{"id": "OPENVAS:1361412562310862566", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for openssl FEDORA-2010-17847", "description": "Check for the Version of openssl", "published": "2010-11-23T00:00:00", "modified": "2018-01-17T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862566", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html", "2010-17847"], "cvelist": ["CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864"], "immutableFields": [], "lastseen": "2018-01-18T11:04:39", "viewCount": 6, "enchantments": {"score": {"value": -0.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:38A528B1-7F68-45C8-911E-1D3F8DC5EDB4"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2010-354"]}, {"type": "cve", "idList": ["CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2125-1:4BD9E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-0742", "DEBIANCVE:CVE-2010-1633", "DEBIANCVE:CVE-2010-3864"]}, {"type": "f5", "idList": ["F5:K12566", "F5:K17248", "F5:K93959105", "SOL12566", "SOL17248"]}, {"type": "fedora", "idList": ["FEDORA:5429A1108EB", "FEDORA:564D5110A27", "FEDORA:6B3FC110D28", "FEDORA:776A61D72B0", "FEDORA:7EA761108D8", "FEDORA:8385C29043", "FEDORA:9DFF1E720F", "FEDORA:B31D6110781", "FEDORA:C8F7F110906", "FEDORA:D404110F950", "FEDORA:EABE2110DCF"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-10:10.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "ibm", "idList": ["1DC0A9C6D3EFE4EEA571DAAA9286B8F974D5ECF8F3BAAA188781D697B6DC2546", "306F0F5B9EBAA5A123DBEA7D5C32E94515078239AFA1D40465B7275E07FFDD37", "583215B42F049307CBBCA8930CB40F87016DA7B011EFC8B5B01AB18DCA1B1F3E", "8F73A6D9460746098942CDD034332E627DD5C59C903F65333D90F95100657ED8", "9565FEEA0E13F1CACE459E1DD36D5E9CAB4712E2148193C52D850073C5948478", "B8CDE2E20BC16C41FC85BA2A86684E11CDAD295FBFA9F508C045F715A67AC321", "E0A58ED8F9D2EAC5F3D7B7629F5373292F4D9CAE0E0ACB4EFB9DF940BFA17EC8", "E718305B80885810F902CE850143D8E41B3321E883AB24867E49DDC4822F4153"]}, {"type": "lenovo", "idList": ["LENOVO:PS500190-INTEL-PROSETWIRELESS-WIFI-SOFTWARE-VULNERABILITIES-NOSID", "LENOVO:PS500190-NOSID"]}, {"type": "nessus", "idList": ["5559.PRM", "5924.PRM", "5968.PRM", "800790.PRM", "801057.PRM", "ADOBE_FMS_4_0_2.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "DEBIAN_DSA-2125.NASL", "EULEROS_SA-2019-1547.NASL", "F5_BIGIP_SOL17248.NASL", "FEDORA_2010-17826.NASL", "FEDORA_2010-17827.NASL", "FEDORA_2010-17847.NASL", "FEDORA_2010-9421.NASL", "FEDORA_2010-9574.NASL", "FEDORA_2010-9639.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "GENTOO_GLSA-201110-01.NASL", "MACOSX_10_6_8.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "OPENSSL_1_0_0A.NASL", "REDHAT-RHSA-2010-0888.NASL", "SLACKWARE_SSA_2010-326-01.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "UBUNTU_USN-1018-1.NASL", "VMWARE_VMSA-2011-0003.NASL", "VMWARE_VMSA-2011-0003_REMOTE.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-0742", "OPENSSL:CVE-2010-1633", "OPENSSL:CVE-2010-3864"]}, {"type": "openvas", "idList": ["OPENVAS:103454", "OPENVAS:1361412562310100668", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310103454", "OPENVAS:1361412562310122262", "OPENVAS:136141256231068673", "OPENVAS:136141256231068703", "OPENVAS:136141256231068704", "OPENVAS:136141256231070764", "OPENVAS:1361412562310831251", "OPENVAS:1361412562310835245", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310862152", "OPENVAS:1361412562310862158", "OPENVAS:1361412562310862163", "OPENVAS:1361412562310862568", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310862849", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310902466", "OPENVAS:1361412562311220191547", "OPENVAS:68673", "OPENVAS:68703", "OPENVAS:68704", "OPENVAS:70764", "OPENVAS:831251", "OPENVAS:835245", "OPENVAS:835251", "OPENVAS:840540", "OPENVAS:862152", "OPENVAS:862158", "OPENVAS:862163", "OPENVAS:862566", "OPENVAS:862568", "OPENVAS:862631", "OPENVAS:862721", "OPENVAS:862737", "OPENVAS:862849", "OPENVAS:862920", "OPENVAS:863499", "OPENVAS:902466"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2015-3022", "ELSA-2019-4581", "ELSA-2019-4747"]}, {"type": "osv", "idList": ["OSV:DSA-2125-1"]}, {"type": "redhat", "idList": ["RHSA-2010:0888"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11754"]}, {"type": "seebug", "idList": ["SSV:19727", "SSV:19735", "SSV:19736"]}, {"type": "slackware", "idList": ["SSA-2010-326-01"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-0742", "UB:CVE-2010-1633", "UB:CVE-2010-3864"]}]}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:38A528B1-7F68-45C8-911E-1D3F8DC5EDB4"]}, {"type": "cert", "idList": ["VU:737740"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2010-354"]}, {"type": "cve", "idList": ["CVE-2010-0742"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2125-1:26495"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-1633"]}, {"type": "f5", "idList": ["SOL12566", "SOL17248"]}, {"type": "fedora", "idList": ["FEDORA:C8F7F110906"]}, {"type": "freebsd", "idList": ["3042C33A-F237-11DF-9D02-0018FE623F2B"]}, {"type": "gentoo", "idList": ["GLSA-201110-01"]}, {"type": "ibm", "idList": ["583215B42F049307CBBCA8930CB40F87016DA7B011EFC8B5B01AB18DCA1B1F3E"]}, {"type": "lenovo", "idList": ["LENOVO:PS500190-NOSID"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL17248.NASL", "FEDORA_2010-9421.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2010-3864"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103454", "OPENVAS:1361412562310862721", "OPENVAS:831251", "OPENVAS:862152"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4747"]}, {"type": "redhat", "idList": ["RHSA-2010:0888"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11754"]}, {"type": "seebug", "idList": ["SSV:19736"]}, {"type": "ubuntu", "idList": ["USN-1018-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-1633"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2010-0742", "epss": "0.251030000", "percentile": "0.959040000", "modified": "2023-03-15"}, {"cve": "CVE-2010-1633", "epss": "0.008500000", "percentile": "0.796590000", "modified": "2023-03-15"}, {"cve": "CVE-2010-3864", "epss": "0.316350000", "percentile": "0.962750000", "modified": "2023-03-15"}], "vulnersScore": -0.1}, "_state": {"dependencies": 1678915652, "score": 1678917189, "epss": 1678933836}, "_internal": {"score_hash": "ac85ad0ed849c9eb2c6afd6d0cbc675a"}, "pluginID": "1361412562310862566", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-17847\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862566\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17847\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2010-17847\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0b~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}
{"fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2010-11-21T21:53:49", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: openssl-1.0.0b-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2010-11-21T21:53:49", "id": "FEDORA:7EA761108D8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RDOUQ24UJCFMTUHJ572GYVFUYI2OOVY4/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2010-12-17T08:35:37", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: openssl-1.0.0c-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-4180"], "modified": "2010-12-17T08:35:37", "id": "FEDORA:C8F7F110906", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/W7742PDQR2AYRUXLHKR36I2IUFLNPVRF/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2010-06-15T15:59:21", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: openssl-1.0.0a-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2010-06-15T15:59:21", "id": "FEDORA:EABE2110DCF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/52HWLYL2UVITS2KFUXHOSZ4H7TMDJ2JF/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2010-11-21T21:57:22", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: openssl-1.0.0b-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2010-11-21T21:57:22", "id": "FEDORA:5429A1108EB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7I456LA7TBDIFEY3BZ2YS2DTQIME3HLT/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2011-03-17T18:49:43", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: openssl-1.0.0d-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-4180", "CVE-2011-0014"], "modified": "2011-03-17T18:49:43", "id": "FEDORA:564D5110A27", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7RRS3TQVAEWMK2DNJT4OALEMQ6AUATZM/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2010-06-16T17:44:27", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: openssl-1.0.0a-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633"], "modified": "2010-06-16T17:44:27", "id": "FEDORA:8385C29043", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2WFJURI3NJ3AKNZHMWYJ4XGCKFIVFZ75/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2010-11-19T22:30:34", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: openssl-1.0.0b-1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2010-11-19T22:30:34", "id": "FEDORA:D404110F950", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PW2C5Z24QNALS55DQVFP2ROXNCZNTKIE/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2010-12-10T20:26:33", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: openssl-1.0.0c-1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864", "CVE-2010-4180"], "modified": "2010-12-10T20:26:33", "id": "FEDORA:B31D6110781", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TLTUHFASXFOI2EW6CWUQJDLYHCGJLLVO/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2011-02-14T20:28:21", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: openssl-1.0.0d-1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864", "CVE-2010-4180", "CVE-2011-0014"], "modified": "2011-02-14T20:28:21", "id": "FEDORA:6B3FC110D28", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PDHLII6VKH6WVOIX7OIHCF4CEJDZKD6M/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2011-09-10T23:55:13", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: openssl-1.0.0e-1.fc14", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864", "CVE-2010-4180", "CVE-2011-0014", "CVE-2011-3207"], "modified": "2011-09-10T23:55:13", "id": "FEDORA:9DFF1E720F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5NAUVEBOX6I2K3NQEBXBBIND55SOEIQ6/", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {}, "published": "2010-06-21T21:43:21", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: openssl-0.9.8n-2.