Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2019-998.NASL
HistoryMar 27, 2019 - 12:00 a.m.

openSUSE Security Update : mozilla-nss (openSUSE-2019-998)

2019-03-2700:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
JSON

This update for mozilla-nss to version 3.36.6 fixes the following issues :

Security issues fixed :

  • CVE-2018-12384: NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random (bmo#1483128, boo#1106873)

  • CVE-2018-12404: Cache side-channel variant of the Bleichenbacher attack (bmo#1485864, boo#1119069)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2019-998.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(123408);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2018-12384", "CVE-2018-12404");

  script_name(english:"openSUSE Security Update : mozilla-nss (openSUSE-2019-998)");
  script_summary(english:"Check for the openSUSE-2019-998 patch");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description",
    value:
"This update for mozilla-nss to version 3.36.6 fixes the following
issues :

Security issues fixed :

  - CVE-2018-12384: NSS responded to an SSLv2-compatible
    ClientHello with a ServerHello that had an all-zero
    random (bmo#1483128, boo#1106873)

  - CVE-2018-12404: Cache side-channel variant of the
    Bleichenbacher attack (bmo#1485864, boo#1119069)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1106873"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1119069"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Update the affected mozilla-nss packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/03/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.0", reference:"libfreebl3-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"libfreebl3-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"libsoftokn3-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"libsoftokn3-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-certs-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-certs-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-debugsource-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-devel-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-sysinit-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-sysinit-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-tools-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"mozilla-nss-tools-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libfreebl3-32bit-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libfreebl3-32bit-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libsoftokn3-32bit-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libsoftokn3-32bit-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"mozilla-nss-32bit-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"mozilla-nss-32bit-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-debuginfo-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.36.6-lp150.2.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-debuginfo-3.36.6-lp150.2.6.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libfreebl3 / libfreebl3-32bit / libfreebl3-32bit-debuginfo / etc");
}
VendorProductVersionCPE
novellopensuselibfreebl3p-cpe:/a:novell:opensuse:libfreebl3
novellopensuselibfreebl3-32bitp-cpe:/a:novell:opensuse:libfreebl3-32bit
novellopensuselibfreebl3-32bit-debuginfop-cpe:/a:novell:opensuse:libfreebl3-32bit-debuginfo
novellopensuselibfreebl3-debuginfop-cpe:/a:novell:opensuse:libfreebl3-debuginfo
novellopensuselibsoftokn3p-cpe:/a:novell:opensuse:libsoftokn3
novellopensuselibsoftokn3-32bitp-cpe:/a:novell:opensuse:libsoftokn3-32bit
novellopensuselibsoftokn3-32bit-debuginfop-cpe:/a:novell:opensuse:libsoftokn3-32bit-debuginfo
novellopensuselibsoftokn3-debuginfop-cpe:/a:novell:opensuse:libsoftokn3-debuginfo
novellopensusemozilla-nssp-cpe:/a:novell:opensuse:mozilla-nss
novellopensusemozilla-nss-32bitp-cpe:/a:novell:opensuse:mozilla-nss-32bit
Rows per page:
1-10 of 251

