The Ubuntu 14.04 LTS host is affected by multiple OpenSSL vulnerabilities (USN-2639-1) leading to denial of service and potential code execution
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | OpenSSL multiple security vulnerabilities | 13 Jun 201500:00 | – | securityvulns |
![]() | [USN-2639-1] OpenSSL vulnerabilities | 13 Jun 201500:00 | – | securityvulns |
![]() | Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products | 10 May 201600:00 | – | openvas |
![]() | Ubuntu: Security Advisory (USN-2639-1) | 12 Jun 201500:00 | – | openvas |
![]() | Cisco NX-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products (cisco-sa-20150612-openssl) | 12 May 201600:00 | – | openvas |
![]() | Gentoo Security Advisory GLSA 201506-02 | 29 Sep 201500:00 | – | openvas |
![]() | Slackware: Security Advisory (SSA:2015-162-01) | 21 Apr 202200:00 | – | openvas |
![]() | Debian: Security Advisory (DSA-3287-1) | 12 Jun 201500:00 | – | openvas |
![]() | Debian Security Advisory DSA 3287-1 (openssl - security update) | 13 Jun 201500:00 | – | openvas |
![]() | HPE Network Products Remote Denial of Service (DoS), Unauthorized Access | 6 Jul 201600:00 | – | openvas |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2639-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(84148);
script_version("2.18");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/08/27");
script_cve_id(
"CVE-2014-8176",
"CVE-2015-1788",
"CVE-2015-1789",
"CVE-2015-1790",
"CVE-2015-1791",
"CVE-2015-1792"
);
script_bugtraq_id(75159);
script_xref(name:"USN", value:"2639-1");
script_name(english:"Ubuntu 14.04 LTS : OpenSSL vulnerabilities (USN-2639-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in
the USN-2639-1 advisory.
Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory
when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2014-8176)
Joseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed ECParameters structures. A remote
attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service. (CVE-2015-1788)
Robert Swiecki and Hanno Bck discovered that OpenSSL incorrectly handled certain ASN1_TIME strings. A
remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service.
(CVE-2015-1789)
Michal Zalewski discovered that OpenSSL incorrectly handled missing content when parsing ASN.1-encoded
PKCS#7 blobs. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of
service. (CVE-2015-1790)
Emilia Ksper discovered that OpenSSL incorrectly handled NewSessionTicket when being used by a multi-
threaded client. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial
of service. (CVE-2015-1791)
Johannes Bauer discovered that OpenSSL incorrectly handled verifying signedData messages using the CMS
code. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service.
(CVE-2015-1792)
As a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 768
bits, preventing a possible downgrade attack.
Tenable has extracted the preceding description block directly from the Ubuntu security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-2639-1");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-8176");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2015-1789");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/06/12");
script_set_attribute(attribute:"patch_publication_date", value:"2015/06/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0-udeb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openssl");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libcrypto1.0.0-udeb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libssl-dev");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '14.04', 'pkgname': 'libcrypto1.0.0-udeb', 'pkgver': '1.0.1f-1ubuntu2.15'},
{'osver': '14.04', 'pkgname': 'libssl-dev', 'pkgver': '1.0.1f-1ubuntu2.15'},
{'osver': '14.04', 'pkgname': 'libssl1.0.0', 'pkgver': '1.0.1f-1ubuntu2.15'},
{'osver': '14.04', 'pkgname': 'libssl1.0.0-udeb', 'pkgver': '1.0.1f-1ubuntu2.15'},
{'osver': '14.04', 'pkgname': 'openssl', 'pkgver': '1.0.1f-1ubuntu2.15'}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
var extra = '';
extra += ubuntu_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libcrypto1.0.0-udeb / libssl-dev / libssl1.0.0 / libssl1.0.0-udeb / etc');
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo