{"id": "UBUNTU_USN-1003-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS / 10.10 : openssl vulnerabilities (USN-1003-1)", "description": "It was discovered that OpenSSL incorrectly handled return codes from\nthe bn_wexpand function calls. A remote attacker could trigger this\nflaw in services that used SSL to cause a denial of service or\npossibly execute arbitrary code with application privileges. This\nissue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.\n(CVE-2009-3245)\n\nIt was discovered that OpenSSL incorrectly handled certain private\nkeys with an invalid prime. A remote attacker could trigger this flaw\nin services that used SSL to cause a denial of service or possibly\nexecute arbitrary code with application privileges. The default\ncompiler options for affected releases should reduce the vulnerability\nto a denial of service. (CVE-2010-2939).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2010-10-08T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/49805", "reporter": "Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/1003-1/"], "cvelist": ["CVE-2010-2939", "CVE-2009-3245"], "type": "nessus", "lastseen": "2021-01-01T06:34:01", "edition": 24, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-2939", "CVE-2009-3245"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2009-3245"]}, {"type": "f5", "idList": ["SOL15404"]}, {"type": "openvas", "idList": ["OPENVAS:870242", "OPENVAS:831176", "OPENVAS:840515", "OPENVAS:1361412562310100527", "OPENVAS:1361412562310840515", "OPENVAS:1361412562310831176", "OPENVAS:1361412562310880381", "OPENVAS:136141256231067987", "OPENVAS:67987", "OPENVAS:1361412562310870242"]}, {"type": "ubuntu", "idList": ["USN-1003-1"]}, {"type": "exploitdb", "idList": ["EDB-ID:34427"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:24668", "SECURITYVULNS:VULN:11113", "SECURITYVULNS:DOC:23678"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2100-1:4412C"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2010-0173.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-100927.NASL", "SUSE_OPENSSL-7174.NASL", "MANDRIVA_MDVSA-2010-168.NASL", "SL_20100325_OPENSSL096B_ON_SL3_X.NASL", "OPENSSL_0_9_8P_1_0_0E.NASL", "DEBIAN_DSA-2100.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-100927.NASL", "SUSE_11_LIBOPENSSL-DEVEL-100927.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-100927.NASL"]}, {"type": "redhat", "idList": ["RHSA-2010:0173", "RHSA-2010:0977", "RHSA-2010:0162"]}, {"type": "centos", "idList": ["CESA-2010:0162", "CESA-2010:0173", "CESA-2010:0977"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0162", "ELSA-2010-0173", "ELSA-2010-0977"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "suse", "idList": ["SUSE-SA:2010:020"]}, {"type": "fedora", "idList": ["FEDORA:AD9B611063F", "FEDORA:4C502110FE5"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}], "modified": "2021-01-01T06:34:01", "rev": 2}, "score": {"value": 8.1, "vector": "NONE", "modified": "2021-01-01T06:34:01", "rev": 2}, "vulnersScore": 8.1}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1003-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(49805);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2009-3245\", \"CVE-2010-2939\");\n script_bugtraq_id(38562, 42306);\n script_xref(name:\"USN\", value:\"1003-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS / 10.10 : openssl vulnerabilities (USN-1003-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL incorrectly handled return codes from\nthe bn_wexpand function calls. A remote attacker could trigger this\nflaw in services that used SSL to cause a denial of service or\npossibly execute arbitrary code with application privileges. This\nissue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.\n(CVE-2009-3245)\n\nIt was discovered that OpenSSL incorrectly handled certain private\nkeys with an invalid prime. A remote attacker could trigger this flaw\nin services that used SSL to cause a denial of service or possibly\nexecute arbitrary code with application privileges. The default\ncompiler options for affected releases should reduce the vulnerability\nto a denial of service. (CVE-2010-2939).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1003-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|9\\.04|9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 9.04 / 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl-dev\", pkgver:\"0.9.8a-7ubuntu0.13\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8a-7ubuntu0.13\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8a-7ubuntu0.13\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"openssl\", pkgver:\"0.9.8a-7ubuntu0.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-4ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-4ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-4ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl\", pkgver:\"0.9.8g-4ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-4ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-15ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-15ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-15ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"openssl\", pkgver:\"0.9.8g-15ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-15ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-16ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-16ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-16ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openssl\", pkgver:\"0.9.8g-16ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-16ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8k-7ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8k-7ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8k-7ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openssl\", pkgver:\"0.9.8k-7ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openssl-doc\", pkgver:\"0.9.8k-7ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libssl-dev\", pkgver:\"0.9.8o-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8o-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8o-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openssl\", pkgver:\"0.9.8o-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openssl-doc\", pkgver:\"0.9.8o-1ubuntu4.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl-dev / libssl0.9.8 / libssl0.9.8-dbg / openssl / openssl-doc\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "49805", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:openssl-doc", "p-cpe:/a:canonical:ubuntu_linux:openssl", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libssl-dev", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "scheme": null}

{"cve": [{"lastseen": "2020-12-09T19:31:22", "description": "OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.", "edition": 6, "cvss3": {}, "published": "2010-03-05T19:30:00", "title": "CVE-2009-3245", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3245"], "modified": "2017-09-19T01:29:00", "cpe": ["cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8l"], "id": "CVE-2009-3245", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3245", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:57:28", "description": "Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue.", "edition": 3, "cvss3": {}, "published": "2010-08-17T20:00:00", "title": "CVE-2010-2939", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2939"], "modified": "2018-10-10T20:00:00", "cpe": ["cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.8"], "id": "CVE-2010-2939", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2939", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*"]}], "openssl": [{"lastseen": "2020-09-14T11:36:46", "bulletinFamily": "software", "cvelist": ["CVE-2009-3245"], "description": " It was discovered that OpenSSL did not always check the return value of the bn_wexpand() function. An attacker able to trigger a memory allocation failure in that function could cause an application using the OpenSSL library to crash or, possibly, execute arbitrary code Reported by Martin Olsson, Neel Mehta. \n\n * Fixed in OpenSSL 0.9.8m [(git commit)](<https://github.com/openssl/openssl/commit/7e4cae1d2f555cbe9226b377aff4b56c9f7ddd4d>) (Affected 0.9.8-0.9.8l)\n", "edition": 1, "modified": "2010-02-23T00:00:00", "published": "2010-02-23T00:00:00", "id": "OPENSSL:CVE-2009-3245", "href": "https://www.openssl.org/news/vulnerabilities.html", "title": "Vulnerability in OpenSSL CVE-2009-3245", "type": "openssl", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2016-09-26T17:23:27", "bulletinFamily": "software", "cvelist": ["CVE-2009-3245"], "edition": 1, "description": "Recommended action\n\nYou can eliminate this vulnerability by running a version listed in the **Versions known to be not vulnerable** column in the previous table. If the **Versions known to be not vulnerable** column does not list a version that is higher than the version you are running, then no upgrade candidate currently exists. \n\n\nMitigating this vulnerability\n\nTo mitigate this vulnerability, you should consider the following recommendations:\n\n * Consider denying access to the Configuration utility and using only the command line and **tmsh **utility until the BIG-IP system is updated. If that is not possible, F5 recommends that you access the Configuration utility over only a secure network.\n * If SSL profiles are configured to use COMPAT ciphers, consider reconfiguring the profiles to use ciphers from the NATIVE SSL stack. For information about the NATIVE and COMPAT ciphers, refer to the following articles: \n \n\n * SOL13163: SSL ciphers supported on BIG-IP platforms (11.x)\n * SOL13171: Configuring the cipher strength for SSL profiles (11.x)\n * SOL13187: COMPAT SSL ciphers are no longer included in standard cipher strings\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n", "modified": "2014-07-14T00:00:00", "published": "2014-07-14T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15404.html", "id": "SOL15404", "title": "SOL15404 - OpenSSL vulnerability CVE-2009-3245", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-01-19T15:04:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939", "CVE-2009-3245"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1003-1", "modified": "2018-01-19T00:00:00", "published": "2010-10-19T00:00:00", "id": "OPENVAS:1361412562310840515", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840515", "type": "openvas", "title": "Ubuntu Update for openssl vulnerabilities USN-1003-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1003_1.nasl 8469 2018-01-19 07:58:21Z teissa $\n#\n# Ubuntu Update for openssl vulnerabilities USN-1003-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that OpenSSL incorrectly handled return codes from the\n bn_wexpand function calls. A remote attacker could trigger this flaw in\n services that used SSL to cause a denial of service or possibly execute\n arbitrary code with application privileges. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2009-3245)\n\n It was discovered that OpenSSL incorrectly handled certain private keys\n with an invalid prime. A remote attacker could trigger this flaw in\n services that used SSL to cause a denial of service or possibly execute\n arbitrary code with application privileges. The default compiler options\n for affected releases should reduce the vulnerability to a denial of\n service. (CVE-2010-2939)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1003-1\";\ntag_affected = \"openssl vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1003-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840515\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-19 15:54:15 +0200 (Tue, 19 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1003-1\");\n script_cve_id(\"CVE-2009-3245\", \"CVE-2010-2939\");\n script_name(\"Ubuntu Update for openssl vulnerabilities USN-1003-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-udeb\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:17:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939", "CVE-2009-3245"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1003-1", "modified": "2017-12-01T00:00:00", "published": "2010-10-19T00:00:00", "id": "OPENVAS:840515", "href": "http://plugins.openvas.org/nasl.php?oid=840515", "type": "openvas", "title": "Ubuntu Update for openssl vulnerabilities USN-1003-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1003_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for openssl vulnerabilities USN-1003-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that OpenSSL incorrectly handled return codes from the\n bn_wexpand function calls. A remote attacker could trigger this flaw in\n services that used SSL to cause a denial of service or possibly execute\n arbitrary code with application privileges. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2009-3245)\n\n It was discovered that OpenSSL incorrectly handled certain private keys\n with an invalid prime. A remote attacker could trigger this flaw in\n services that used SSL to cause a denial of service or possibly execute\n arbitrary code with application privileges. The default compiler options\n for affected releases should reduce the vulnerability to a denial of\n service. (CVE-2010-2939)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1003-1\";\ntag_affected = \"openssl vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1003-1/\");\n script_id(840515);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-19 15:54:15 +0200 (Tue, 19 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1003-1\");\n script_cve_id(\"CVE-2009-3245\", \"CVE-2010-2939\");\n script_name(\"Ubuntu Update for openssl vulnerabilities USN-1003-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-16ubuntu3.3\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8a-7ubuntu0.13\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-udeb\", ver:\"0.9.8k-7ubuntu8.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-15ubuntu3.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-4ubuntu3.11\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:04:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "description": "The remote host is missing an update to openssl\nannounced via advisory DSA 2100-1.", "modified": "2018-01-18T00:00:00", "published": "2010-10-10T00:00:00", "id": "OPENVAS:136141256231067987", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067987", "type": "openvas", "title": "Debian Security Advisory DSA 2100-1 (openssl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2100_1.nasl 8457 2018-01-18 07:58:32Z teissa $\n# Description: Auto-generated from advisory DSA 2100-1 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"George Guninski discovered a double free in the ECDH code of the OpenSSL\ncrypto library, which may lead to denial of service and potentially the\nexecution of arbitrary code.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.9.8g-15+lenny8.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.9.8o-2.\n\nWe recommend that you upgrade your openssl packages.\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory DSA 2100-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202100-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67987\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-10 19:35:00 +0200 (Sun, 10 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-2939\");\n script_name(\"Debian Security Advisory DSA 2100-1 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15+lenny8\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15+lenny8\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15+lenny8\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15+lenny8\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "description": "The remote host is missing an update to openssl\nannounced via advisory DSA 2100-1.", "modified": "2017-07-07T00:00:00", "published": "2010-10-10T00:00:00", "id": "OPENVAS:67987", "href": "http://plugins.openvas.org/nasl.php?oid=67987", "type": "openvas", "title": "Debian Security Advisory DSA 2100-1 (openssl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2100_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2100-1 (openssl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"George Guninski discovered a double free in the ECDH code of the OpenSSL\ncrypto library, which may lead to denial of service and potentially the\nexecution of arbitrary code.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.9.8g-15+lenny8.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.9.8o-2.\n\nWe recommend that you upgrade your openssl packages.\";\ntag_summary = \"The remote host is missing an update to openssl\nannounced via advisory DSA 2100-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202100-1\";\n\n\nif(description)\n{\n script_id(67987);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-10 19:35:00 +0200 (Sun, 10 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-2939\");\n script_name(\"Debian Security Advisory DSA 2100-1 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-15+lenny8\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-15+lenny8\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-15+lenny8\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-15+lenny8\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:05:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "description": "Check for the Version of openssl", "modified": "2018-01-23T00:00:00", "published": "2010-09-27T00:00:00", "id": "OPENVAS:1361412562310831176", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831176", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2010:168 (openssl)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2010:168 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in openssl:\n\n Double free vulnerability in the ssl3_get_key_exchange function in\n the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7,\n and possibly other versions, when using ECDH, allows context-dependent\n attackers to cause a denial of service (crash) and possibly execute\n arbitrary code via a crafted private key with an invalid prime. NOTE:\n some sources refer to this as a use-after-free issue (CVE-2010-2939).\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openssl on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-09/msg00001.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831176\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-27 08:14:44 +0200 (Mon, 27 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:168\");\n script_cve_id(\"CVE-2010-2939\");\n script_name(\"Mandriva Update for openssl MDVSA-2010:168 (openssl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-devel\", rpm:\"libopenssl1.0.0-devel~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-static-devel\", rpm:\"libopenssl1.0.0-static-devel~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-engines\", rpm:\"openssl-engines~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-devel\", rpm:\"lib64openssl1.0.0-devel~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-static-devel\", rpm:\"lib64openssl1.0.0-static-devel~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "description": "Check for the Version of openssl", "modified": "2017-12-22T00:00:00", "published": "2010-09-27T00:00:00", "id": "OPENVAS:831176", "href": "http://plugins.openvas.org/nasl.php?oid=831176", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2010:168 (openssl)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2010:168 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in openssl:\n\n Double free vulnerability in the ssl3_get_key_exchange function in\n the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7,\n and possibly other versions, when using ECDH, allows context-dependent\n attackers to cause a denial of service (crash) and possibly execute\n arbitrary code via a crafted private key with an invalid prime. NOTE:\n some sources refer to this as a use-after-free issue (CVE-2010-2939).\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openssl on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-09/msg00001.php\");\n script_id(831176);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-27 08:14:44 +0200 (Mon, 27 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:168\");\n script_cve_id(\"CVE-2010-2939\");\n script_name(\"Mandriva Update for openssl MDVSA-2010:168 (openssl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-devel\", rpm:\"libopenssl1.0.0-devel~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-static-devel\", rpm:\"libopenssl1.0.0-static-devel~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-engines\", rpm:\"openssl-engines~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-devel\", rpm:\"lib64openssl1.0.0-devel~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-static-devel\", rpm:\"lib64openssl1.0.0-static-devel~1.0.0a~1.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:54:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3245"], "description": "Check for the Version of openssl096b", "modified": "2018-01-05T00:00:00", "published": "2010-03-31T00:00:00", "id": "OPENVAS:1361412562310870242", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870242", "type": "openvas", "title": "RedHat Update for openssl096b RHSA-2010:0173-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl096b RHSA-2010:0173-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL did not always check the return value of the\n bn_wexpand() function. An attacker able to trigger a memory allocation\n failure in that function could cause an application using the OpenSSL\n library to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n \n All openssl096b users should upgrade to these updated packages, which\n contain a backported patch to resolve this issue. For the update to take\n effect, all programs using the openssl096b library must be restarted.