Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2017-1622-1.NASL
HistoryJun 21, 2017 - 12:00 a.m.

SUSE SLED12 / SLES12 Security Update : openvpn (SUSE-SU-2017:1622-1) (SWEET32)

2017-06-2100:00:00
This script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
JSON

This update for openvpn fixes the following issues :

  • CVE-2016-6329: Show which ciphers should no longer be used in openvpn

    –show-ciphers (bsc#995374)

  • CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in P_CONTROL (bsc#1038709)

  • CVE-2017-7479: openvpn: Denial of Service due to Exhaustion of Packet-ID counter (bsc#1038711)

  • Hardening measures found by internal audit (bsc#1038713)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:1622-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(100951);
  script_version("3.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");

  script_cve_id("CVE-2016-6329", "CVE-2017-7478", "CVE-2017-7479");
  script_xref(name:"CEA-ID", value:"CEA-2019-0547");

  script_name(english:"SUSE SLED12 / SLES12 Security Update : openvpn (SUSE-SU-2017:1622-1) (SWEET32)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"This update for openvpn fixes the following issues :

  - CVE-2016-6329: Show which ciphers should no longer be
    used in openvpn

    --show-ciphers (bsc#995374)

  - CVE-2017-7478: openvpn: Authenticated user can DoS
    server by using a big payload in P_CONTROL (bsc#1038709)

  - CVE-2017-7479: openvpn: Denial of Service due to
    Exhaustion of Packet-ID counter (bsc#1038711)

  - Hardening measures found by internal audit (bsc#1038713)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1038709");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1038711");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1038713");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=995374");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-6329/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7478/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7479/");
  # https://www.suse.com/support/update/announcement/2017/suse-su-20171622-1/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?14b29af3");
  script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
patch SUSE-SLE-RPI-12-SP2-2017-998=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2017-998=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP2-2017-998=1

To bring your system up-to-date, use 'zypper patch'.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"in_the_news", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/01/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/06/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/06/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openvpn");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openvpn-auth-pam-plugin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openvpn-auth-pam-plugin-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openvpn-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openvpn-debugsource");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);


sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"openvpn-2.3.8-16.14.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"openvpn-auth-pam-plugin-2.3.8-16.14.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"openvpn-auth-pam-plugin-debuginfo-2.3.8-16.14.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"openvpn-debuginfo-2.3.8-16.14.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"openvpn-debugsource-2.3.8-16.14.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"openvpn-2.3.8-16.14.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"openvpn-debuginfo-2.3.8-16.14.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"openvpn-debugsource-2.3.8-16.14.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openvpn");
}
VendorProductVersionCPE
novellsuse_linuxopenvpnp-cpe:/a:novell:suse_linux:openvpn
novellsuse_linuxopenvpn-auth-pam-pluginp-cpe:/a:novell:suse_linux:openvpn-auth-pam-plugin
novellsuse_linuxopenvpn-auth-pam-plugin-debuginfop-cpe:/a:novell:suse_linux:openvpn-auth-pam-plugin-debuginfo
novellsuse_linuxopenvpn-debuginfop-cpe:/a:novell:suse_linux:openvpn-debuginfo
novellsuse_linuxopenvpn-debugsourcep-cpe:/a:novell:suse_linux:openvpn-debugsource
novellsuse_linux12cpe:/o:novell:suse_linux:12