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3245", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0433", "CVE-2010-0740", "CVE-2010-0742"], "modified": "2010-06-21T21:43:21", "id": "FEDORA:776A61D72B0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FBPTE4MEZRNHTTROQTKAIKOC7XYII4FE/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-12-20T13:17:47", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-17847", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862566", "href": "http://plugins.openvas.org/nasl.php?oid=862566", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-17847\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html\");\n script_id(862566);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17847\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2010-17847\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0b~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-15T11:57:59", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-18736", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:862737", "href": "http://plugins.openvas.org/nasl.php?oid=862737", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-18736\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html\");\n script_id(862737);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18736\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2010-18736\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-03T10:54:37", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-18736", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:1361412562310862737", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862737", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-18736\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862737\");\n script_version(\"$Revision: 8269 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 08:28:22 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18736\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2010-18736\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:02", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-9574", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:862158", "href": "http://plugins.openvas.org/nasl.php?oid=862158", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-9574\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042855.html\");\n script_id(862158);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-9574\");\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2010-9574\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-19T15:05:02", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-9574", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:1361412562310862158", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862158", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-9574\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042855.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862158\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-9574\");\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2010-9574\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-20T13:17:37", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-17826", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4355", "CVE-2010-0742", "CVE-2009-3555", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862568", "href": "http://plugins.openvas.org/nasl.php?oid=862568", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-17826\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 12\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html\");\n script_id(862568);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17826\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\", \"CVE-2009-4355\", \"CVE-2009-3555\");\n script_name(\"Fedora Update for openssl FEDORA-2010-17826\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0b~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-17T11:05:10", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-17826", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4355", "CVE-2010-0742", "CVE-2009-3555", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310862568", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862568", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-17826\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 12\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862568\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17826\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\", \"CVE-2009-4355\", \"CVE-2009-3555\");\n script_name(\"Fedora Update for openssl FEDORA-2010-17826\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0b~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:40", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2011-03-24T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2011-1255", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862920", "href": "http://plugins.openvas.org/nasl.php?oid=862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 13\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_id(862920);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-03-24T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2011-1255", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-0742", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-3864"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862920", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1255\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056102.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862920\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-1255\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\", \"CVE-2010-0742\", \"CVE-2010-1633\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1255\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:54:30", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-9639", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4355", "CVE-2010-0742", "CVE-2009-3555", "CVE-2010-1633"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:862152", "href": "http://plugins.openvas.org/nasl.php?oid=862152", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-9639\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 12\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042919.html\");\n script_id(862152);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-9639\");\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-1633\", \"CVE-2009-4355\", \"CVE-2009-3555\");\n script_name(\"Fedora Update for openssl FEDORA-2010-9639\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-22T13:05:53", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-9639", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4355", "CVE-2010-0742", "CVE-2009-3555", "CVE-2010-1633"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310862152", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862152", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-9639\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 12\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042919.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862152\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-9639\");\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-1633\", \"CVE-2009-4355\", \"CVE-2009-3555\");\n script_name(\"Fedora Update for openssl FEDORA-2010-9639\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:29", "description": "Check for the Version of OpenSSL", "cvss3": {}, "published": "2011-01-04T00:00:00", "type": "openvas", "title": "HP-UX Update for OpenSSL HPSBUX02610", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0742"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:835245", "href": "http://plugins.openvas.org/nasl.php?oid=835245", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for OpenSSL HPSBUX02610\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\";\ntag_affected = \"OpenSSL on\n HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08o.