Related

nessus 64
suse 4
openvas 41
ubuntu 2
slackware 1
debiancve 2
fedora 14
f5 2
redhatcve 2
ibm 14
prion 2
veracode 2
osv 4
alpinelinux 2
mageia 2
ubuntucve 2
oraclelinux 3
amazon 4
redhat 4
cvelist 2
symantec 1
cve 2
centos 3
debian 2
photon 6
ics 1
oracle 2
nessus
nessus
openSUSE Security Update : mozilla-nss (openSUSE-2018-1540)
2018-12-14 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : NSS vulnerabilities (USN-3850-1)
2019-01-10 00:00:00
openSUSE Security Update : mozilla-nspr and mozilla-nss (openSUSE-2018-1618)
2018-12-31 00:00:00
suse
suse
Security update for mozilla-nss (moderate)
2018-12-13 12:16:00
Security update for mozilla-nspr and mozilla-nss (moderate)
2018-12-28 21:12:25
Security update for mozilla-nss (important)
2019-02-14 00:00:00
openvas
openvas
openSUSE: Security Advisory for mozilla-nss (openSUSE-SU-2018:4117-1)
2018-12-13 00:00:00
openSUSE: Security Advisory for mozilla-nspr (openSUSE-SU-2018:4283-1)
2018-12-29 00:00:00
Ubuntu: Security Advisory (USN-3850-1)
2019-01-10 00:00:00
ubuntu
ubuntu
NSS vulnerabilities
2019-02-18 00:00:00
NSS vulnerabilities
2019-01-09 00:00:00
slackware
slackware
[slackware-security] mozilla-nss
2018-12-03 21:40:40
debiancve
debiancve
CVE-2018-12404
2019-05-02 17:29:00
CVE-2018-12384
2019-04-29 15:29:00
fedora
fedora
[SECURITY] Fedora 29 Update: nss-3.40.1-1.0.fc29
2018-12-09 21:03:20
[SECURITY] Fedora 28 Update: nss-3.40.1-1.0.fc28
2018-12-11 01:58:33
[SECURITY] Fedora 29 Update: nss-util-3.39.0-2.fc29
2018-09-21 05:42:27
f5
f5
K10281096 : TLS in Mozilla NSS vulnerability CVE-2018-12404
2019-01-07 00:00:00
K41738501 : Mozilla NSS vulnerability CVE-2018-12384
2018-10-26 00:00:00
redhatcve
redhatcve
CVE-2018-12404
2020-04-07 11:09:22
CVE-2018-12384
2019-10-09 22:23:49
ibm
ibm
Security Bulletin: Network Security (NSS) vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
2023-03-29 01:48:02
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-12404)
2020-01-29 16:35:52
Security Bulletin: This Power System update is being released to address CVE-2018-12384
2021-12-07 19:14:45
prion
prion
Design/Logic Flaw
2019-05-02 17:29:00
Design/Logic Flaw
2019-04-29 15:29:00
veracode
veracode
Information Disclosure
2019-08-08 00:07:30
Man-in-the-Middle (MitM)
2019-01-15 09:26:13
osv
osv
CVE-2018-12404
2019-05-02 17:29:01
CVE-2018-12384
2019-04-29 15:29:00
nss - security update
2019-03-04 00:00:00
alpinelinux
alpinelinux
CVE-2018-12404
2019-05-02 17:29:00
CVE-2018-12384
2019-04-29 15:29:00
mageia
mageia
Updated nss packages fix security vulnerability
2018-12-16 00:29:48
Updated firefox packages fix security vulnerability
2018-10-01 11:44:39
ubuntucve
ubuntucve
CVE-2018-12404
2018-12-12 00:00:00
CVE-2018-12384
2018-09-04 00:00:00
oraclelinux
oraclelinux
nss security update
2018-10-09 00:00:00
nss security update
2018-09-25 00:00:00
nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update
2019-08-13 00:00:00
amazon
amazon
Medium: nss
2018-10-23 18:41:00
Medium: nss
2018-10-24 16:35:00
Medium: nss
2019-09-30 22:57:00
redhat
redhat
(RHSA-2018:2768) Moderate: nss security update
2018-09-25 17:31:15
(RHSA-2018:2898) Moderate: nss security update
2018-10-09 14:49:24
(RHSA-2019:2237) Moderate: nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update
2019-08-06 08:15:59
cvelist
cvelist
CVE-2018-12404
2019-05-02 16:40:14
CVE-2018-12384
2019-04-29 14:22:53
symantec
symantec
Mozilla Network Security Services CVE-2018-12404 Information Disclosure Vulnerability
2018-11-30 00:00:00
cve
cve
CVE-2018-12404
2019-05-02 17:29:00
CVE-2018-12384
2019-04-29 15:29:00
centos
centos
nss security update
2018-10-09 20:22:27
nss security update
2018-09-28 16:44:15
nspr, nss security update
2019-08-30 03:43:23
debian
debian
[SECURITY] [DLA 1704-1] nss security update
2019-03-05 03:45:02
[SECURITY] [DLA 2388-1] nss security update
2020-09-29 19:23:55
photon
photon
Moderate Photon OS Security Update - PHSA-2019-0020
2019-06-17 00:00:00
Moderate Photon OS Security Update - PHSA-2019-3.0-0020
2019-06-17 00:00:00
Important Photon OS Security Update - PHSA-2019-0239
2019-06-17 00:00:00
ics
ics
Siemens RUGGEDCOM ROX II
2021-02-09 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2019
2020-01-22 00:00:00
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00
JSON
Related for OPENSUSE-2019-998.NASL
nessus64suse4openvas41ubuntu2slackware1debiancve2fedora14f52redhatcve2ibm14prion2veracode2osv4alpinelinux2mageia2ubuntucve2oraclelinux3amazon4redhat4cvelist2symantec1cve2centos3debian2photon6ics1oracle2