\";\n\ntag_affected = \"openssl096b on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-March/msg00027.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870242\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0173-02\");\n script_cve_id(\"CVE-2009-3245\");\n script_name(\"RedHat Update for openssl096b RHSA-2010:0173-02\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl096b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl096b\", rpm:\"openssl096b~0.9.6b~22.46.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl096b-debuginfo\", rpm:\"openssl096b-debuginfo~0.9.6b~22.46.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl096b\", rpm:\"openssl096b~0.9.6b~16.50\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl096b-debuginfo\", rpm:\"openssl096b-debuginfo~0.9.6b~16.50\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:58:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3245"], "description": "Check for the Version of openssl096b", "modified": "2017-12-18T00:00:00", "published": "2010-03-31T00:00:00", "id": "OPENVAS:870242", "href": "http://plugins.openvas.org/nasl.php?oid=870242", "type": "openvas", "title": "RedHat Update for openssl096b RHSA-2010:0173-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl096b RHSA-2010:0173-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL did not always check the return value of the\n bn_wexpand() function. An attacker able to trigger a memory allocation\n failure in that function could cause an application using the OpenSSL\n library to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n \n All openssl096b users should upgrade to these updated packages, which\n contain a backported patch to resolve this issue. For the update to take\n effect, all programs using the openssl096b library must be restarted.\";\n\ntag_affected = \"openssl096b on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-March/msg00027.html\");\n script_id(870242);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0173-02\");\n script_cve_id(\"CVE-2009-3245\");\n script_name(\"RedHat Update for openssl096b RHSA-2010:0173-02\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl096b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl096b\", rpm:\"openssl096b~0.9.6b~22.46.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl096b-debuginfo\", rpm:\"openssl096b-debuginfo~0.9.6b~22.46.el4_8.1\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl096b\", rpm:\"openssl096b~0.9.6b~16.50\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl096b-debuginfo\", rpm:\"openssl096b-debuginfo~0.9.6b~16.50\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-07-17T14:31:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3245"], "description": "OpenSSL is prone to an unspecified vulnerability in bn_wexpend().", "modified": "2019-07-05T00:00:00", "published": "2010-03-15T00:00:00", "id": "OPENVAS:1361412562310100527", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100527", "type": "openvas", "title": "OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability\n#\n# Authors:\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100527\");\n script_tag(name:\"creation_date\", value:\"2010-03-15 13:03:19 +0100 (Mon, 15 Mar 2010)\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:04:07 +0000 (Fri, 05 Jul 2019)\");\n script_bugtraq_id(38562);\n script_cve_id(\"CVE-2009-3245\");\n script_version(\"2019-07-05T10:04:07+0000\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_name(\"OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/38562\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"gb_openssl_detect_win.nasl\");\n script_mandatory_keys(\"openssl/detected\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more\n information.\");\n\n script_tag(name:\"summary\", value:\"OpenSSL is prone to an unspecified vulnerability in bn_wexpend().\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions prior to OpenSSL 0.9.8m are vulnerable.\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^0\\.9\\.\" && version_is_less(version:vers , test_version:\"0.9.8m\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"0.9.8m\", install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-06T13:05:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3245"], "description": "Check for the Version of openssl096b", "modified": "2018-01-04T00:00:00", "published": "2010-03-31T00:00:00", "id": "OPENVAS:1361412562310880381", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880381", "type": "openvas", "title": "CentOS Update for openssl096b CESA-2010:0173 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl096b CESA-2010:0173 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL did not always check the return value of the\n bn_wexpand() function. An attacker able to trigger a memory allocation\n failure in that function could cause an application using the OpenSSL\n library to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n \n All openssl096b users should upgrade to these updated packages, which\n contain a backported patch to resolve this issue. For the update to take\n effect, all programs using the openssl096b library must be restarted.\";\n\ntag_affected = \"openssl096b on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-March/016582.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880381\");\n script_version(\"$Revision: 8287 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 08:28:11 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-31 14:20:46 +0200 (Wed, 31 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0173\");\n script_cve_id(\"CVE-2009-3245\");\n script_name(\"CentOS Update for openssl096b CESA-2010:0173 centos3 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl096b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl096b\", rpm:\"openssl096b~0.9.6b~16.50\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:26:45", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2939", "CVE-2009-3245"], "description": "It was discovered that OpenSSL incorrectly handled return codes from the \nbn_wexpand function calls. A remote attacker could trigger this flaw in \nservices that used SSL to cause a denial of service or possibly execute \narbitrary code with application privileges. This issue only affected Ubuntu \n6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2009-3245)\n\nIt was discovered that OpenSSL incorrectly handled certain private keys \nwith an invalid prime. A remote attacker could trigger this flaw in \nservices that used SSL to cause a denial of service or possibly execute \narbitrary code with application privileges. The default compiler options \nfor affected releases should reduce the vulnerability to a denial of \nservice. (CVE-2010-2939)", "edition": 5, "modified": "2010-10-07T00:00:00", "published": "2010-10-07T00:00:00", "id": "USN-1003-1", "href": "https://ubuntu.com/security/notices/USN-1003-1", "title": "OpenSSL vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitdb": [{"lastseen": "2016-02-03T21:10:20", "description": "OpenSSL 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption Vulnerability. CVE-2010-2939. Dos exploit for linux platform", "published": "2010-08-07T00:00:00", "type": "exploitdb", "title": "OpenSSL - 'ssl3_get_key_exchange' Use-After-Free Memory Corruption Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2010-2939"], "modified": "2010-08-07T00:00:00", "id": "EDB-ID:34427", "href": "https://www.exploit-db.com/exploits/34427/", "sourceData": "source: http://www.securityfocus.com/bid/42306/info\r\n\r\nOpenSSL is prone to a remote memory-corruption vulnerability.\r\n\r\nSuccessfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the application using the vulnerable library. Failed exploit attempts will result in a denial-of-service condition.\r\n\r\nThe issue affects OpenSSL 1.0.0a; other versions may also be affected. \r\n\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/34427.zip", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/34427/"}], "securityvulns": [{"lastseen": "2018-08-31T11:10:36", "bulletinFamily": "software", "cvelist": ["CVE-2010-2939"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2100-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nAugust 30, 2010 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : openssl\r\nVulnerability : double free\r\nProblem type : local&#40;remote&#41;\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2010-2939\r\n\r\nGeorge Guninski discovered a double free in the ECDH code of the OpenSSL\r\ncrypto library, which may lead to denial of service and potentially the\r\nexecution of arbitrary code.\r\n\r\nFor the stable distribution &#40;lenny&#41;, this problem has been fixed in \r\nversion 0.9.8g-15+lenny8.\r\n\r\nFor the unstable distribution &#40;sid&#41;, this problem has been fixed in\r\nversion 0.9.8o-2.\r\n\r\nWe recommend that you upgrade your openssl packages.\r\n\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g.orig.tar.gz\r\n Size/MD5 checksum: 3354792 acf70a16359bf3658bdfb74bda1c4419\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8.dsc\r\n Size/MD5 checksum: 1973 b3bc5cc9d4396dd53408d1523e5d9922\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8.diff.gz\r\n Size/MD5 checksum: 60148 e011a196c7a96bdcfba8e8d1c7842d7a\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_alpha.deb\r\n Size/MD5 checksum: 1028966 c533c4f1ed722bfc684fb2aa7ae0bbaf\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_alpha.deb\r\n Size/MD5 checksum: 2583198 ee814656292202df8e66508a78e76757\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_alpha.udeb\r\n Size/MD5 checksum: 722118 7bfdc9cff603e3c71014987e99a33637\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_alpha.deb\r\n Size/MD5 checksum: 2814048 c5309df7a3eff59618da50ea20e0bb1f\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_alpha.deb\r\n Size/MD5 checksum: 4369476 8e583136a6e221ba239a305447cd55fd\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_amd64.deb\r\n Size/MD5 checksum: 975790 04b625095430068834e3621b47749d60\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_amd64.deb\r\n Size/MD5 checksum: 2243092 0b4a82a5a95df9d092498065e2c69d88\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_amd64.deb\r\n Size/MD5 checksum: 1627634 e86e98d321e13f6941a5b14568cecbae\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_amd64.udeb\r\n Size/MD5 checksum: 638416 d578d3861d7402f70d340cb138e969c8\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_amd64.deb\r\n Size/MD5 checksum: 1043270 7ccee021eceb10b6bcd55222f0f9c00f\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_arm.deb\r\n Size/MD5 checksum: 1028840 a473c6b7dfc800b0ad4f3a2320ed34e5\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_arm.deb\r\n Size/MD5 checksum: 1490650 