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX OpenSSL. \n This vulnerability could be exploited remotely to execute arbitrary code or \n create a Denial of Service (DoS).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02629503\");\n script_id(835245);\n script_version(\"$Revision: 6582 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:11:56 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-04 15:48:51 +0100 (Tue, 04 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"HPSBUX\", value: \"02610\");\n script_cve_id(\"CVE-2010-0742\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02610\");\n\n script_summary(\"Check for the Version of OpenSSL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-07-17T14:31:33", "description": "OpenSSL is prone to a remote memory-corruption vulnerability.", "cvss3": {}, "published": "2010-06-04T00:00:00", "type": "openvas", "title": "OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0742"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310100668", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100668", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100668\");\n script_version(\"2019-07-05T09:29:25+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:29:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2010-06-04 13:05:19 +0200 (Fri, 04 Jun 2010)\");\n script_bugtraq_id(40502);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-0742\");\n\n script_name(\"OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability\");\n\n script_xref(name:\"URL\", value:\"https://www.securityfocus.com/bid/40502\");\n script_xref(name:\"URL\", value:\"http://www.openssl.org/news/secadv_20100601.txt\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"gb_openssl_detect_win.nasl\");\n script_mandatory_keys(\"openssl/detected\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"OpenSSL is prone to a remote memory-corruption vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"According to its banner the remote Webserver is using a version prior\n to OpenSSL 0.9.8o/1.0.0a which is vulnerable.\");\n\n script_tag(name:\"insight\", value:\"An attacker can exploit this issue by supplying specially crafted\n structures to a vulnerable application that uses the affected library.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue can allow the attacker to execute\n arbitrary code. Failed exploit attempts will result in a denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"Versions of OpenSSL 0.9.8.h through 0.9.8n and OpenSSL 1.0.x prior to\n 1.0.0a are affected. Note that Cryptographic Message Syntax (CMS)\n functionality is only enabled by default in OpenSSL versions 1.0.x.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^0\\.9\\.([0-7]([^0-9]|$)|8([^a-z0-9]|[a-n]|$))\" ||\n vers =~ \"^1\\.0\\.0(-beta|$)\") {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"0.9.8o/1.0.0a\", install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:57", "description": "The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.", "cvss3": {}, "published": "2011-01-04T00:00:00", "type": "openvas", "title": "HP-UX Update for OpenSSL HPSBUX02610", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0742"], "modified": "2018-10-04T00:00:00", "id": "OPENVAS:1361412562310835245", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835245", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_ux_HPSBUX02610.nasl 11739 2018-10-04 07:49:31Z cfischer $\n#\n# HP-UX Update for OpenSSL HPSBUX02610\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02629503\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835245\");\n script_version(\"$Revision: 11739 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-04 09:49:31 +0200 (Thu, 04 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-04 15:48:51 +0100 (Tue, 04 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"HPSBUX\", value:\"02610\");\n script_cve_id(\"CVE-2010-0742\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02610\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/hp_pkgrev\", re:\"ssh/login/release=HPUX(11\\.31|11\\.23|11\\.11)\");\n\n script_tag(name:\"impact\", value:\"Remote execution of arbitrary code, Denial of Service (DoS)\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08o.\");\n\n script_tag(name:\"insight\", value:\"A potential security vulnerability has been identified with HP-UX OpenSSL.\n This vulnerability could be exploited remotely to execute arbitrary code or\n create a Denial of Service (DoS).\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = hpux_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08o.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08o.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08o.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-18T10:58:18", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2010:238 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:831251", "href": "http://plugins.openvas.org/nasl.php?oid=831251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2010:238 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered in openssl that causes a race condition\n within the TLS extension parsing code and which can be exploited to\n cause a heap-based buffer overflow (CVE-2010-3864).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openssl on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00032.php\");\n script_id(831251);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:238\");\n script_cve_id(\"CVE-2010-3864\");\n script_name(\"Mandriva Update for openssl MDVSA-2010:238 (openssl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-devel\", rpm:\"libopenssl1.0.0-devel~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-static-devel\", rpm:\"libopenssl1.0.0-static-devel~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-devel\", rpm:\"lib64openssl1.0.0-devel~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-static-devel\", rpm:\"lib64openssl1.0.0-static-devel~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:57:44", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-17827", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:862631", "href": "http://plugins.openvas.org/nasl.php?oid=862631", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-17827\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html\");\n script_id(862631);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17827\");\n script_cve_id(\"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2010-17827\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0b~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:53:28", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-17827", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:1361412562310862631", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862631", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-17827\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862631\");\n script_version(\"$Revision: 8314 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-17827\");\n script_cve_id(\"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2010-17827\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0b~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:21", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1018-1", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl vulnerability USN-1018-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:1361412562310840540", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840540", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1018_1.nasl 8228 2017-12-22 07:29:52Z teissa $\n#\n# Ubuntu Update for openssl vulnerability USN-1018-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Rob Hulswit discovered a race condition in the OpenSSL TLS server\n extension parsing code when used within a threaded server. A remote\n attacker could trigger this flaw to cause a denial of service\n or possibly execute arbitrary code with application privileges.\n (CVE-2010-3864)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1018-1\";\ntag_affected = \"openssl vulnerability on Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1018-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840540\");\n script_version(\"$Revision: 8228 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 08:29:52 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1018-1\");\n script_cve_id(\"CVE-2010-3864\");\n script_name(\"Ubuntu Update for openssl vulnerability USN-1018-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-udeb\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:04:37", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Mandriva Update for openssl MDVSA-2010:238 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:1361412562310831251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openssl MDVSA-2010:238 (openssl)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered in openssl that causes a race condition\n within the TLS extension parsing code and which can be exploited to\n cause a heap-based buffer overflow (CVE-2010-3864).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\n \n The updated packages have been patched to correct this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openssl on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00032.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831251\");\n script_version(\"$Revision: 8338 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 09:00:38 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:238\");\n script_cve_id(\"CVE-2010-3864\");\n script_name(\"Mandriva Update for openssl MDVSA-2010:238 (openssl)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8h~3.8mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0\", rpm:\"libopenssl1.0.0~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-devel\", rpm:\"libopenssl1.0.0-devel~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl1.0.0-static-devel\", rpm:\"libopenssl1.0.0-static-devel~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl-engines1.0.0\", rpm:\"libopenssl-engines1.0.0~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0\", rpm:\"lib64openssl1.0.0~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-devel\", rpm:\"lib64openssl1.0.0-devel~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl1.0.0-static-devel\", rpm:\"lib64openssl1.0.0-static-devel~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl-engines1.0.0\", rpm:\"lib64openssl-engines1.0.0~1.0.0a~1.5mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8k~5.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8\", rpm:\"libopenssl0.9.8~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-devel\", rpm:\"libopenssl0.9.8-devel~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopenssl0.9.8-static-devel\", rpm:\"libopenssl0.9.8-static-devel~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8\", rpm:\"lib64openssl0.9.8~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-devel\", rpm:\"lib64openssl0.9.8-devel~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64openssl0.9.8-static-devel\", rpm:\"lib64openssl0.9.8-static-devel~0.9.8h~3.8mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:28", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "FreeBSD Ports: openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:68703", "href": "http://plugins.openvas.org/nasl.php?oid=68703", "sourceData": "#\n#VID 3042c33a-f237-11df-9d02-0018fe623f2b\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 3042c33a-f237-11df-9d02-0018fe623f2b\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: openssl\n\nCVE-2010-3864\nMultiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through\n0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching\nare enabled on a TLS server, might allow remote attackers to execute\narbitrary code via client data that triggers a heap-based buffer\noverflow, related to (1) the TLS server name extension and (2)\nelliptic curve cryptography.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://openssl.org/news/secadv_20101116.txt\nhttp://www.vuxml.org/freebsd/3042c33a-f237-11df-9d02-0018fe623f2b.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(68703);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-3864\");\n script_name(\"FreeBSD Ports: openssl\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"openssl\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.0_2\")<0) {\n txt += 'Package openssl version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:17:51", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1018-1", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl vulnerability USN-1018-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840540", "href": "http://plugins.openvas.org/nasl.php?oid=840540", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1018_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for openssl vulnerability USN-1018-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Rob Hulswit discovered a race condition in the OpenSSL TLS server\n extension parsing code when used within a threaded server. A remote\n attacker could trigger this flaw to cause a denial of service\n or possibly execute arbitrary code with application privileges.\n (CVE-2010-3864)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1018-1\";\ntag_affected = \"openssl vulnerability on Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1018-1/\");\n script_id(840540);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 15:30:07 +0100 (Tue, 23 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1018-1\");\n script_cve_id(\"CVE-2010-3864\");\n script_name(\"Ubuntu Update for openssl vulnerability USN-1018-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-16ubuntu3.4\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-udeb\", ver:\"0.9.8o-1ubuntu4.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8-dbg\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openssl-doc\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcrypto0.9.8-udeb\", ver:\"0.9.8g-4ubuntu3.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:04", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "FreeBSD Ports: openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:136141256231068703", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068703", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_openssl3.nasl 14170 2019-03-14 09:24:12Z cfischer $\n#\n# Auto generated from VID 3042c33a-f237-11df-9d02-0018fe623f2b\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68703\");\n script_version(\"$Revision: 14170 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 10:24:12 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-3864\");\n script_name(\"FreeBSD Ports: openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: openssl\n\nCVE-2010-3864\nMultiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through\n0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching\nare enabled on a TLS server, might allow remote attackers to execute\narbitrary code via client data that triggers a heap-based buffer\noverflow, related to (1) the TLS server name extension and (2)\nelliptic curve cryptography.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://openssl.org/news/secadv_20101116.txt\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/3042c33a-f237-11df-9d02-0018fe623f2b.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"openssl\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.0_2\")<0) {\n txt += 'Package openssl version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:12", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-01.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-01 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3210", "CVE-2010-0740", "CVE-2010-2939", "CVE-2009-4355", "CVE-2010-4180", "CVE-2010-0742", "CVE-2009-3245", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-0433", "CVE-2010-3864", "CVE-2010-4252", "CVE-2011-3207"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70764", "href": "http://plugins.openvas.org/nasl.php?oid=70764", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in OpenSSL, allowing for the\n execution of arbitrary code and other attacks.\";\ntag_solution = \"All OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.0.0e'\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since September 17, 2011. It is likely that your system is\n already no longer affected by most of these issues.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=303739\nhttp://bugs.gentoo.org/show_bug.cgi?id=308011\nhttp://bugs.gentoo.org/show_bug.cgi?id=322575\nhttp://bugs.gentoo.org/show_bug.cgi?id=332027\nhttp://bugs.gentoo.org/show_bug.cgi?id=345767\nhttp://bugs.gentoo.org/show_bug.cgi?id=347623\nhttp://bugs.gentoo.org/show_bug.cgi?id=354139\nhttp://bugs.gentoo.org/show_bug.cgi?id=382069\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201110-01.\";\n\n \n \nif(description)\n{\n script_id(70764);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-3245\", \"CVE-2009-4355\", \"CVE-2010-0433\", \"CVE-2010-0740\", \"CVE-2010-0742\", \"CVE-2010-1633\", \"CVE-2010-2939\", \"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\", \"CVE-2011-0014\", \"CVE-2011-3207\", \"CVE-2011-3210\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:38 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-01 (openssl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 1.0.0e\", \"rge 0.9.8r\"), vulnerable: make_list(\"lt 1.0.0e\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:06", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-01.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-01 (openssl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3210", "CVE-2010-0740", "CVE-2010-2939", "CVE-2009-4355", "CVE-2010-4180", "CVE-2010-0742", "CVE-2009-3245", "CVE-2011-0014", "CVE-2010-1633", "CVE-2010-0433", "CVE-2010-3864", "CVE-2010-4252", "CVE-2011-3207"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070764", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070764", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_01.