Lucene search
K

openSUSE Security Update : libtasn1 (openSUSE-2018-112)

🗓️ 01 Feb 2018 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 25 Views

openSUSE libtasn1 security updat

Related
Refs
Code
ReporterTitlePublishedViews
Family
AlpineLinux
CVE-2018-6003
22 Jan 201820:00
alpinelinux
Cloud Foundry
USN-3547-1: Libtasn1 vulnerabilities | Cloud Foundry
1 Mar 201800:00
cloudfoundry
CNVD
GNU Libtasn1 '_asn1_decode_simple_ber' function stack exhaustion vulnerability
23 Jan 201800:00
cnvd
CVE
CVE-2018-6003
22 Jan 201820:00
cve
Cvelist
CVE-2018-6003
22 Jan 201820:00
cvelist
Debian
[SECURITY] [DSA 4106-1] libtasn1-6 security update
7 Feb 201819:11
debian
Debian
[SECURITY] [DSA 4106-1] libtasn1-6 security update
7 Feb 201819:11
debian
Debian CVE
CVE-2018-6003
22 Jan 201820:00
debiancve
Tenable Nessus
Debian DSA-4106-1 : libtasn1-6 - security update
8 Feb 201800:00
nessus
Tenable Nessus
EulerOS 2.0 SP2 : libtasn1 (EulerOS-SA-2018-1445)
28 Dec 201800:00
nessus
Rows per page
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2018-112.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(106544);
  script_version("3.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/30");

  script_cve_id("CVE-2018-6003");

  script_name(english:"openSUSE Security Update : libtasn1 (openSUSE-2018-112)");

  script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"This update for libtasn1 fixes one issue.

This security issue was fixed :

  - CVE-2018-6003: Prevent a stack exhaustion in
    _asn1_decode_simple_ber (lib/decoding.c) when decoding
    BER encoded structure allowed for DoS (bsc#1076832).

This update was imported from the SUSE:SLE-12-SP3:Update update
project.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1076832");
  script_set_attribute(attribute:"solution", value:
"Update the affected libtasn1 packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-6003");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/01/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/02/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1-6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1-6-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1-6-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1-6-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libtasn1-devel-32bit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2025 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE42.3", reference:"libtasn1-4.9-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libtasn1-6-4.9-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libtasn1-6-debuginfo-4.9-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libtasn1-debuginfo-4.9-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libtasn1-debugsource-4.9-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"libtasn1-devel-4.9-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libtasn1-6-32bit-4.9-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libtasn1-6-debuginfo-32bit-4.9-3.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"libtasn1-devel-32bit-4.9-3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtasn1 / libtasn1-6-32bit / libtasn1-6 / etc");
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

30 Oct 2025 00:00Current
6.6Medium risk
Vulners AI Score6.6
CVSS 25
CVSS 3.17.5
EPSS0.02825
25