RHEL 7 : mod_nss (RHSA-2016:2602)

2016-11-0400:00:00

www.tenable.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.005 Low

EPSS

Percentile

76.2%

JSON

An update for mod_nss is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.

The mod_nss module provides strong cryptography for the Apache HTTP Server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, using the Network Security Services (NSS) security library.

The following packages have been upgraded to a newer upstream version:
mod_nss (1.0.14). (BZ#1299063)

Security Fix(es) :

A flaw was found in the way mod_nss parsed certain OpenSSL-style cipher strings. As a result, mod_nss could potentially use ciphers that were not intended to be enabled. (CVE-2016-3099)

This issue was discovered by Rob Crittenden (Red Hat).

Additional Changes :

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2016:2602. The text 
# itself is copyright (C) Red Hat, Inc.
#

include("compat.inc");

if (description)
{
  script_id(94565);
  script_version("2.14");
  script_cvs_date("Date: 2019/10/24 15:35:42");

  script_cve_id("CVE-2016-3099");
  script_xref(name:"RHSA", value:"2016:2602");

  script_name(english:"RHEL 7 : mod_nss (RHSA-2016:2602)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An update for mod_nss is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Low. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link (s) in the References section.

The mod_nss module provides strong cryptography for the Apache HTTP
Server via the Secure Sockets Layer (SSL) and Transport Layer Security
(TLS) protocols, using the Network Security Services (NSS) security
library.

The following packages have been upgraded to a newer upstream version:
mod_nss (1.0.14). (BZ#1299063)

Security Fix(es) :

* A flaw was found in the way mod_nss parsed certain OpenSSL-style
cipher strings. As a result, mod_nss could potentially use ciphers
that were not intended to be enabled. (CVE-2016-3099)

This issue was discovered by Rob Crittenden (Red Hat).

Additional Changes :

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.3 Release Notes linked from the References section."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2016:2602"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2016-3099"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected mod_nss and / or mod_nss-debuginfo packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_nss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_nss-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/06/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/04");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2016:2602";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"mod_nss-1.0.14-7.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"mod_nss-1.0.14-7.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"mod_nss-debuginfo-1.0.14-7.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"mod_nss-debuginfo-1.0.14-7.el7")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mod_nss / mod_nss-debuginfo");
  }
}

VendorProductVersionCPE
redhatenterprise_linuxmod_nssp-cpe:/a:redhat:enterprise_linux:mod_nss
redhatenterprise_linuxmod_nss-debuginfop-cpe:/a:redhat:enterprise_linux:mod_nss-debuginfo
redhatenterprise_linux7cpe:/o:redhat:enterprise_linux:7
redhatenterprise_linux7.3cpe:/o:redhat:enterprise_linux:7.3
redhatenterprise_linux7.4cpe:/o:redhat:enterprise_linux:7.4
redhatenterprise_linux7.5cpe:/o:redhat:enterprise_linux:7.5
redhatenterprise_linux7.6cpe:/o:redhat:enterprise_linux:7.6
redhatenterprise_linux7.7cpe:/o:redhat:enterprise_linux:7.7

Vendor	Product	Version	CPE
redhat	enterprise_linux	mod_nss	p-cpe:/a:redhat:enterprise_linux:mod_nss
redhat	enterprise_linux	mod_nss-debuginfo	p-cpe:/a:redhat:enterprise_linux:mod_nss-debuginfo
redhat	enterprise_linux	7	cpe:/o:redhat:enterprise_linux:7
redhat	enterprise_linux	7.3	cpe:/o:redhat:enterprise_linux:7.3
redhat	enterprise_linux	7.4	cpe:/o:redhat:enterprise_linux:7.4
redhat	enterprise_linux	7.5	cpe:/o:redhat:enterprise_linux:7.5
redhat	enterprise_linux	7.6	cpe:/o:redhat:enterprise_linux:7.6
redhat	enterprise_linux	7.7	cpe:/o:redhat:enterprise_linux:7.7