9032ae14c182e5adbe934b083588a785\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_arm.deb\r\n Size/MD5 checksum: 2087038 b17611d1c503a30363357014a4523414\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_arm.udeb\r\n Size/MD5 checksum: 536038 e44733e9826dc24561732f7885df50f3\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_arm.deb\r\n Size/MD5 checksum: 844412 1a23967e4c4c3ad3f97c21a47e8d3bac\r\n\r\narmel architecture &#40;ARM EABI&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_armel.deb\r\n Size/MD5 checksum: 1031134 cfce1ef9bc3a6768ed052b23d9781cdf\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_armel.deb\r\n Size/MD5 checksum: 849994 340a78374851cbd1aca2ea8344ba54ba\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_armel.deb\r\n Size/MD5 checksum: 2096496 34ad0dffc16f3ff0deac8fb6e8b2cd2e\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_armel.udeb\r\n Size/MD5 checksum: 540784 51b9cd8fee37fbd55c512db13e556b2c\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_armel.deb\r\n Size/MD5 checksum: 1506252 7d52d569cd8be4e1ce2f60cf05519ed8\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_hppa.deb\r\n Size/MD5 checksum: 2268554 4339767f35a5fdfe0e20c11eea6f3b82\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_hppa.deb\r\n Size/MD5 checksum: 1046972 66ba3aa9fb82893461f7dfd38c2fb586\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_hppa.deb\r\n Size/MD5 checksum: 969042 5851386ee3b68d609533896a64701aea\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_hppa.deb\r\n Size/MD5 checksum: 1528486 f867ab97ab589b0356b7e5085c337442\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_hppa.udeb\r\n Size/MD5 checksum: 634500 02ad6d507ccc026810116b0e2a9d1b0c\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_i386.deb\r\n Size/MD5 checksum: 1035808 891f554f175236fed6ba2e78836efbf0\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_i386.deb\r\n Size/MD5 checksum: 2977216 e7002003f49898963b51fc60d986660b\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_i386.deb\r\n Size/MD5 checksum: 5393090 596c50c449a97cd8652e7116df06cb82\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_i386.udeb\r\n Size/MD5 checksum: 591774 4eadb7676b04e66b2ce5a94c0fbabeaf\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_i386.deb\r\n Size/MD5 checksum: 2108390 88d1201dbb7f7e2806f36c9c8b945c60\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_ia64.deb\r\n Size/MD5 checksum: 2666450 490fc734a403d18fdcff30f3d4430eb7\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_ia64.deb\r\n Size/MD5 checksum: 1465484 d44c2feba9e5e946a1f05975c010eff5\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_ia64.udeb\r\n Size/MD5 checksum: 865354 db7a81175a7687d21a7bc78651758fdc\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_ia64.deb\r\n Size/MD5 checksum: 1105058 d757a92ae7a9992aed13984efce04c27\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_ia64.deb\r\n Size/MD5 checksum: 1280580 9302c8ec90b228b8e5c309077345a4f6\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_mips.deb\r\n Size/MD5 checksum: 899398 f1afc1bd010c170d4c3cc1536dc18f99\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_mips.deb\r\n Size/MD5 checksum: 2304822 7119c17aad6cedb6fe917b006cbd23aa\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_mips.udeb\r\n Size/MD5 checksum: 585112 315040d22ee0183a8743d4f83d475e55\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_mips.deb\r\n Size/MD5 checksum: 1624120 028858a3ea8b187e62cfbef6472d0a3d\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_mips.deb\r\n Size/MD5 checksum: 1024826 e05816850ac1042054512581efad8186\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_mipsel.deb\r\n Size/MD5 checksum: 1588188 2d22ed0b4f0ba51a99124d02fc4f938f\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_mipsel.udeb\r\n Size/MD5 checksum: 572372 ae996b71ca701f620f47f3f9b3adb4e5\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_mipsel.deb\r\n Size/MD5 checksum: 2294950 4ead973a8ae6b219789383a098129f6e\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_mipsel.deb\r\n Size/MD5 checksum: 885576 d71d3da4eabce725eb9db564ed51f94f\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_mipsel.deb\r\n Size/MD5 checksum: 1012124 9852687e5a2129c070e19c174c04a57f\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_powerpc.deb\r\n Size/MD5 checksum: 1000536 302fdfa358fa81643764272c3bfb6bd6\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_powerpc.deb\r\n Size/MD5 checksum: 2244344 442368fa4ab11ea17fa752f66bbce767\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_powerpc.deb\r\n Size/MD5 checksum: 1644026 fb2bb5e6d08598405cf0cbbf47aa2a08\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_powerpc.deb\r\n Size/MD5 checksum: 1035350 41f30f1ea50b63ba43c7bdfabef0e5ca\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_powerpc.udeb\r\n Size/MD5 checksum: 656162 a8d196b8c6ddec04bba99cf105a82f89\r\n\r\ns390 architecture &#40;IBM S/390&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_s390.deb\r\n Size/MD5 checksum: 1602434 556df4caf296dcabe80911f991165f9d\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_s390.deb\r\n Size/MD5 checksum: 1024524 ec70f8625e30bbdfa7da0eba25d2d1c6\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_s390.deb\r\n Size/MD5 checksum: 2231778 293db646ff3508532b143725d18e3edb\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_s390.udeb\r\n Size/MD5 checksum: 693038 578371a2bdde98c7f1fcef9371eeaca5\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_s390.deb\r\n Size/MD5 checksum: 1051104 d0242ea2b04ad52eb795bd7a6569298d\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_sparc.deb\r\n Size/MD5 checksum: 3867898 081e1addfcfcea3c32fddef4570806a6\r\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_sparc.deb\r\n Size/MD5 checksum: 1044670 bfc18d2fd2a61d2c093f0a1e2395df5c\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_sparc.deb\r\n Size/MD5 checksum: 2148206 88e85ad27c456f5b68553e58de8a2d2b\r\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_sparc.deb\r\n Size/MD5 checksum: 2292216 b98676306a58912992cef47a76615171\r\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_sparc.udeb\r\n Size/MD5 checksum: 580504 6a12e4b8e9ea08da70d48c65e59b6828\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 &#40;GNU/Linux&#41;\r\n\r\niEYEARECAAYFAkx7++sACgkQXm3vHE4uylqvcACfRl8NYBBm3ZjNwsPcuKxBEoDn\r\nt6kAnRce7cUminmZ1L5xjEUJ6C62Wo7j\r\n=bFRp\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2010-09-02T00:00:00", "published": "2010-09-02T00:00:00", "id": "SECURITYVULNS:DOC:24668", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24668", "title": "[SECURITY] [DSA 2100-1] New openssl packages fix double free", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:38", "bulletinFamily": "software", "cvelist": ["CVE-2010-2939"], "description": "Double free&#40;&#41; in ECDH code.", "edition": 1, "modified": "2010-09-02T00:00:00", "published": "2010-09-02T00:00:00", "id": "SECURITYVULNS:VULN:11113", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11113", "title": "OpenSSL library double free vulnerability", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:34", "bulletinFamily": "software", "cvelist": ["CVE-2010-0740", "CVE-2009-3245", "CVE-2009-3555", "CVE-2010-0433"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:076-1\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : openssl\r\n Date : April 19, 2010\r\n Affected: 2009.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n This update fixes several security issues in openssl:\r\n - The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f\r\n through 0.9.8m allows remote attackers to cause a denial of service\r\n &#40;crash&#41; via a malformed record in a TLS connection &#40;CVE-2010-0740&#41;\r\n - OpenSSL before 0.9.8m does not check for a NULL return value\r\n from bn_wexpand function calls which has unspecified impact and\r\n context-dependent attack vectors &#40;CVE-2009-3245&#41;\r\n - The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL\r\n before 0.9.8n, when Kerberos is enabled but Kerberos configuration\r\n files cannot be opened, could allow remote attackers to cause a denial\r\n of service &#40;NULL pointer dereference and daemon crash&#41; &#40;CVE-2010-0433&#41;\r\n - Finally, this update provides support for secure renegotiation,\r\n preventing men-in-the-middle attacks &#40;CVE-2009-3555&#41;.\r\n \r\n Packages for 2008.0 and 2009.0 are provided due to the Extended\r\n Maintenance Program for those products.\r\n\r\n Update:\r\n\r\n Packages for 2009.0 are provided due to the Extended Maintenance\r\n Program.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.0:\r\n 1f42cf30ee84314be4125a070709d239 2009.0/i586/libopenssl0.9.8-0.9.8h-3.7mdv2009.0.i586.rpm\r\n 372bffd962ced1965c33b752def70b8b 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdv2009.0.i586.rpm\r\n ace965066796e71bf4ecf4af6bc831c5 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.i586.rpm\r\n a6e08ca29b012c695e0763f6fd15fac1 2009.0/i586/openssl-0.9.8h-3.7mdv2009.0.i586.rpm \r\n 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n f6748700d01abc7e33053e339575cede 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdv2009.0.x86_64.rpm\r\n b53a75b4c732a3371a3bcd0e8ed47481 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm\r\n 187bff89c19e2d65ccc5c640a32d0cc7 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm\r\n 1d6f6fca3b51e498359cbbbde07a4a0e 2009.0/x86_64/openssl-0.9.8h-3.7mdv2009.0.x86_64.rpm \r\n 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFLzKP9mqjQ0CJFipgRAsUVAJkBjISC/NXul8GxUaeiBPsnb6gRNQCgt+ty\r\nX3hfPZSWARaTxUmX7P/4FDM=\r\n=FrW5\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2010-04-22T00:00:00", "published": "2010-04-22T00:00:00", "id": "SECURITYVULNS:DOC:23678", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23678", "title": "[ MDVSA-2010:076-1 ] openssl", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:11:22", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2939"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2100-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 30, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : openssl\nVulnerability : double free\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2010-2939\n\nGeorge Guninski discovered a double free in the ECDH code of the OpenSSL\ncrypto library, which may lead to denial of service and potentially the\nexecution of arbitrary code.\n\nFor the stable distribution (lenny), this problem has been fixed in \nversion 0.9.8g-15+lenny8.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.9.8o-2.