openSUSE Security Update : tor (openSUSE-SU-2014:0143-1)

2014-06-1300:00:00

www.tenable.com

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

55.5%

JSON

fixes potentially poor random number generation for users who 1) use OpenSSL 1.0.0 or later, 2) set ‘HardwareAccel 1’ in their torrc file, 3) have ‘Sandy Bridge’ or ‘Ivy Bridge’ Intel processors and 4) have no state file in their DataDirectory (as would happen on first start). Users who generated relay or hidden service identity keys in such a situation should discard them and generate new ones. No 2 is not the default configuration for openSUSE. [bnc#859421] [CVE-2013-7295]
- added patches :
- tor-0.2.3.x-CVE-2013-7295.patch

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2014-86.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(75409);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-7295");

  script_name(english:"openSUSE Security Update : tor (openSUSE-SU-2014:0143-1)");
  script_summary(english:"Check for the openSUSE-2014-86 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - fixes potentially poor random number generation for
    users who 1) use OpenSSL 1.0.0 or later, 2) set
    'HardwareAccel 1' in their torrc file, 3) have 'Sandy
    Bridge' or 'Ivy Bridge' Intel processors and 4) have no
    state file in their DataDirectory (as would happen on
    first start). Users who generated relay or hidden
    service identity keys in such a situation should discard
    them and generate new ones. No 2 is not the default
    configuration for openSUSE. [bnc#859421] [CVE-2013-7295] 

  - added patches :

  - tor-0.2.3.x-CVE-2013-7295.patch"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=859421"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2014-01/msg00095.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected tor packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tor");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tor-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:tor-debugsource");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/01/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.3|SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.3 / 13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.3", reference:"tor-0.2.3.25-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"tor-debuginfo-0.2.3.25-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"tor-debugsource-0.2.3.25-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"tor-0.2.3.25-5.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"tor-debuginfo-0.2.3.25-5.4.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"tor-debugsource-0.2.3.25-5.4.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tor / tor-debuginfo / tor-debugsource");
}

VendorProductVersionCPE
novellopensusetorp-cpe:/a:novell:opensuse:tor
novellopensusetor-debuginfop-cpe:/a:novell:opensuse:tor-debuginfo
novellopensusetor-debugsourcep-cpe:/a:novell:opensuse:tor-debugsource
novellopensuse12.3cpe:/o:novell:opensuse:12.3
novellopensuse13.1cpe:/o:novell:opensuse:13.1

Vendor	Product	Version	CPE
novell	opensuse	tor	p-cpe:/a:novell:opensuse:tor
novell	opensuse	tor-debuginfo	p-cpe:/a:novell:opensuse:tor-debuginfo
novell	opensuse	tor-debugsource	p-cpe:/a:novell:opensuse:tor-debugsource
novell	opensuse	12.3	cpe:/o:novell:opensuse:12.3
novell	opensuse	13.1	cpe:/o:novell:opensuse:13.1