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70764\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-3245\", \"CVE-2009-4355\", \"CVE-2010-0433\", \"CVE-2010-0740\", \"CVE-2010-0742\", \"CVE-2010-1633\", \"CVE-2010-2939\", \"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\", \"CVE-2011-0014\", \"CVE-2011-3207\", \"CVE-2011-3210\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:38 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-01 (openssl)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in OpenSSL, allowing for the\n execution of arbitrary code and other attacks.\");\n script_tag(name:\"solution\", value:\"All OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.0.0e'\n\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since September 17, 2011. It is likely that your system is\n already no longer affected by most of these issues.\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-01\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=303739\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=308011\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=322575\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=332027\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=345767\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=347623\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=354139\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=382069\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-01.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-libs/openssl\", unaffected: make_list(\"ge 1.0.0e\", \"rge 0.9.8r\"), vulnerable: make_list(\"lt 1.0.0e\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:50", "description": "Oracle Linux Local Security Checks ELSA-2010-0979", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0979", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122262", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122262", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0979.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122262\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:38 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0979\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0979 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0979\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0979.html\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~4.el6_0.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:54:56", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-18765", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:862721", "href": "http://plugins.openvas.org/nasl.php?oid=862721", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-18765\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html\");\n script_id(862721);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18765\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2010-18765\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-10-02T15:21:49", "description": "OpenSSL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2010-08-10T00:00:00", "type": "openvas", "title": "OpenSSL Multiple Vulnerabilities - Nov10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "modified": "2019-10-02T00:00:00", "id": "OPENVAS:1361412562310100751", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100751", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# OpenSSL 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100751\");\n script_version(\"2019-10-02T07:08:50+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-02 07:08:50 +0000 (Wed, 02 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2010-08-10 14:55:08 +0200 (Tue, 10 Aug 2010)\");\n script_bugtraq_id(42306, 44884);\n script_cve_id(\"CVE-2010-2939\", \"CVE-2010-3864\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_name(\"OpenSSL Multiple Vulnerabilities - Nov10\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20101116.txt\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/42306\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/44884\");\n script_xref(name:\"URL\", value:\"http://seclists.org/fulldisclosure/2010/Aug/84\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"gb_openssl_detect_win.nasl\");\n script_mandatory_keys(\"openssl/detected\");\n\n script_tag(name:\"summary\", value:\"OpenSSL is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"The following flaws exist:\n\n - Multiple race conditions in ssl/t1_lib.c, when multi-threading and internal caching are enabled on a TLS\n server related to the TLS server name extension and elliptic curve cryptography. (CVE-2010-3864)\n\n - Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c)\n when using ECDH. (CVE-2010-2939)\");\n\n script_tag(name:\"impact\", value:\"- might allow remote attackers execute arbitrary code via client data that\n triggers a heap-based buffer overflow. (CVE-2010-3864)\n\n - allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary\n code via a crafted private key with an invalid prime. (CVE-2010-2939)\");\n\n script_tag(name:\"affected\", value:\"The issue affects OpenSSL 0.9.8f through 0.9.8o, 1.0.0 and 1.0.0a.\");\n\n script_tag(name:\"solution\", value:\"Update to version 0.9.8p, 1.0.0a or later.\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"0.9.8f\", test_version2:\"0.9.8o\") ||\n version_in_range(version:vers, test_version:\"1.0.0\", test_version2:\"1.0.0a\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"0.9.8p/1.0.0a\", install_path:path);\n security_message(port:port, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-25T10:55:37", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-18765", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "modified": "2018-01-24T00:00:00", "id": "OPENVAS:1361412562310862721", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862721", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-18765\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862721\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18765\");\n script_cve_id(\"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2010-18765\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0c~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:41", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-10:10.openssl.asc", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "FreeBSD Security Advisory (FreeBSD-SA-10:10.openssl.asc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:68704", "href": "http://plugins.openvas.org/nasl.php?oid=68704", "sourceData": "#\n#ADV FreeBSD-SA-10:10.openssl.asc\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from ADV FreeBSD-SA-10:10.openssl.asc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_insight = \"FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library.\n\nA race condition exists in the OpenSSL TLS server extension code\nparsing when used in a multi-threaded application, which uses\nOpenSSL's internal caching mechanism. The race condition can lead to\na buffer overflow. [CVE-2010-3864]\n\nA double free exists in the SSL client ECDH handling code, when\nprocessing specially crafted public keys with invalid prime\nnumbers. [CVE-2010-2939]\";\ntag_solution = \"Upgrade your system to the appropriate stable release\nor security branch dated after the correction date\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-10:10.openssl.asc\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory FreeBSD-SA-10:10.openssl.asc\";\n\n\nif(description)\n{\n script_id(68704);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-2939\");\n script_name(\"FreeBSD Security Advisory (FreeBSD-SA-10:10.openssl.asc)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdpatchlevel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\nif(patchlevelcmp(rel:\"8.1\", patchlevel:\"2\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"8.0\", patchlevel:\"6\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"7.3\", patchlevel:\"4\")<0) {\n vuln = 1;\n}\nif(patchlevelcmp(rel:\"7.1\", patchlevel:\"16\")<0) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:56", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-326-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-326-01 openssl ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:68673", "href": "http://plugins.openvas.org/nasl.php?oid=68673", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_326_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\n13.1, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2010-326-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-326-01\";\n \nif(description)\n{\n script_id(68673);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2010-2939\", \"CVE-2010-3864\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2010-326-01 openssl \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:45", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-326-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-326-01 