\n\nWe recommend that you upgrade your openssl packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g.orig.tar.gz\n Size/MD5 checksum: 3354792 acf70a16359bf3658bdfb74bda1c4419\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8.dsc\n Size/MD5 checksum: 1973 b3bc5cc9d4396dd53408d1523e5d9922\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8.diff.gz\n Size/MD5 checksum: 60148 e011a196c7a96bdcfba8e8d1c7842d7a\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_alpha.deb\n Size/MD5 checksum: 1028966 c533c4f1ed722bfc684fb2aa7ae0bbaf\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_alpha.deb\n Size/MD5 checksum: 2583198 ee814656292202df8e66508a78e76757\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_alpha.udeb\n Size/MD5 checksum: 722118 7bfdc9cff603e3c71014987e99a33637\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_alpha.deb\n Size/MD5 checksum: 2814048 c5309df7a3eff59618da50ea20e0bb1f\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_alpha.deb\n Size/MD5 checksum: 4369476 8e583136a6e221ba239a305447cd55fd\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_amd64.deb\n Size/MD5 checksum: 975790 04b625095430068834e3621b47749d60\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_amd64.deb\n Size/MD5 checksum: 2243092 0b4a82a5a95df9d092498065e2c69d88\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_amd64.deb\n Size/MD5 checksum: 1627634 e86e98d321e13f6941a5b14568cecbae\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_amd64.udeb\n Size/MD5 checksum: 638416 d578d3861d7402f70d340cb138e969c8\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_amd64.deb\n Size/MD5 checksum: 1043270 7ccee021eceb10b6bcd55222f0f9c00f\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_arm.deb\n Size/MD5 checksum: 1028840 a473c6b7dfc800b0ad4f3a2320ed34e5\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_arm.deb\n Size/MD5 checksum: 1490650 9032ae14c182e5adbe934b083588a785\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_arm.deb\n Size/MD5 checksum: 2087038 b17611d1c503a30363357014a4523414\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_arm.udeb\n Size/MD5 checksum: 536038 e44733e9826dc24561732f7885df50f3\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_arm.deb\n Size/MD5 checksum: 844412 1a23967e4c4c3ad3f97c21a47e8d3bac\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_armel.deb\n Size/MD5 checksum: 1031134 cfce1ef9bc3a6768ed052b23d9781cdf\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_armel.deb\n Size/MD5 checksum: 849994 340a78374851cbd1aca2ea8344ba54ba\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_armel.deb\n Size/MD5 checksum: 2096496 34ad0dffc16f3ff0deac8fb6e8b2cd2e\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_armel.udeb\n Size/MD5 checksum: 540784 51b9cd8fee37fbd55c512db13e556b2c\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_armel.deb\n Size/MD5 checksum: 1506252 7d52d569cd8be4e1ce2f60cf05519ed8\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_hppa.deb\n Size/MD5 checksum: 2268554 4339767f35a5fdfe0e20c11eea6f3b82\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_hppa.deb\n Size/MD5 checksum: 1046972 66ba3aa9fb82893461f7dfd38c2fb586\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_hppa.deb\n Size/MD5 checksum: 969042 5851386ee3b68d609533896a64701aea\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_hppa.deb\n Size/MD5 checksum: 1528486 f867ab97ab589b0356b7e5085c337442\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_hppa.udeb\n Size/MD5 checksum: 634500 02ad6d507ccc026810116b0e2a9d1b0c\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_i386.deb\n Size/MD5 checksum: 1035808 891f554f175236fed6ba2e78836efbf0\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_i386.deb\n Size/MD5 checksum: 2977216 e7002003f49898963b51fc60d986660b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_i386.deb\n Size/MD5 checksum: 5393090 596c50c449a97cd8652e7116df06cb82\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_i386.udeb\n Size/MD5 checksum: 591774 4eadb7676b04e66b2ce5a94c0fbabeaf\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_i386.deb\n Size/MD5 checksum: 2108390 88d1201dbb7f7e2806f36c9c8b945c60\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_ia64.deb\n Size/MD5 checksum: 2666450 490fc734a403d18fdcff30f3d4430eb7\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_ia64.deb\n Size/MD5 checksum: 1465484 d44c2feba9e5e946a1f05975c010eff5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_ia64.udeb\n Size/MD5 checksum: 865354 db7a81175a7687d21a7bc78651758fdc\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_ia64.deb\n Size/MD5 checksum: 1105058 d757a92ae7a9992aed13984efce04c27\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_ia64.deb\n Size/MD5 checksum: 1280580 9302c8ec90b228b8e5c309077345a4f6\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_mips.deb\n Size/MD5 checksum: 899398 f1afc1bd010c170d4c3cc1536dc18f99\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_mips.deb\n Size/MD5 checksum: 2304822 7119c17aad6cedb6fe917b006cbd23aa\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_mips.udeb\n Size/MD5 checksum: 585112 315040d22ee0183a8743d4f83d475e55\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_mips.deb\n Size/MD5 checksum: 1624120 028858a3ea8b187e62cfbef6472d0a3d\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_mips.deb\n Size/MD5 checksum: 1024826 e05816850ac1042054512581efad8186\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_mipsel.deb\n Size/MD5 checksum: 1588188 2d22ed0b4f0ba51a99124d02fc4f938f\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_mipsel.udeb\n Size/MD5 checksum: 572372 ae996b71ca701f620f47f3f9b3adb4e5\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_mipsel.deb\n Size/MD5 checksum: 2294950 4ead973a8ae6b219789383a098129f6e\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_mipsel.deb\n Size/MD5 checksum: 885576 d71d3da4eabce725eb9db564ed51f94f\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_mipsel.deb\n Size/MD5 checksum: 1012124 9852687e5a2129c070e19c174c04a57f\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_powerpc.deb\n Size/MD5 checksum: 1000536 302fdfa358fa81643764272c3bfb6bd6\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_powerpc.deb\n Size/MD5 checksum: 2244344 442368fa4ab11ea17fa752f66bbce767\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_powerpc.deb\n Size/MD5 checksum: 1644026 fb2bb5e6d08598405cf0cbbf47aa2a08\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_powerpc.deb\n Size/MD5 checksum: 1035350 41f30f1ea50b63ba43c7bdfabef0e5ca\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_powerpc.udeb\n Size/MD5 checksum: 656162 a8d196b8c6ddec04bba99cf105a82f89\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_s390.deb\n Size/MD5 checksum: 1602434 556df4caf296dcabe80911f991165f9d\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_s390.deb\n Size/MD5 checksum: 1024524 ec70f8625e30bbdfa7da0eba25d2d1c6\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_s390.deb\n Size/MD5 checksum: 2231778 293db646ff3508532b143725d18e3edb\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_s390.udeb\n Size/MD5 checksum: 693038 578371a2bdde98c7f1fcef9371eeaca5\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_s390.deb\n Size/MD5 checksum: 1051104 d0242ea2b04ad52eb795bd7a6569298d\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny8_sparc.deb\n Size/MD5 checksum: 3867898 081e1addfcfcea3c32fddef4570806a6\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny8_sparc.deb\n Size/MD5 checksum: 1044670 bfc18d2fd2a61d2c093f0a1e2395df5c\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny8_sparc.deb\n Size/MD5 checksum: 2148206 88e85ad27c456f5b68553e58de8a2d2b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny8_sparc.deb\n Size/MD5 checksum: 2292216 b98676306a58912992cef47a76615171\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny8_sparc.udeb\n Size/MD5 checksum: 580504 6a12e4b8e9ea08da70d48c65e59b6828\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2010-08-30T18:45:19", "published": "2010-08-30T18:45:19", "id": "DEBIAN:DSA-2100-1:4412C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00146.html", "title": "[SECURITY] [DSA 2100-1] New openssl packages fix double free", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-06T09:46:04", "description": "George Guninski discovered a double free in the ECDH code of the\nOpenSSL crypto library, which may lead to denial of service and\npotentially the execution of arbitrary code.", "edition": 25, "published": "2010-09-01T00:00:00", "title": "Debian DSA-2100-1 : openssl - double free", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "modified": "2010-09-01T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:openssl"], "id": "DEBIAN_DSA-2100.NASL", "href": "https://www.tenable.com/plugins/nessus/49057", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2100. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49057);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-2939\");\n script_bugtraq_id(42306);\n script_xref(name:\"DSA\", value:\"2100\");\n\n script_name(english:\"Debian DSA-2100-1 : openssl - double free\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"George Guninski discovered a double free in the ECDH code of the\nOpenSSL crypto library, which may lead to denial of service and\npotentially the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2100\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.9.8g-15+lenny8.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libssl-dev\", reference:\"0.9.8g-15+lenny8\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8g-15+lenny8\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8g-15+lenny8\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"openssl\", reference:\"0.9.8g-15+lenny8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:52:46", "description": "A vulnerability has been found and corrected in openssl :\n\nDouble free vulnerability in the ssl3_get_key_exchange function in the\nOpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and\npossibly other versions, when using ECDH, allows context-dependent\nattackers to cause a denial of service (crash) and possibly execute\narbitrary code via a crafted private key with an invalid prime. NOTE:\nsome sources refer to this as a use-after-free issue (CVE-2010-2939).\n\nThe updated packages have been patched to correct this issue.", "edition": 24, "published": "2010-09-02T00:00:00", "title": "Mandriva Linux Security Advisory : openssl (MDVSA-2010:168)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "modified": "2010-09-02T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:openssl", "p-cpe:/a:mandriva:linux:libopenssl1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0-static-devel", "p-cpe:/a:mandriva:linux:libopenssl1.0.0-devel", "p-cpe:/a:mandriva:linux:libopenssl1.0.0-static-devel", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0", "p-cpe:/a:mandriva:linux:openssl-engines", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0-devel"], "id": "MANDRIVA_MDVSA-2010-168.NASL", "href": "https://www.tenable.com/plugins/nessus/49078", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:168. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49078);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-2939\");\n script_bugtraq_id(42306);\n script_xref(name:\"MDVSA\", value:\"2010:168\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openssl (MDVSA-2010:168)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in openssl :\n\nDouble free vulnerability in the ssl3_get_key_exchange function in the\nOpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and\npossibly other versions, when using ECDH, allows context-dependent\nattackers to cause a denial of service (crash) and possibly execute\narbitrary code via a crafted private key with an invalid prime. NOTE:\nsome sources refer to this as a use-after-free issue (CVE-2010-2939).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl-engines\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-1.0.0a-1.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-devel-1.0.0a-1.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-static-devel-1.0.0a-1.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-1.0.0a-1.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-devel-1.0.0a-1.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-static-devel-1.0.0a-1.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"openssl-1.0.0a-1.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"openssl-engines-1.0.0a-1.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T04:32:57", "description": "According to its banner, the remote server is running a version of \nOpenSSL that is earlier than 0.9.8p / 1.0.0e. \n\nA remote attacker could crash client software when using ECDH. The\nimpact of this vulnerability is not clear; arbitrary code could be run\ntoo. \n\nNote that OpenSSL changelog only reports a fix for 0.9.8p. 1.0.0a is\ndefinitely vulnerable. Gentoo reports a fix for 1.0.0e but it covers\nother flaws.NVD reports 0.9.7 as vulnerable too but does not give any\nfixed version.", "edition": 26, "published": "2012-01-04T00:00:00", "title": "OpenSSL < 0.9.8p / 1.0.0e Double Free Vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_8P_1_0_0E.NASL", "href": "https://www.tenable.com/plugins/nessus/17767", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(17767);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2010-2939\");\n script_bugtraq_id(42306);\n\n # http://www.openssl.org/news/changelog.html\n # http://www.gentoo.org/security/en/glsa/glsa-201110-01.xml \n script_xref(name:\"GLSA\", value:\"201110-01\");\n\n script_name(english:\"OpenSSL < 0.9.8p / 1.0.0e Double Free Vulnerability\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SSL layer is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote server is running a version of \nOpenSSL that is earlier than 0.9.8p / 1.0.0e. \n\nA remote attacker could crash client software when using ECDH. The\nimpact of this vulnerability is not clear; arbitrary code could be run\ntoo. \n\nNote that OpenSSL changelog only reports a fix for 0.9.8p. 1.0.0a is\ndefinitely vulnerable. Gentoo reports a fix for 1.0.0e but it covers\nother flaws.NVD reports 0.9.7 as vulnerable too but does not give any\nfixed version.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to OpenSSL 0.9.8p / 1.0.0e or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:make_list('0.9.8p', '1.0.0e'), severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:46:50", "description": "Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939). This has been fixed.", "edition": 24, "published": "2010-11-16T00:00:00", "title": "SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7174)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "modified": "2010-11-16T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_OPENSSL-7174.NASL", "href": "https://www.tenable.com/plugins/nessus/50610", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50610);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2939\");\n\n script_name(english:\"SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7174)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939). This has been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2939.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7174.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"openssl-0.9.8a-18.43.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"openssl-devel-0.9.8a-18.43.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.43.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.43.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"openssl-0.9.8a-18.43.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"openssl-devel-0.9.8a-18.43.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"openssl-doc-0.9.8a-18.43.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.43.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.43.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:07:41", "description": "Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939).", "edition": 25, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0951-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl-devel", "cpe:/o:novell:opensuse:11.3", "p-cpe:/a:novell:opensuse:libopenssl1_0_0"], "id": "SUSE_11_3_LIBOPENSSL-DEVEL-100927.NASL", "href": "https://www.tenable.com/plugins/nessus/75592", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-3214.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75592);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2939\");\n\n script_name(english:\"openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0951-1)\");\n script_summary(english:\"Check for the libopenssl-devel-3214 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=629905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-11/msg00022.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libopenssl-devel-1.0.0-6.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libopenssl0_9_8-0.9.8m-3.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libopenssl1_0_0-1.0.0-6.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"openssl-1.0.0-6.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8m-3.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.0-6.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl0_9_8 / libopenssl0_9_8-32bit / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:04:49", "description": "Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939).", "edition": 25, "published": "2011-05-05T00:00:00", "title": "openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0952-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "modified": "2011-05-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl-devel"], "id": "SUSE_11_1_LIBOPENSSL-DEVEL-100927.NASL", "href": "https://www.tenable.com/plugins/nessus/53674", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-3206.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53674);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2939\");\n\n script_name(english:\"openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0952-1)\");\n script_summary(english:\"Check for the libopenssl-devel-3206 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=608666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=629905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-11/msg00023.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libopenssl-devel-0.9.8h-28.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libopenssl0_9_8-0.9.8h-28.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openssl-0.9.8h-28.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-28.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl0_9_8 / libopenssl0_9_8-32bit / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:06:07", "description": "Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939).", "edition": 25, "published": "2011-05-05T00:00:00", "title": "openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0951-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "modified": "2011-05-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:libopenssl-devel"], "id": "SUSE_11_2_LIBOPENSSL-DEVEL-100927.NASL", "href": "https://www.tenable.com/plugins/nessus/53749", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-3214.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53749);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2939\");\n\n script_name(english:\"openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0951-1)\");\n script_summary(english:\"Check for the libopenssl-devel-3214 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=629905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-11/msg00022.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libopenssl-devel-0.9.8k-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libopenssl0_9_8-0.9.8k-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"openssl-0.9.8k-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8k-3.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl0_9_8 / libopenssl0_9_8-32bit / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:13:21", "description": "Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939). This has been fixed.", "edition": 24, "published": "2010-12-02T00:00:00", "title": "SuSE 11 / 11.1 Security Update : OpenSSL (SAT Patch Numbers 3208 / 3209)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-2939"], "modified": "2010-12-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:openssl", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:openssl-doc"], "id": "SUSE_11_LIBOPENSSL-DEVEL-100927.NASL", "href": "https://www.tenable.com/plugins/nessus/50938", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50938);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2939\");\n\n script_name(english:\"SuSE 11 / 11.1 Security Update : OpenSSL (SAT Patch Numbers 3208 / 3209)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted responses from SSL servers could cause a double-free\nbug in openssl's client implementation. Malicious servers could\nexploit that to crash programs use openssl for the SSL connection\n(CVE-2010-2939). This has been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=608666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=629905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2939.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 3208 / 3209 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libopenssl0_9_8-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"openssl-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"openssl-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libopenssl0_9_8-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"openssl-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"openssl-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libopenssl0_9_8-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openssl-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openssl-doc-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.22.