Related

nessus 19
suse 3
openvas 18
freebsd 1
fedora 6
archlinux 1
threatpost 1
mageia 2
ubuntu 2
altlinux 1
packetstorm 1
osv 4
zdt 1
debiancve 3
prion 3
veracode 2
checkpoint_advisories 1
cve 3
alpinelinux 2
ubuntucve 3
debian 4
f5 3
gentoo 1
amazon 1
ibm 6
fortinet 1
symantec 1
ics 1
kitploit 1
nessus
nessus
openSUSE Security Update : openvpn (openSUSE-2017-717) (SWEET32)
2017-06-30 00:00:00
SUSE SLES11 Security Update : openvpn (SUSE-SU-2017:2838-1) (SWEET32)
2017-10-25 00:00:00
Ubuntu 17.04 : openvpn vulnerabilities (USN-3284-1)
2017-05-12 00:00:00
suse
suse
Security update for openvpn (important)
2017-06-20 12:11:37
Security update for openvpn (important)
2017-10-24 15:07:23
Security update for openvpn-openssl1 (important)
2017-06-29 18:12:39
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:1622-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2838-1)
2021-06-09 00:00:00
Fedora Update for openvpn FEDORA-2017-0d0f18140a
2017-05-15 00:00:00
freebsd
freebsd
OpenVPN -- two remote denial-of-service vulnerabilities
2017-05-10 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: openvpn-2.4.2-1.fc25
2017-05-15 04:45:01
[SECURITY] Fedora 24 Update: openvpn-2.3.16-1.fc24
2017-05-24 04:56:54
[SECURITY] Fedora 26 Update: openvpn-2.4.2-1.fc26
2017-05-14 20:26:52
archlinux
archlinux
[ASA-201705-16] openvpn: denial of service
2017-05-13 00:00:00
threatpost
threatpost
OpenVPN Audits Yield Mixed Bag
2017-05-15 17:12:09
mageia
mageia
Updated openvpn packages fix security vulnerability
2017-06-02 00:25:58
Updated openvpn packages fix security vulnerability
2016-09-16 12:27:13
ubuntu
ubuntu
OpenVPN vulnerabilities
2017-05-11 00:00:00
OpenVPN vulnerabilities
2017-06-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openvpn version 2.4.2-alt1
2017-05-14 00:00:00
packetstorm
packetstorm
OpenVPN 2.4.0 Denial Of Service
2017-05-12 00:00:00
osv
osv
CVE-2017-7478
2017-05-15 18:29:00
CVE-2017-7479
2017-05-15 18:29:00
openvpn - security update
2017-05-16 00:00:00
zdt
zdt
OpenVPN 2.4.0 - Unauthenticated Denial of Service Exploit
2017-05-11 00:00:00
debiancve
debiancve
CVE-2017-7478
2017-05-15 18:29:00
CVE-2016-6329
2017-01-31 22:59:00
CVE-2017-7479
2017-05-15 18:29:00
prion
prion
Authentication flaw
2017-05-15 18:29:00
Design/Logic Flaw
2017-01-31 22:59:00
Design/Logic Flaw
2017-05-15 18:29:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:29:14
Sweet32 Attack
2020-09-21 06:32:55
checkpoint_advisories
checkpoint_advisories
OpenVPN P_CONTROL Denial of Service (CVE-2017-7478)
2017-06-11 00:00:00
cve
cve
CVE-2017-7478
2017-05-15 18:29:00
CVE-2017-7479
2017-05-15 18:29:00
CVE-2016-6329
2017-01-31 22:59:00
alpinelinux
alpinelinux
CVE-2017-7479
2017-05-15 18:29:00
CVE-2017-7478
2017-05-15 18:29:00
ubuntucve
ubuntucve
CVE-2017-7478
2017-05-11 00:00:00
CVE-2017-7479
2017-05-11 00:00:00
CVE-2016-6329
2017-01-31 00:00:00
debian
debian
[SECURITY] [DLA 944-1] openvpn security update
2017-05-16 14:17:31
[SECURITY] [DSA 3900-1] openvpn security update
2017-06-27 19:51:56
[SECURITY] [DSA 3900-1] openvpn security update
2017-06-27 19:51:56
f5
f5
K30315990 : OpenVPN vulnerability CVE-2016-6329
2016-09-12 00:00:00
SOL30315990 - OpenVPN vulnerability CVE-2016-6329
2016-09-12 00:00:00
SOL22071504 - September 2016 OpenSSL security vulnerability announcement
2016-09-22 00:00:00
gentoo
gentoo
OpenVPN: Multiple vulnerabilities
2016-11-01 00:00:00
amazon
amazon
Medium: openvpn
2016-09-27 10:30:00
ibm
ibm
Security Bulletin: Vulnerabilities in 64-bit block ciphers affects IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed (CVE-2016-2183, CVE-2016-6329)
2021-04-26 21:17:25
Security Bulletin: IBM b-type Network/Storage switches are affected by Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN (openssl ,redhat,openVPN) vulnerabilities.
2018-10-01 21:25:01
Security Bulletin: IBM Cisco Switches and Directors vulnerable to Sweet32 Birthday attacks (CVE-2016-2183 CVE-2016-6329).
2022-04-11 15:07:09
fortinet
fortinet
Protect
2019-02-07 00:00:00
symantec
symantec
SA133 : Sweet32 Birthday Attack against DES, 3DES, and Blowfish
2016-12-22 08:00:00
ics
ics
Siemens SIMATIC RF6XXR
2019-07-11 12:00:00
kitploit
kitploit
CATSploit - An Automated Penetration Testing Tool Using Cyber Attack Techniques Scoring
2024-01-08 11:30:00
JSON
Related for SUSE_SU-2017-1622-1.NASL
nessus19suse3openvas18freebsd1fedora6archlinux1threatpost1mageia2ubuntu2altlinux1packetstorm1osv4zdt1debiancve3prion3veracode2checkpoint_advisories1cve3alpinelinux2ubuntucve3debian4f53gentoo1amazon1ibm6fortinet1symantec1ics1kitploit1