openssl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231068673", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068673", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_326_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68673\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2010-2939\", \"CVE-2010-3864\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2010-326-01 openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-326-01\");\n\n script_tag(name:\"insight\", value:\"New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\n13.1, and -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2010-326-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl\", ver:\"0.9.8p-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"openssl-solibs\", ver:\"0.9.8p-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:48", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory FreeBSD-SA-10:10.openssl.asc", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "FreeBSD Security Advisory (FreeBSD-SA-10:10.openssl.asc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:136141256231068704", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068704", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsdsa_openssl8.nasl 14170 2019-03-14 09:24:12Z cfischer $\n#\n# Auto generated from ADV FreeBSD-SA-10:10.openssl.asc\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68704\");\n script_version(\"$Revision: 14170 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 10:24:12 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-2939\");\n script_name(\"FreeBSD Security Advisory (FreeBSD-SA-10:10.openssl.asc)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdpatchlevel\");\n\n script_tag(name:\"insight\", value:\"FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library.\n\nA race condition exists in the OpenSSL TLS server extension code\nparsing when used in a multi-threaded application, which uses\nOpenSSL's internal caching mechanism. The race condition can lead to\na buffer overflow. [CVE-2010-3864]\n\nA double free exists in the SSL client ECDH handling code, when\nprocessing specially crafted public keys with invalid prime\nnumbers. [CVE-2010-2939]\");\n\n script_tag(name:\"solution\", value:\"Upgrade your system to the appropriate stable release\n or security branch dated after the correction date.\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-10:10.openssl.asc\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory FreeBSD-SA-10:10.openssl.asc\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\n\nif(patchlevelcmp(rel:\"8.1\", patchlevel:\"2\")<0) {\n vuln = TRUE;\n}\nif(patchlevelcmp(rel:\"8.0\", patchlevel:\"6\")<0) {\n vuln = TRUE;\n}\nif(patchlevelcmp(rel:\"7.3\", patchlevel:\"4\")<0) {\n vuln = TRUE;\n}\nif(patchlevelcmp(rel:\"7.1\", patchlevel:\"16\")<0) {\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(port:0);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:51", "description": "Check for the Version of OpenSSL", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for OpenSSL HPSBUX02638", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:835251", "href": "http://plugins.openvas.org/nasl.php?oid=835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_impact = \"Remote execution of arbitrary code\n Denial of Service (DoS)\n authentication bypass\";\ntag_affected = \"OpenSSL on\n HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\";\ntag_insight = \"A potential security vulnerability has been identified with HP-UX OpenSSL. \n This vulnerability could be exploited remotely to execute arbitrary code or \n create a Denial of Service (DoS) or an authentication bypass.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_id(835251);\n script_version(\"$Revision: 6582 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 16:11:56 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"HPSBUX\", value: \"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n\n script_summary(\"Check for the Version of OpenSSL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/release\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:47", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2011-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2011-1273", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862849", "href": "http://plugins.openvas.org/nasl.php?oid=862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_id(862849);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2011-1273", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862849", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-1273\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862849\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-1273\");\n script_cve_id(\"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-1273\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0d~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:58", "description": "The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "HP-UX Update for OpenSSL HPSBUX02638", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-3864", "CVE-2010-4252"], "modified": "2018-10-04T00:00:00", "id": "OPENVAS:1361412562310835251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310835251", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_ux_HPSBUX02638.nasl 11739 2018-10-04 07:49:31Z cfischer $\n#\n# HP-UX Update for OpenSSL HPSBUX02638\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02737002\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.835251\");\n script_version(\"$Revision: 11739 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-04 09:49:31 +0200 (Thu, 04 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"HPSBUX\", value:\"02638\");\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\");\n script_name(\"HP-UX Update for OpenSSL HPSBUX02638\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"HP-UX Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/hp_hp-ux\", \"ssh/login/hp_pkgrev\", re:\"ssh/login/release=HPUX(11\\.31|11\\.23|11\\.11)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"impact\", value:\"Remote execution of arbitrary code Denial of Service (DoS) authentication bypass\");\n\n script_tag(name:\"affected\", value:\"OpenSSL on HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q.\");\n\n script_tag(name:\"insight\", value:\"A potential security vulnerability has been identified with HP-UX OpenSSL.\n This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS) or an authentication bypass.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-hpux.inc\");\n\nrelease = hpux_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"HPUX11.31\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.003\", rls:\"HPUX11.31\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.23\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.002\", rls:\"HPUX11.23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"HPUX11.11\")\n{\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CER\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-CONF\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-DOC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-INC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-LIB\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MAN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-MIS\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PRNG\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-PVT\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-RUN\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = ishpuxpkgvuln(pkg:\"openssl.OPENSSL-SRC\", revision:\"A.00.09.08q.001\", rls:\"HPUX11.11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:45", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2011-09-12T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2011-12281", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863499", "href": "http://plugins.openvas.org/nasl.php?oid=863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 14\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_id(863499);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-12T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2011-12281", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2011-0014", "CVE-2010-3864", "CVE-2011-3207"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2011-12281\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065712.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863499\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-12281\");\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-0014\", \"CVE-2010-4180\", \"CVE-2010-3864\");\n script_name(\"Fedora Update for openssl FEDORA-2011-12281\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"openssl on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0e~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:54:23", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-06-25T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-9421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0740", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-4355", "CVE-2010-0742", "CVE-2009-3245", "CVE-2009-1378", "CVE-2009-3555", "CVE-2010-0433"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:1361412562310862163", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862163", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-9421\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 11\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043193.