Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Eero VolotinenOPENVAS:1361412562310121048
HistorySep 29, 2015 - 12:00 a.m.

Gentoo Security Advisory GLSA 201310-10

2015-09-2900:00:00
Copyright (C) 2015 Eero Volotinen
plugins.openvas.org
18

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

7 High

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.04 Low

EPSS

Percentile

92.0%

JSON

Gentoo Linux Local Security Checks GLSA 201310-10

# SPDX-FileCopyrightText: 2015 Eero Volotinen
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.121048");
  script_version("2023-07-20T05:05:17+0000");
  script_tag(name:"creation_date", value:"2015-09-29 11:26:07 +0300 (Tue, 29 Sep 2015)");
  script_tag(name:"last_modification", value:"2023-07-20 05:05:17 +0000 (Thu, 20 Jul 2023)");
  script_name("Gentoo Security Advisory GLSA 201310-10");
  script_tag(name:"insight", value:"Multiple vulnerabilities have been discovered in PolarSSL. Please review the CVE identifiers referenced below for details.");
  script_tag(name:"solution", value:"Update the affected packages to the latest available version.");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"URL", value:"https://security.gentoo.org/glsa/201310-10");
  script_cve_id("CVE-2011-1923", "CVE-2012-2130", "CVE-2013-0169", "CVE-2013-1621", "CVE-2013-4623", "CVE-2013-5915");
  script_tag(name:"cvss_base", value:"5.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2019-12-18 20:15:00 +0000 (Wed, 18 Dec 2019)");
  script_tag(name:"qod_type", value:"package");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
  script_category(ACT_GATHER_INFO);
  script_tag(name:"summary", value:"Gentoo Linux Local Security Checks GLSA 201310-10");
  script_copyright("Copyright (C) 2015 Eero Volotinen");
  script_family("Gentoo Local Security Checks");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-gentoo.inc");

res = "";
report = "";

if((res=ispkgvuln(pkg:"net-libs/polarssl", unaffected: make_list("ge 1.3.0"), vulnerable: make_list("lt 1.3.0"))) != NULL) {
  report += res;
}

if(report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99);
}

Related

gentoo 1
nessus 41
openvas 35
fedora 13
mageia 2
cve 12
ubuntucve 14
prion 12
debian 2
securityvulns 7
osv 4
freebsd 3
ibm 23
veracode 3
f5 6
slackware 1
openssl 1
hackerone 1
debiancve 6
suse 2
altlinux 5
centos 2
oraclelinux 1
amazon 1
redhat 1
gentoo
gentoo
PolarSSL: Multiple vulnerabilities
2013-10-17 00:00:00
nessus
nessus
GLSA-201310-10 : PolarSSL: Multiple vulnerabilities
2013-10-18 00:00:00
Debian DSA-2782-1 : polarssl - several vulnerabilities
2013-10-22 00:00:00
Debian DSA-2622-1 : polarssl - several vulnerabilities
2013-02-14 00:00:00
openvas
openvas
Fedora Update for polarssl FEDORA-2013-18251
2013-10-15 00:00:00
Fedora Update for polarssl FEDORA-2013-18251
2013-10-15 00:00:00
Mageia: Security Advisory (MGASA-2013-0290)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: polarssl-1.2.9-1.fc18
2013-10-14 17:17:04
[SECURITY] Fedora 18 Update: polarssl-1.2.9-1.fc18
2013-10-14 07:00:42
[SECURITY] Fedora 18 Update: polarssl-1.2.8-1.fc18
2013-09-20 16:27:34
mageia
mageia
Updated polarssl package fixes security vulnerabilities
2013-09-25 01:41:53
Updated polarssl, pdns & ragel packages fix CVE-2013-5915
2013-12-01 01:15:26
cve
cve
CVE-2013-1621
2013-02-08 19:55:00
CVE-2013-5915
2013-10-04 17:55:00
CVE-2012-2130
2019-12-06 18:15:00
ubuntucve
ubuntucve
CVE-2013-1621
2013-02-08 00:00:00
CVE-2013-5915
2013-10-04 00:00:00
CVE-2012-2130
2019-12-06 00:00:00
prion
prion
Code injection
2013-02-08 19:55:00
Design/Logic Flaw
2013-10-04 17:55:00
Security feature bypass
2019-12-06 18:15:00
debian
debian
[SECURITY] [DSA 2782-1] polarssl security update
2013-10-20 16:41:19
[SECURITY] [DSA 2622-1] polarssl security update
2013-02-13 20:17:01
securityvulns
securityvulns
[SECURITY] [DSA 2782-1] polarssl security update
2013-10-28 00:00:00
PolarSSL multiple security vulnerabilities
2013-10-28 00:00:00
[SECURITY] [DSA 2622-1] polarssl security update
2013-02-14 00:00:00
osv
osv
polarssl - several
2013-10-20 00:00:00
polarssl - several
2013-02-13 00:00:00
CVE-2016-2107
2016-05-05 01:59:00
freebsd
freebsd
polarssl -- Timing attack against protected RSA-CRT implementation
2013-10-01 00:00:00
polarssl -- denial of service vulnerability
2013-06-21 00:00:00
FreeBSD -- OpenSSL multiple vulnerabilities
2013-04-02 00:00:00
ibm
ibm
Security Bulletin: Java Vulnerability in Rational Automation Framework (CVE-2013-0169)
2018-06-17 04:48:04
Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Express for the Oracle CPU April 2013.
2022-09-25 21:06:56
Security Bulletin: Rational Build Forge Security Advisory (CVE-2013-0169)
2018-06-17 04:47:31
veracode
veracode
Timing Attacks
2017-02-10 05:59:15
Timing Side- Channel Attack
2019-01-15 08:52:54
Padding Oracle Attack
2017-01-27 03:10:31
f5
f5
K14190 : TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169
2015-04-30 00:00:00
SOL14190 - TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169
2013-02-08 00:00:00
K15637 : GnuTLS vulnerability CVE-2013-2116
2014-10-16 00:00:00
slackware
slackware
openssl
2013-02-11 23:49:59
openssl
openssl
Vulnerability in OpenSSL CVE-2013-0169
2013-02-04 00:00:00
hackerone
hackerone
Legal Robot: LUCKY13 (CVE-2013-0169) effects legalrobot.com
2017-07-30 20:00:47
debiancve
debiancve
CVE-2013-0169
2013-02-08 19:55:00
CVE-2011-5095
2012-06-20 17:55:00
CVE-2013-1620
2013-02-08 19:55:00
suse
suse
java-1_6_0-openjdk: update to icedtea 1.12.3 (important)
2013-03-01 18:04:30
Security update for Java (important)
2013-02-22 20:04:33
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 6 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
centos
centos
java security update
2013-02-20 20:11:32
java security update
2013-02-20 20:33:43
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-02-20 00:00:00
amazon
amazon
Critical: openssl
2014-04-07 17:26:00
redhat
redhat
(RHSA-2013:0783) Moderate: openssl security update
2013-05-01 17:58:17

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

7 High

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.04 Low

EPSS

Percentile

92.0%

JSON
Related for OPENVAS:1361412562310121048
gentoo1nessus41openvas35fedora13mageia2cve12ubuntucve14prion12debian2securityvulns7osv4freebsd3ibm23veracode3f56slackware1openssl1hackerone1debiancve6suse2altlinux5centos2oraclelinux1amazon1redhat1