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libopenssl0_9_8-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"openssl-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"openssl-doc-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.28.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:07:35", "description": "Updated openssl096b packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL did not always check the return value\nof the bn_wexpand() function. An attacker able to trigger a memory\nallocation failure in that function could cause an application using\nthe OpenSSL library to crash or, possibly, execute arbitrary code.\n(CVE-2009-3245)\n\nAll openssl096b users should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. For the update to\ntake effect, all programs using the openssl096b library must be\nrestarted.", "edition": 27, "published": "2010-05-11T00:00:00", "title": "RHEL 3 / 4 : openssl096b (RHSA-2010:0173)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3245"], "modified": "2010-05-11T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "p-cpe:/a:redhat:enterprise_linux:openssl096b"], "id": "REDHAT-RHSA-2010-0173.NASL", "href": "https://www.tenable.com/plugins/nessus/46280", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0173. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46280);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3245\");\n script_bugtraq_id(38562);\n script_xref(name:\"RHSA\", value:\"2010:0173\");\n\n script_name(english:\"RHEL 3 / 4 : openssl096b (RHSA-2010:0173)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl096b packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL did not always check the return value\nof the bn_wexpand() function. An attacker able to trigger a memory\nallocation failure in that function could cause an application using\nthe OpenSSL library to crash or, possibly, execute arbitrary code.\n(CVE-2009-3245)\n\nAll openssl096b users should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. For the update to\ntake effect, all programs using the openssl096b library must be\nrestarted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3245\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-26039\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/15835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0173\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl096b package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl096b\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0173\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-16.50\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"s390\", reference:\"openssl096b-0.9.6b-16.50\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-16.50\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-22.46.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"openssl096b-0.9.6b-22.46.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-22.46.el4_8.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl096b\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:44:42", "description": "CVE-2009-3245 openssl: missing bn_wexpand return value checks\n\nIt was discovered that OpenSSL did not always check the return value\nof the bn_wexpand() function. An attacker able to trigger a memory\nallocation failure in that function could cause an application using\nthe OpenSSL library to crash or, possibly, execute arbitrary code.\n(CVE-2009-3245)\n\nFor the update to take effect, all programs using the openssl096b\nlibrary must be restarted.", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : openssl096b on SL3.x, SL4.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3245"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20100325_OPENSSL096B_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60756", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60756);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3245\");\n\n script_name(english:\"Scientific Linux Security Update : openssl096b on SL3.x, SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-3245 openssl: missing bn_wexpand return value checks\n\nIt was discovered that OpenSSL did not always check the return value\nof the bn_wexpand() function. An attacker able to trigger a memory\nallocation failure in that function could cause an application using\nthe OpenSSL library to crash or, possibly, execute arbitrary code.\n(CVE-2009-3245)\n\nFor the update to take effect, all programs using the openssl096b\nlibrary must be restarted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1003&L=scientific-linux-errata&T=0&P=2356\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93046dc3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl096b package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"openssl096b-0.9.6b-16.50\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"openssl096b-0.9.6b-22.46.el4_8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:44", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245"], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL did not always check the return value of the\nbn_wexpand() function. An attacker able to trigger a memory allocation\nfailure in that function could cause an application using the OpenSSL\nlibrary to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n\nAll openssl096b users should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. For the update to take\neffect, all programs using the openssl096b library must be restarted.", "modified": "2018-05-26T04:26:17", "published": "2010-03-25T04:00:00", "id": "RHSA-2010:0173", "href": "https://access.redhat.com/errata/RHSA-2010:0173", "type": "redhat", "title": "(RHSA-2010:0173) Important: openssl096b security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:59", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245", "CVE-2009-3555", "CVE-2010-0433"], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL did not always check the return value of the\nbn_wexpand() function. An attacker able to trigger a memory allocation\nfailure in that function could cause an application using the OpenSSL\nlibrary to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA missing return value check flaw was discovered in OpenSSL, that could\npossibly cause OpenSSL to call a Kerberos library function with invalid\narguments, resulting in a NULL pointer dereference crash in the MIT\nKerberos library. In certain configurations, a remote attacker could use\nthis flaw to crash a TLS/SSL server using OpenSSL by requesting Kerberos\ncipher suites during the TLS handshake. (CVE-2010-0433)\n\nAll OpenSSL users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. For the update to take effect,\nall services linked to the OpenSSL library must be restarted, or the system\nrebooted.", "modified": "2017-09-08T11:54:09", "published": "2010-03-25T04:00:00", "id": "RHSA-2010:0162", "href": "https://access.redhat.com/errata/RHSA-2010:0162", "type": "redhat", "title": "(RHSA-2010:0162) Important: openssl security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:10", "bulletinFamily": "unix", "cvelist": ["CVE-2008-7270", "CVE-2009-3245", "CVE-2010-4180"], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code.\nA remote attacker could possibly use this flaw to change the ciphersuite\nassociated with a cached session stored on the server, if the server\nenabled the SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option, possibly\nforcing the client to use a weaker ciphersuite after resuming the session.\n(CVE-2010-4180, CVE-2008-7270)\n\nNote: With this update, setting the SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\noption has no effect and this bug workaround can no longer be enabled.\n\nIt was discovered that OpenSSL did not always check the return value of the\nbn_wexpand() function. An attacker able to trigger a memory allocation\nfailure in that function could possibly crash an application using the\nOpenSSL library and its UBSEC hardware engine support. (CVE-2009-3245)\n\nAll OpenSSL users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. For the update to take effect,\nall services linked to the OpenSSL library must be restarted, or the system\nrebooted.\n", "modified": "2017-09-08T12:19:53", "published": "2010-12-13T05:00:00", "id": "RHSA-2010:0977", "href": "https://access.redhat.com/errata/RHSA-2010:0977", "type": "redhat", "title": "(RHSA-2010:0977) Moderate: openssl security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:24:57", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245"], "description": "**CentOS Errata and Security Advisory** CESA-2010:0173\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL did not always check the return value of the\nbn_wexpand() function. An attacker able to trigger a memory allocation\nfailure in that function could cause an application using the OpenSSL\nlibrary to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n\nAll openssl096b users should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. For the update to take\neffect, all programs using the openssl096b library must be restarted.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028620.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028621.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028649.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028650.html\n\n**Affected packages:**\nopenssl096b\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0173.html", "edition": 4, "modified": "2010-03-28T20:48:23", "published": "2010-03-25T22:40:26", "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/028620.html", "id": "CESA-2010:0173", "title": "openssl096b security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:28:07", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245", "CVE-2009-3555", "CVE-2010-0433"], "description": "**CentOS Errata and Security Advisory** CESA-2010:0162\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL did not always check the return value of the\nbn_wexpand() function. An attacker able to trigger a memory allocation\nfailure in that function could cause an application using the OpenSSL\nlibrary to crash or, possibly, execute arbitrary code. (CVE-2009-3245)\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handled session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. This update addresses this flaw by implementing the\nTLS Renegotiation Indication Extension, as defined in RFC 5746.\n(CVE-2009-3555)\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nA missing return value check flaw was discovered in OpenSSL, that could\npossibly cause OpenSSL to call a Kerberos library function with invalid\narguments, resulting in a NULL pointer dereference crash in the MIT\nKerberos library. In certain configurations, a remote attacker could use\nthis flaw to crash a TLS/SSL server using OpenSSL by requesting Kerberos\ncipher suites during the TLS handshake. (CVE-2010-0433)\n\nAll OpenSSL users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. For the update to take effect,\nall services linked to the OpenSSL library must be restarted, or the system\nrebooted.