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862163\");\n script_version(\"$Revision: 8258 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 08:28:57 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-25 12:25:26 +0200 (Fri, 25 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-9421\");\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-0740\", \"CVE-2009-3245\", \"CVE-2009-3555\", \"CVE-2009-4355\", \"CVE-2010-0433\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\");\n script_name(\"Fedora Update for openssl FEDORA-2010-9421\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8n~2.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:38", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2010-06-25T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2010-9421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0740", "CVE-2009-1379", "CVE-2009-1377", "CVE-2009-4355", "CVE-2010-0742", "CVE-2009-3245", "CVE-2009-1378", "CVE-2009-3555", "CVE-2010-0433"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862163", "href": "http://plugins.openvas.org/nasl.php?oid=862163", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openssl FEDORA-2010-9421\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openssl on Fedora 11\";\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043193.html\");\n script_id(862163);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-25 12:25:26 +0200 (Fri, 25 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-9421\");\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-0740\", \"CVE-2009-3245\", \"CVE-2009-3555\", \"CVE-2009-4355\", \"CVE-2010-0433\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\");\n script_name(\"Fedora Update for openssl FEDORA-2010-9421\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8n~2.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-27T18:36:08", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1547)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3505", "CVE-2007-4995", "CVE-2014-3572", "CVE-2013-0169", "CVE-2007-3108", "CVE-2015-0288", "CVE-2010-4180", "CVE-2010-0742", "CVE-2009-1387", "CVE-2009-3245", "CVE-2008-5077", "CVE-2009-1378", "CVE-2009-3555", "CVE-2010-5298", "CVE-2014-0195", "CVE-2014-3567", "CVE-2015-1790", "CVE-2017-3736", "CVE-2015-0292", "CVE-2014-0221"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191547", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191547", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1547\");\n script_version(\"2020-01-23T12:11:19+0000\");\n script_cve_id(\"CVE-2007-3108\", \"CVE-2007-4995\", \"CVE-2008-5077\", \"CVE-2009-1378\", \"CVE-2009-1387\", \"CVE-2009-3245\", \"CVE-2009-3555\", \"CVE-2010-0742\", \"CVE-2010-4180\", \"CVE-2010-5298\", \"CVE-2013-0169\", \"CVE-2014-0195\", \"CVE-2014-0221\", \"CVE-2014-3505\", \"CVE-2014-3567\", \"CVE-2014-3572\", \"CVE-2015-0288\", \"CVE-2015-0292\", \"CVE-2015-1790\", \"CVE-2017-3736\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:11:19 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:11:19 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1547)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1547\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1547\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2019-1547 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request.(CVE-2015-0288)\n\nOff-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.(CVE-2007-4995)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded.(CVE-2015-0292)\n\nOpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.(CVE-2010-4180)\n\nOpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.(CVE-2009-3245)\n\nThe Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.(CVE-2010-0742)\n\nRace condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.(CVE-2010-5298)\n\nThe BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.(CVE-2007-3108)\n\nA memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h5\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h5\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h5\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-04T14:19:38", "description": "This host is missing an important security update according to\n Mac OS X 10.5.8 Update/Mac OS X Security Update 2011-004.", "cvss3": {}, "published": "2011-08-19T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4651", "CVE-2011-0197", "CVE-2011-0196", "CVE-2010-0740", "CVE-2011-0211", "CVE-2011-0202", "CVE-2011-0199", "CVE-2010-3790", "CVE-2011-0206", "CVE-2011-0204", "CVE-2010-3837", "CVE-2011-0719", "CVE-2011-0201", "CVE-2010-2632", "CVE-2010-3835", "CVE-2011-0210", "CVE-2011-1132", "CVE-2010-3833", "CVE-2010-4180", "CVE-2011-0208", "CVE-2011-0203", "CVE-2011-0212", "CVE-2009-3245", "CVE-2011-0213", "CVE-2011-0014", "CVE-2010-3682", "CVE-2010-3836", "CVE-2011-0195", "CVE-2010-3677", "CVE-2011-0715", "CVE-2010-3834", "CVE-2011-0200", "CVE-2010-3838", "CVE-2011-0205", "CVE-2010-3864", "CVE-2011-0198", "CVE-2011-0209", "CVE-2011-0207", "CVE-2010-3069"], "modified": "2017-08-28T00:00:00", "id": "OPENVAS:902466", "href": "http://plugins.openvas.org/nasl.php?oid=902466", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_macosx_su11-004.nasl 7015 2017-08-28 11:51:24Z teissa $\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial-of-service condition.\n Impact Level: System/Application\";\ntag_affected = \"ATS,\n MySQL,\n patch,\n Samba,\n Kernel,\n libxslt,\n OpenSSL,\n AirPort,\n ImageIO,\n OpenSSL,\n MobileMe,\n App Store,\n ColorSync,\n QuickLook,\n QuickTime,\n Libsystem,\n FTP Server,\n servermgrd,\n subversion,\n CoreGraphics,\n CoreFoundation,\n Certificate Trust Policy and\n International Components for Unicode.\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Run Mac Updates and update the Security Update 2011-004\n For updates refer to http://support.apple.com/kb/HT1338\";\ntag_summary = \"This host is missing an important security update according to\n Mac OS X 10.5.8 Update/Mac OS X Security Update 2011-004.\";\n\nif(description)\n{\n script_id(902466);\n script_version(\"$Revision: 7015 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-28 13:51:24 +0200 (Mon, 28 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-19 15:17:22 +0200 (Fri, 19 Aug 2011)\");\n script_cve_id(\"CVE-2011-0196\", \"CVE-2011-0197\", \"CVE-2011-0198\", \"CVE-2011-0199\",\n \"CVE-2011-0200\", \"CVE-2011-0201\", \"CVE-2011-0202\", \"CVE-2011-0203\",\n \"CVE-2011-0204\", \"CVE-2011-0205\", \"CVE-2011-0206\", \"CVE-2011-1132\",\n \"CVE-2010-2632\", \"CVE-2011-0195\", \"CVE-2011-0207\", \"CVE-2010-3677\",\n \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\",\n \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2009-3245\",\n \"CVE-2010-0740\", \"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2011-0014\",\n \"CVE-2010-4651\", \"CVE-2011-0208\", \"CVE-2011-0209\", \"CVE-2011-0210\",\n \"CVE-2011-0211\", \"CVE-2010-3790\", \"CVE-2011-0213\", \"CVE-2010-3069\",\n \"CVE-2011-0719\", \"CVE-2011-0212\", \"CVE-2011-0715\");\n script_bugtraq_id(48437, 48443, 48436, 48447, 48416, 48426, 48427, 48418, 48437,\n 48439, 48429, 48422, 43819, 47668, 48444, 42646, 42599, 43676,\n 38562, 39013, 44884, 45164, 46264, 46768, 48440, 48419, 48442,\n 48420, 44794, 48430, 43212, 46597, 46734);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT1222\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT1338\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2011/Jun/msg00000.