Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2021-1125-1.NASLHistoryApr 12, 2021 - 12:00 a.m.
SUSE SLES12 Security Update : wpa_supplicant (SUSE-SU-2021:1125-1)
2021-04-1200:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
5.7 Medium
AI Score
Confidence
High
This update for wpa_supplicant fixes the following issues :
CVE-2021-30004: Fixed an issue where forging attacks might have occured because AlgorithmIdentifier parameters were mishandled in tls/pkcs1.c and tls/x509v3.c (bsc#1184348)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2021:1125-1.
# The text itself is copyright (C) SUSE.
#
include('compat.inc');
if (description)
{
script_id(148434);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/05");
script_cve_id("CVE-2021-30004");
script_name(english:"SUSE SLES12 Security Update : wpa_supplicant (SUSE-SU-2021:1125-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"This update for wpa_supplicant fixes the following issues :
CVE-2021-30004: Fixed an issue where forging attacks might have
occured because AlgorithmIdentifier parameters were mishandled in
tls/pkcs1.c and tls/x509v3.c (bsc#1184348)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1184348");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-30004/");
# https://www.suse.com/support/update/announcement/2021/suse-su-20211125-1
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d641f333");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-SP5 :
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1125=1");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-30004");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/04/02");
script_set_attribute(attribute:"patch_publication_date", value:"2021/04/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wpa_supplicant");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wpa_supplicant-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wpa_supplicant-debugsource");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"5", reference:"wpa_supplicant-2.9-23.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"wpa_supplicant-debuginfo-2.9-23.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"wpa_supplicant-debugsource-2.9-23.12.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wpa_supplicant");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | wpa_supplicant | p-cpe:/a:novell:suse_linux:wpa_supplicant |
| novell | suse_linux | wpa_supplicant-debuginfo | p-cpe:/a:novell:suse_linux:wpa_supplicant-debuginfo |
| novell | suse_linux | wpa_supplicant-debugsource | p-cpe:/a:novell:suse_linux:wpa_supplicant-debugsource |
| novell | suse_linux | 12 | cpe:/o:novell:suse_linux:12 |
Related
nessus
nessus
Photon OS 4.0: Wpa_Supplicant PHSA-2021-4.0-0014
2021-04-29 00:00:00
openSUSE Security Update : wpa_supplicant (openSUSE-2021-563)
2021-04-19 00:00:00
SUSE SLED15 / SLES15 Security Update : wpa_supplicant (SUSE-SU-2021:1166-1)
2021-04-14 00:00:00
osv
osv
CVE-2021-30004
2021-04-02 05:15:13
cbl_mariner
cbl_mariner
CVE-2021-30004 affecting package wpa_supplicant 2.9-4
2021-05-06 23:56:44
CVE-2021-30004 affecting package wpa_supplicant 2.9-4
2022-04-09 06:51:56
suse
suse
Security update for wpa_supplicant (moderate)
2021-04-17 00:00:00
Security update for hostapd (important)
2021-04-12 00:00:00
Security update for hostapd (important)
2021-04-09 00:00:00
mageia
mageia
Updated wpa_supplicant, hostapd packages fix security vulnerability
2021-06-14 00:32:39
alpinelinux
alpinelinux
CVE-2021-30004
2021-04-02 05:15:00
ubuntucve
ubuntucve
CVE-2021-30004
2021-04-02 00:00:00
debiancve
debiancve
CVE-2021-30004
2021-04-02 05:15:00
veracode
veracode
Forging Attack
2021-04-27 17:42:07
prion
prion
Design/Logic Flaw
2021-04-02 05:15:00
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0014
2021-04-24 00:00:00
Moderate Photon OS Security Update - PHSA-2021-4.0-0014
2021-04-24 00:00:00
cve
cve
CVE-2021-30004
2021-04-02 05:15:00
redhatcve
redhatcve
CVE-2021-30004
2021-04-06 17:47:48
gentoo
gentoo
wpa_supplicant, hostapd: Multiple Vulnerabilities
2023-09-30 00:00:00
slackware
slackware
[slackware-security] wpa_supplicant
2021-12-29 03:28:00
avleonov
avleonov