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028631.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028632.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\n\n**Upstream details at:**\n", "edition": 3, "modified": "2010-03-27T17:30:13", "published": "2010-03-27T17:30:13", "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/028631.html", "id": "CESA-2010:0162", "title": "openssl security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:27:40", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4180", "CVE-2009-3245", "CVE-2008-7270"], "description": "**CentOS Errata and Security Advisory** CESA-2010:0977\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code.\nA remote attacker could possibly use this flaw to change the ciphersuite\nassociated with a cached session stored on the server, if the server\nenabled the SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option, possibly\nforcing the client to use a weaker ciphersuite after resuming the session.\n(CVE-2010-4180, CVE-2008-7270)\n\nNote: With this update, setting the SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\noption has no effect and this bug workaround can no longer be enabled.\n\nIt was discovered that OpenSSL did not always check the return value of the\nbn_wexpand() function. An attacker able to trigger a memory allocation\nfailure in that function could possibly crash an application using the\nOpenSSL library and its UBSEC hardware engine support. (CVE-2009-3245)\n\nAll OpenSSL users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. For the update to take effect,\nall services linked to the OpenSSL library must be restarted, or the system\nrebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/029273.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/029274.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0977.html", "edition": 3, "modified": "2011-01-27T09:12:26", "published": "2011-01-27T09:11:13", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/029273.html", "id": "CESA-2010:0977", "title": "openssl security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:01", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245"], "description": "[0.9.6b-22.46.1]\n- CVE-2009-3245 - add missing checks for bn_wexpand failures (#570924)", "edition": 4, "modified": "2010-03-25T00:00:00", "published": "2010-03-25T00:00:00", "id": "ELSA-2010-0173", "href": "http://linux.oracle.com/errata/ELSA-2010-0173.html", "title": "openssl096b security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:00", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4180", "CVE-2009-3245", "CVE-2008-7270"], "description": "[0.9.7a-43.17.6]\n- CVE-2010-4180 - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n (#659462)\n- CVE-2009-3245 - fix missing checks on allocation failure in\n bn_wexpand (#570924)", "edition": 4, "modified": "2010-12-13T00:00:00", "published": "2010-12-13T00:00:00", "id": "ELSA-2010-0977", "href": "http://linux.oracle.com/errata/ELSA-2010-0977.html", "title": "openssl security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:32", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245", "CVE-2009-3555", "CVE-2010-0433"], "description": "[0.9.8e-12.6]\n- fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924)\n[0.9.8e-12.5]\n- fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which\n in the RHEL-5 and newer versions will crash in such case (#569774)\n[0.9.8e-12.4]\n- do not disable SSLv2 in the renegotiation patch - SSLv2 does\n not support renegotiation\n- allow unsafe renegotiation on clients with SSL_OP_LEGACY_SERVER_CONNECT\n[0.9.8e-12.3]\n- mention the RFC5746 in the CVE-2009-3555 doc\n[0.9.8e-12.2]\n- fix CVE-2009-3555 - support the safe renegotiation extension and\n do not allow legacy renegotiation on the server by default (#533125) ", "edition": 4, "modified": "2010-03-25T00:00:00", "published": "2010-03-25T00:00:00", "id": "ELSA-2010-0162", "href": "http://linux.oracle.com/errata/ELSA-2010-0162.html", "title": "openssl security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2020-10-25T16:36:01", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "description": "New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\n13.1, and -current to fix security issues.\n\n\nHere are the details from the Slackware 13.1 ChangeLog:\n\npatches/packages/openssl-0.9.8p-i486-1_slack13.1.txz: Rebuilt.\n This OpenSSL update contains some security related bugfixes.\n For more information, see the included CHANGES and NEWS files, and:\n http://www.openssl.org/news/secadv_20101116.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864\n (* Security fix *)\npatches/packages/openssl-solibs-0.9.8p-i486-1_slack13.1.txz: Rebuilt.\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-0.9.8p-i486-1_slack11.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack11.0.tgz\n\nUpdated packages for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-0.9.8p-i486-1_slack12.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.0.tgz\n\nUpdated packages for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-0.9.8p-i486-1_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.1.tgz\n\nUpdated packages for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8p-i486-1_slack12.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.2.tgz\n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8p-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8p-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8p-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8p-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8p-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8p-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8p-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-0.9.8p-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-0.9.8p-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-0.9.8p-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-0.9.8p-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 packages:\n4afbe28d45b8a2308300117677d3fe55 openssl-0.9.8p-i486-1_slack11.0.tgz\n86e5c3024bb98af3b8f95dea0d25ddb1 openssl-solibs-0.9.8p-i486-1_slack11.0.tgz\n\nSlackware 12.0 packages:\nb6ca9a74664750269ff8d496619d7864 openssl-0.9.8p-i486-1_slack12.0.tgz\nb8933914f64907f0251beada06ca8325 openssl-solibs-0.9.8p-i486-1_slack12.0.tgz\n\nSlackware 12.1 packages:\n714055dcb36d66df90dd3ab39d1a8ffc openssl-0.9.8p-i486-1_slack12.1.tgz\n44721199ecb279310c1c78823aca2642 openssl-solibs-0.9.8p-i486-1_slack12.1.tgz\n\nSlackware 12.2 packages:\nf056a02b0c6ee9bbbd2351779104a5b5 openssl-0.9.8p-i486-1_slack12.2.tgz\nacd1c70ff6809c1395b238172c159c07 openssl-solibs-0.9.8p-i486-1_slack12.2.tgz\n\nSlackware 13.0 packages:\nc016754f3c6423bbe316d62fd0c2e7cc openssl-0.9.8p-i486-1_slack13.0.txz\ne32ed64837187409745c13726ec93c9b openssl-solibs-0.9.8p-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n683ccd42679217f50cfde53ce78c14c2 openssl-0.9.8p-x86_64-1_slack13.0.txz\nb8302ed88259a4d075ec6577a5b68f4e openssl-solibs-0.9.8p-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\nb11344999caa9758c005e9cf4ca569de openssl-0.9.8p-i486-1_slack13.1.txz\n841a5ac55f7fc5192018740998ac33ce openssl-solibs-0.9.8p-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n9fc9e76fa50989b6e5e610f9aae01a83 openssl-0.9.8p-x86_64-1_slack13.1.txz\nabcdafbc53666b5b646ad6e7349ae987 openssl-solibs-0.9.8p-x86_64-1_slack13.1.txz\n\nSlackware -current packages:\n354568cef2205d0fde6a72c9768f4609 openssl-solibs-0.9.8p-i486-1.txz\n83316eab3f9f4bf90e5ffb003fee9eba openssl-0.9.8p-i486-1.txz\n\nSlackware x86_64 -current packages:\n74bae522783c8af4874b82e1ac6cb0de openssl-solibs-0.9.8p-x86_64-1.txz\na53b35c6a75c00d7d3b4dcec3cf4cdcd openssl-0.9.8p-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-0.9.8p-i486-1_slack13.1.txz openssl-solibs-0.9.8p-i486-1_slack13.1.txz", "modified": "2010-11-22T07:07:48", "published": "2010-11-22T07:07:48", "id": "SSA-2010-326-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793", "type": "slackware", "title": "[slackware-security] openssl", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:30:36", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245", "CVE-2009-3555"], "description": "The openSSL library was updated to add support for the new RFC5746 TLS renegotiation feature to address vulnerabilities tracked as CVE-2009-3555, backported from openssl 0.9.8m.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2010-04-06T16:55:06", "published": "2010-04-06T16:55:06", "id": "SUSE-SA:2010:020", "href": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00000.html", "type": "suse", "title": "remote denial of service, man in the middle in openssl", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245", "CVE-2009-4355", "CVE-2010-0433", "CVE-2010-0740"], "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "modified": "2010-04-09T03:42:47", "published": "2010-04-09T03:42:47", "id": "FEDORA:AD9B611063F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: openssl-1.0.0-1.fc13", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3245", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0433", "CVE-2010-0740"], "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "modified": "2010-05-25T18:42:18", "published": "2010-05-25T18:42:18", "id": "FEDORA:4C502110FE5", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: openssl-1.0.0-4.fc12", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:09", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3210", "CVE-2010-0740", "CVE-2010-2939", "CVE-2009-4355", "CVE-2010-4180", "CVE-2010-0742", "CVE-2009-3245", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-0433", "CVE-2010-3864", "CVE-2010-4252", "CVE-2011-3207"], "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. \n\n### Description\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could cause a Denial of Service, possibly execute arbitrary code, bypass intended key requirements, force the downgrade to unintended ciphers, bypass the need for knowledge of shared secrets and successfully authenticate, bypass CRL validation, or obtain sensitive information in applications that use OpenSSL. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll OpenSSL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-1.0.0e\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 17, 2011. It is likely that your system is already no longer affected by most of these issues.", "edition": 1, "modified": "2015-06-06T00:00:00", "published": "2011-10-09T00:00:00", "id": "GLSA-201110-01", "href": "https://security.gentoo.org/glsa/201110-01", "type": "gentoo", "title": "OpenSSL: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}