Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:1361412562310833865HistoryMar 04, 2024 - 12:00 a.m.
openSUSE: Security Advisory for openssl (SUSE-SU-2023:0312-1)
2024-03-0400:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
4
opensuse leap 15.4
openssl-3
security update
cve-2023-0286
cve-2023-0401
cve-2023-0217
cve-2023-0216
cve-2023-0215
cve-2022-4450
cve-2022-4304
cve-2022-4203
x.400
pkcs7
dsa
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.833865");
script_version("2024-05-16T05:05:35+0000");
script_cve_id("CVE-2022-4203", "CVE-2022-4304", "CVE-2022-4450", "CVE-2023-0215", "CVE-2023-0216", "CVE-2023-0217", "CVE-2023-0286", "CVE-2023-0401");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"last_modification", value:"2024-05-16 05:05:35 +0000 (Thu, 16 May 2024)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-02-18 21:48:41 +0000 (Sat, 18 Feb 2023)");
script_tag(name:"creation_date", value:"2024-03-04 07:58:27 +0000 (Mon, 04 Mar 2024)");
script_name("openSUSE: Security Advisory for openssl (SUSE-SU-2023:0312-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=openSUSELeap15\.4");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2023:0312-1");
script_xref(name:"URL", value:"https://lists.opensuse.org/archives/list/[email protected]/thread/WWQWLC3LJY2N4BGDCWGGE2BR2U2NOYKO");
script_tag(name:"summary", value:"The remote host is missing an update for the 'openssl'
package(s) announced via the SUSE-SU-2023:0312-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for openssl-3 fixes the following issues:
Security fixes:
- CVE-2023-0286: Fixed X.400 address type confusion in X.509
GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0401: Fixed NULL pointer dereference during PKCS7 data
verification (bsc#1207541).
- CVE-2023-0217: Fixed NULL pointer dereference validating DSA public key
(bsc#1207540).
- CVE-2023-0216: Fixed invalid pointer dereference in d2i_PKCS7 functions
(bsc#1207539).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF()
(bsc#1207536).
- CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex()
(bsc#1207538).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
- CVE-2022-4203: Fixed read Buffer Overflow with X.509 Name Constraints
(bsc#1207535).
Non-security fixes:
- Fix SHA, SHAKE, KECCAK ASM and EC ASM flag passing (bsc#1206222).
- Enable zlib compression support (bsc#1195149).
- Add crypto-policies dependency.");
script_tag(name:"affected", value:"'openssl' package(s) on openSUSE Leap 15.4.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "openSUSELeap15.4") {
if(!isnull(res = isrpmvuln(pkg:"libopenssl-3-devel", rpm:"libopenssl-3-devel~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl3", rpm:"libopenssl3~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl3-debuginfo", rpm:"libopenssl3-debuginfo~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssl-3", rpm:"openssl-3~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssl-3-debuginfo", rpm:"openssl-3-debuginfo~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssl-3-debugsource", rpm:"openssl-3-debugsource~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl-3-devel-32bit", rpm:"libopenssl-3-devel-32bit~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl3-32bit", rpm:"libopenssl3-32bit~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl3-32bit-debuginfo", rpm:"libopenssl3-32bit-debuginfo~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssl-3-doc", rpm:"openssl-3-doc~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl-3-devel", rpm:"libopenssl-3-devel~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl3", rpm:"libopenssl3~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl3-debuginfo", rpm:"libopenssl3-debuginfo~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssl-3", rpm:"openssl-3~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssl-3-debuginfo", rpm:"openssl-3-debuginfo~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssl-3-debugsource", rpm:"openssl-3-debugsource~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl-3-devel-32bit", rpm:"libopenssl-3-devel-32bit~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl3-32bit", rpm:"libopenssl3-32bit~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libopenssl3-32bit-debuginfo", rpm:"libopenssl3-32bit-debuginfo~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"openssl-3-doc", rpm:"openssl-3-doc~3.0.1~150400.4.17.1", rls:"openSUSELeap15.4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);Related
nessus
nessus
RHEL 9 : openssl (RHSA-2023:1199)
2023-03-14 00:00:00
Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-101)
2023-03-21 00:00:00
oraclelinux
oraclelinux
openssl security update
2023-03-01 00:00:00
openssl security and bug fix update
2023-02-28 00:00:00
edk2 security update
2023-12-06 00:00:00
openvas
openvas
Fedora: Security Advisory for openssl (FEDORA-2023-a5564c0a3f)
2023-02-23 00:00:00
Fedora: Security Advisory for openssl (FEDORA-2023-57f33242bc)
2023-02-11 00:00:00
Ubuntu: Security Advisory (USN-5844-1)
2023-02-08 00:00:00
ibm
ibm
redhat
redhat
(RHSA-2023:0946) Important: openssl security and bug fix update
2023-02-28 07:52:54
(RHSA-2023:1199) Important: openssl security and bug fix update
2023-03-14 13:18:56
(RHSA-2023:2932) Important: edk2 security update
2023-05-16 05:58:27
almalinux
almalinux
Moderate: openssl security and bug fix update
2023-02-28 00:00:00
Important: openssl security update
2023-03-22 00:00:00
Important: edk2 security update
2023-05-16 00:00:00
osv
osv
Moderate: openssl security and bug fix update
2023-02-28 00:00:00
Important: openssl security and bug fix update
2023-03-29 16:47:51
openssl vulnerabilities
2023-02-07 17:20:39
fedora
fedora
[SECURITY] Fedora 37 Update: openssl-3.0.8-1.fc37
2023-02-11 00:33:44
[SECURITY] Fedora 36 Update: openssl-3.0.8-1.fc36
2023-02-22 11:09:09
[SECURITY] Fedora 36 Update: edk2-20221117gitfff6d81270b5-14.fc36
2023-03-05 00:54:06
ubuntu
ubuntu
OpenSSL vulnerabilities
2023-02-07 00:00:00
Node.js vulnerabilities
2024-01-03 00:00:00
freebsd
freebsd
OpenSSL -- Multiple vulnerabilities
2023-02-07 00:00:00
FreeBSD -- Multiple vulnerabilities in OpenSSL
2023-02-16 00:00:00
cloudfoundry
cloudfoundry
USN-5844-1: OpenSSL vulnerabilities | Cloud Foundry
2023-02-24 00:00:00
rocky
rocky
openssl security and bug fix update
2023-03-29 16:47:51
openssl security update
2023-03-28 13:07:30
aix
aix
Multiple vulnerabilities in OpenSSL affect AIX
2023-03-21 13:26:15
thn
thn
OpenSSL Fixes Multiple New Security Flaws with Latest Update
2023-02-09 09:51:00
redos
redos
ROS-20230418-05
2023-04-18 00:00:00
f5
f5
mageia
mageia
Updated openssl packages fix security vulnerability
2023-04-11 22:02:20
slackware
slackware
[slackware-security] openssl
2023-02-07 20:57:57
amazon
amazon
Important: openssl11
2023-02-03 19:19:00
Important: openssl
2023-02-03 19:19:00
Important: openssl
2023-02-03 23:39:00
ics
ics
Siemens SCALANCE W1750D Devices
2023-03-16 12:00:00
Hitachi Energy Lumada APM Edge
2023-09-12 12:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:03.openssl
2023-02-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1t-alt1
2023-02-20 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1t-alt1
2023-02-10 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0530
2023-02-10 00:00:00
debian
debian
[SECURITY] [DLA 3325-1] openssl security update
2023-02-20 11:11:44
7.4 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.3%
Related for OPENVAS:1361412562310833865