193"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=753301"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=754223"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2012-05/msg00021.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected gnutls packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-devel-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra28");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra28-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl27");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl27-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx28");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx28-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/03/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/05/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.1", reference:"gnutls-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"gnutls-debuginfo-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"gnutls-debugsource-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-devel-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-extra-devel-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-extra28-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-extra28-debuginfo-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-openssl-devel-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-openssl27-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-openssl27-debuginfo-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls28-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutls28-debuginfo-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutlsxx-devel-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutlsxx28-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libgnutlsxx28-debuginfo-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libgnutls-devel-32bit-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libgnutls28-32bit-3.0.3-5.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libgnutls28-debuginfo-32bit-3.0.3-5.8.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gnutls / gnutls-debuginfo / gnutls-debugsource / libgnutls-devel / etc");
}
VendorProductVersionCPE
novellopensusegnutlsp-cpe:/a:novell:opensuse:gnutls
novellopensusegnutls-debuginfop-cpe:/a:novell:opensuse:gnutls-debuginfo
novellopensusegnutls-debugsourcep-cpe:/a:novell:opensuse:gnutls-debugsource
novellopensuselibgnutls-develp-cpe:/a:novell:opensuse:libgnutls-devel
novellopensuselibgnutls-devel-32bitp-cpe:/a:novell:opensuse:libgnutls-devel-32bit
novellopensuselibgnutls-extra-develp-cpe:/a:novell:opensuse:libgnutls-extra-devel
novellopensuselibgnutls-extra28p-cpe:/a:novell:opensuse:libgnutls-extra28
novellopensuselibgnutls-extra28-debuginfop-cpe:/a:novell:opensuse:libgnutls-extra28-debuginfo
novellopensuselibgnutls-openssl-develp-cpe:/a:novell:opensuse:libgnutls-openssl-devel
novellopensuselibgnutls-openssl27p-cpe:/a:novell:opensuse:libgnutls-openssl27
Rows per page:
1-10 of 191

Related

nessus 41
centos 3
openvas 68
oraclelinux 4
redhat 5
cve 3
prion 3
debiancve 2
zdt 1
ubuntucve 3
fedora 14
freebsd 2
slackware 1
checkpoint_advisories 3
veracode 2
debian 2
altlinux 1
securityvulns 2
ubuntu 2
gentoo 2
amazon 2
exploitpack 1
seebug 1
exploitdb 1
suse 1
vmware 2
ibm 1
nessus
nessus
RHEL 5 : gnutls (RHSA-2012:0428)
2012-03-28 00:00:00
CentOS 5 : gnutls (CESA-2012:0428)
2012-03-28 00:00:00
Oracle Linux 5 : gnutls (ELSA-2012-0428)
2013-07-12 00:00:00
centos
centos
gnutls security update
2012-03-28 00:49:15
libtasn1 security update
2012-03-28 01:12:20
gnutls security update
2012-03-28 01:12:42
openvas
openvas
Oracle: Security Advisory (ELSA-2012-0428)
2015-10-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0818-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0807-1)
2021-06-09 00:00:00
oraclelinux
oraclelinux
gnutls security update
2012-03-27 00:00:00
libtasn1 security update
2012-03-27 00:00:00
gnutls security update
2012-03-28 00:00:00
redhat
redhat
(RHSA-2012:0428) Important: gnutls security update
2012-03-27 00:00:00
(RHSA-2012:0427) Important: libtasn1 security update
2012-03-27 00:00:00
(RHSA-2012:0429) Important: gnutls security update
2012-03-27 00:00:00
cve
cve
CVE-2012-1663
2012-03-13 22:55:00
CVE-2012-1573
2012-03-26 19:55:00
CVE-2012-1569
2012-03-26 19:55:00
prion
prion
Double free
2012-03-13 22:55:00
Memory corruption
2012-03-26 19:55:00
Memory corruption
2012-03-26 19:55:00
debiancve
debiancve
CVE-2012-1663
2012-03-13 22:55:00
CVE-2012-1573
2012-03-26 19:55:00
zdt
zdt
GnuTLS libgnutls Double-free Certificate List Parsing Remote DoS
2013-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2012-1663
2012-03-13 00:00:00
CVE-2012-1573
2012-03-26 00:00:00
CVE-2012-1569
2012-03-26 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: gnutls-2.12.14-2.fc16
2012-03-26 17:54:06
[SECURITY] Fedora 16 Update: gnutls-2.12.14-2.fc16
2012-03-26 03:57:43
[SECURITY] Fedora 16 Update: mingw-libtasn1-2.12-1.fc16
2012-03-31 03:19:25
freebsd
freebsd
gnutls -- possible overflow/Denial of service vulnerabilities
2012-03-20 00:00:00
libtasn1 -- ASN.1 length decoding vulnerability
2012-03-20 00:00:00
slackware
slackware
[slackware-security] gnutls
2013-10-15 00:18:30
checkpoint_advisories
checkpoint_advisories
GnuTLS TLS Record Application GenericBlockCipher Parsing Integer Overflow (CVE-2012-1573)
2012-09-03 00:00:00
GnuTLS libtasn1 ASN1 Length DER Decoding Buffer Overflow (CVE-2012-1569)
2012-07-02 00:00:00
GnuTLS libtasn1 ASN1 Length Fields Buffer Overflow (CVE-2012-1569)
2012-07-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:12:39
Denial Of Service (DoS)
2020-04-10 01:12:39
debian
debian
[SECURITY] [DSA 2441-1] gnutls26 security update
2012-03-25 18:53:32
[SECURITY] [DSA 2440-1] libtasn1-3 security update
2012-03-24 22:22:54
altlinux
altlinux
Security fix for the ALT Linux 6 package libtasn1 version 2.12-alt1
2012-03-23 00:00:00
securityvulns
securityvulns
[USN-1436-1] Libtasn1 vulnerability
2012-05-14 00:00:00
libtasn1 / GnuTLS memory corruption
2012-05-14 00:00:00
ubuntu
ubuntu
Libtasn1 vulnerability
2012-05-02 00:00:00
GnuTLS vulnerabilities
2012-04-05 00:00:00
gentoo
gentoo
Libtasn1: Denial of service
2012-09-25 00:00:00
GnuTLS: Multiple vulnerabilities
2012-06-23 00:00:00
amazon
amazon
Important: libtasn1
2012-04-05 12:48:00
Important: gnutls
2012-04-05 12:47:00
exploitpack
exploitpack
GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service
2013-03-22 00:00:00
seebug
seebug
GnuTLS libgnutls Double-free Certificate List Parsing Remote DoS
2014-07-01 00:00:00
exploitdb
exploitdb
GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service
2013-03-22 00:00:00
suse
suse
Security update for gnutls (critical)
2014-03-04 01:04:52
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
ibm
ibm
IBM WebSphere Cast Iron Security Bulletin: Multiple security vulnerabilities in IBM JRE 6
2018-06-15 06:56:55
JSON
Related for OPENSUSE-2012-277.NASL
nessus41centos3openvas68oraclelinux4redhat5cve3prion3debiancve2zdt1ubuntucve3fedora14freebsd2slackware1checkpoint_advisories3veracode2debian2altlinux1securityvulns2ubuntu2gentoo2amazon2exploitpack1seebug1exploitdb1suse1vmware2ibm1