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_require_ports(\"Services/ssh\", 22);\n script_mandatory_keys(\"ssh/login/osx_name\",\"ssh/login/osx_version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName || \"Mac OS X Server\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_less_equal(version:osVer, test_version:\"10.5.8\") ||\n version_in_range(version:osVer, test_version:\"10.6\", test_version2:\"10.6.7\"))\n {\n ## Check for the security update 2011.004\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.004\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:56", "description": "This host is missing an important security update according to\n Mac OS X 10.5.8 Update/Mac OS X Security Update 2011-004.", "cvss3": {}, "published": "2011-08-19T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4651", "CVE-2011-0197", "CVE-2011-0196", "CVE-2010-0740", "CVE-2011-0211", "CVE-2011-0202", "CVE-2011-0199", "CVE-2010-3790", "CVE-2011-0206", "CVE-2011-0204", "CVE-2010-3837", "CVE-2011-0719", "CVE-2011-0201", "CVE-2010-2632", "CVE-2010-3835", "CVE-2011-0210", "CVE-2011-1132", "CVE-2010-3833", "CVE-2010-4180", "CVE-2011-0208", "CVE-2011-0203", "CVE-2011-0212", "CVE-2009-3245", "CVE-2011-0213", "CVE-2011-0014", "CVE-2010-3682", "CVE-2010-3836", "CVE-2011-0195", "CVE-2010-3677", "CVE-2011-0715", "CVE-2010-3834", "CVE-2011-0200", "CVE-2010-3838", "CVE-2011-0205", "CVE-2010-3864", "CVE-2011-0198", "CVE-2011-0209", "CVE-2011-0207", "CVE-2010-3069"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310902466", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902466", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_macosx_su11-004.nasl 14307 2019-03-19 10:09:27Z cfischer $\n#\n# Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902466\");\n script_version(\"$Revision: 14307 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 11:09:27 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-19 15:17:22 +0200 (Fri, 19 Aug 2011)\");\n script_cve_id(\"CVE-2011-0196\", \"CVE-2011-0197\", \"CVE-2011-0198\", \"CVE-2011-0199\",\n \"CVE-2011-0200\", \"CVE-2011-0201\", \"CVE-2011-0202\", \"CVE-2011-0203\",\n \"CVE-2011-0204\", \"CVE-2011-0205\", \"CVE-2011-0206\", \"CVE-2011-1132\",\n \"CVE-2010-2632\", \"CVE-2011-0195\", \"CVE-2011-0207\", \"CVE-2010-3677\",\n \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\",\n \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2009-3245\",\n \"CVE-2010-0740\", \"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2011-0014\",\n \"CVE-2010-4651\", \"CVE-2011-0208\", \"CVE-2011-0209\", \"CVE-2011-0210\",\n \"CVE-2011-0211\", \"CVE-2010-3790\", \"CVE-2011-0213\", \"CVE-2010-3069\",\n \"CVE-2011-0719\", \"CVE-2011-0212\", \"CVE-2011-0715\");\n script_bugtraq_id(48437, 48443, 48436, 48447, 48416, 48426, 48427, 48418, 48437,\n 48439, 48429, 48422, 43819, 47668, 48444, 42646, 42599, 43676,\n 38562, 39013, 44884, 45164, 46264, 46768, 48440, 48419, 48442,\n 48420, 44794, 48430, 43212, 46597, 46734);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1222\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1338\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2011/Jun/msg00000.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[0-6]\\.\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial-of-service condition.\");\n script_tag(name:\"affected\", value:\"ATS,\n MySQL,\n patch,\n Samba,\n Kernel,\n libxslt,\n OpenSSL,\n AirPort,\n ImageIO,\n OpenSSL,\n MobileMe,\n App Store,\n ColorSync,\n QuickLook,\n QuickTime,\n Libsystem,\n FTP Server,\n servermgrd,\n subversion,\n CoreGraphics,\n CoreFoundation,\n Certificate Trust Policy and\n International Components for Unicode.\");\n script_tag(name:\"insight\", value:\"Please see the references for more information on the vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Run Mac Updates and update the Security Update 2011-004\");\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Mac OS X 10.5.8 Update/Mac OS X Security Update 2011-004.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer)\n exit(0);\n\nif(\"Mac OS X\" >< osName || \"Mac OS X Server\" >< osName)\n{\n if(version_is_less_equal(version:osVer, test_version:\"10.5.8\") ||\n version_in_range(version:osVer, test_version:\"10.6\", test_version2:\"10.6.7\"))\n {\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.004\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-19T16:08:51", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0003.2.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMware ESXi/ESX Third party component updates (VMSA-2011-0003.2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0307", "CVE-2010-3562", "CVE-2010-0740", "CVE-2010-2066", "CVE-2010-0089", "CVE-2010-0008", "CVE-2010-0886", "CVE-2010-3557", "CVE-2010-1641", "CVE-2008-0106", "CVE-2010-2248", "CVE-2010-0088", "CVE-2010-2226", "CVE-2010-0410", "CVE-2010-3551", "CVE-2010-0730", "CVE-2010-0085", "CVE-2008-3825", "CVE-2010-0007", "CVE-2008-0086", "CVE-2010-3553", "CVE-2010-3550", "CVE-2010-2521", "CVE-2010-0087", "CVE-2010-1437", "CVE-2010-3566", "CVE-2010-2939", "CVE-2010-3565", "CVE-2010-0092", "CVE-2010-1187", "CVE-2010-3572", "CVE-2009-2693", "CVE-2010-0848", "CVE-2010-0291", "CVE-2010-0082", "CVE-2010-0838", "CVE-2010-0840", "CVE-2010-0095", "CVE-2010-2070", "CVE-2010-2524", "CVE-2010-0839", "CVE-2010-0094", "CVE-2010-3574", "CVE-2010-0415", "CVE-2010-1157", "CVE-2010-1084", "CVE-2010-0847", "CVE-2010-0842", "CVE-2010-3541", "CVE-2010-0845", "CVE-2010-3571", "CVE-2009-3555", "CVE-2010-0841", "CVE-2010-0844", "CVE-2010-0846", "CVE-2010-2240", "CVE-2010-0837", "CVE-2009-2901", "CVE-2010-3559", "CVE-2010-1321", "CVE-2010-3081", "CVE-2010-3556", "CVE-2010-0734", "CVE-2010-0849", "CVE-2008-0085", "CVE-2010-3561", "CVE-2008-5416", "CVE-2010-2227", "CVE-2010-0091", "CVE-2010-0622", "CVE-2010-3549", "CVE-2010-1085", "CVE-2010-1086", "CVE-2010-0090", "CVE-2010-3554", "CVE-2010-0433", "CVE-2010-1436", "CVE-2010-2928", "CVE-2010-1173", "CVE-2010-0437", "CVE-2010-3864", "CVE-2010-0093", "CVE-2009-4308", "CVE-2008-0107", "CVE-2010-1088", "CVE-2009-1384", "CVE-2010-3567", "CVE-2010-3573", "CVE-2010-0003", "CVE-2010-1087", "CVE-2009-2902", "CVE-2010-3548", "CVE-2010-0843", "CVE-2010-3568", "CVE-2010-0084", "CVE-2010-0850", "CVE-2010-3569", "CVE-2009-3548"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103454", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103454", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103454\");\n script_cve_id(\"CVE-2009-2693\", \"CVE-2009-2901\", \"CVE-2009-2902\", \"CVE-2009-3548\", \"CVE-2010-2227\", \"CVE-2010-1157\", \"CVE-2010-2928\", \"CVE-2010-0734\", \"CVE-2010-1084\", \"CVE-2010-2066\", \"CVE-2010-2070\", \"CVE-2010-2226\", \"CVE-2010-2248\", \"CVE-2010-2521\", \"CVE-2010-2524\", \"CVE-2010-0008\", \"CVE-2010-0415\", \"CVE-2010-0437\", \"CVE-2009-4308\", \"CVE-2010-0003\", \"CVE-2010-0007\", \"CVE-2010-0307\", \"CVE-2010-1086\", \"CVE-2010-0410\", \"CVE-2010-0730\", \"CVE-2010-1085\", \"CVE-2010-0291\", \"CVE-2010-0622\", \"CVE-2010-1087\", \"CVE-2010-1173\", \"CVE-2010-1437\", \"CVE-2010-1088\", \"CVE-2010-1187\", \"CVE-2010-1436\", \"CVE-2010-1641\", \"CVE-2010-3081\", \"CVE-2010-2240\", \"CVE-2008-5416\", \"CVE-2008-0085\", \"CVE-2008-0086\", \"CVE-2008-0107\", \"CVE-2008-0106\", \"CVE-2010-0740\", \"CVE-2010-0433\", \"CVE-2010-3864\", \"CVE-2010-2939\", \"CVE-2009-3555\", \"CVE-2010-0082\", \"CVE-2010-0084\", \"CVE-2010-0085\", \"CVE-2010-0087\", \"CVE-2010-0088\", \"CVE-2010-0089\", \"CVE-2010-0090\", \"CVE-2010-0091\", \"CVE-2010-0092\", \"CVE-2010-0093\", \"CVE-2010-0094\", \"CVE-2010-0095\", \"CVE-2010-0837\", \"CVE-2010-0838\", \"CVE-2010-0839\", \"CVE-2010-0840\", \"CVE-2010-0841\", \"CVE-2010-0842\", \"CVE-2010-0843\", \"CVE-2010-0844\", \"CVE-2010-0845\", \"CVE-2010-0846\", \"CVE-2010-0847\", \"CVE-2010-0848\", \"CVE-2010-0849\", \"CVE-2010-0850\", \"CVE-2010-0886\", \"CVE-2010-3556\", \"CVE-2010-3566\", \"CVE-2010-3567\", \"CVE-2010-3550\", \"CVE-2010-3561\", \"CVE-2010-3573\", \"CVE-2010-3565\", \"CVE-2010-3568\", \"CVE-2010-3569\", \"CVE-2010-1321\", \"CVE-2010-3548\", \"CVE-2010-3551\", \"CVE-2010-3562\", \"CVE-2010-3571\", \"CVE-2010-3554\", \"CVE-2010-3559\", \"CVE-2010-3572\", \"CVE-2010-3553\", \"CVE-2010-3549\", \"CVE-2010-3557\", \"CVE-2010-3541\", \"CVE-2010-3574\", \"CVE-2008-3825\", \"CVE-2009-1384\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESXi/ESX Third party component updates (VMSA-2011-0003.2)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 11:19:42 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2011-0003.2.\");\n\n script_tag(name:\"affected\", value:\"ESXi 4.1 without patch ESXi410-201101201-SG\n\n ESXi 4.0 without patch ESXi400-201103401-SG\n\n ESX 4.1 without patch ESX410-201101201-SG\n\n ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103403-SG\");\n\n script_tag(name:\"insight\", value:\"a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3\n\n Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter\n Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address\n multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database\n solutions need not update for these issues.\n\n b. vCenter Apache Tomcat Management Application Credential Disclosure\n\n The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local\n users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter\n 4.1 Update 1 the logon credentials are not present in the configuration file after the update.\n\n c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21\n\n Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of\n Oracle (Sun) JRE.\n\n d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26\n\n Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of\n Oracle (Sun) JRE.\n\n e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28\n\n Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache\n Tomcat\n\n f. vCenter Server third party component OpenSSL updated to version 0.9.8n\n\n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n.\n\n g. ESX third party component OpenSSL updated to version 0.9.8p\n\n The version of the ESX OpenSSL library is updated to 0.9.8p.\n\n h. ESXi third party component cURL updated\n\n The version of cURL library in ESXi is updated.\n\n i. ESX third party component pam_krb5 updated\n\n The version of pam_krb5 library is updated.\n\n j. ESX third party update for Service Console kernel\n\n The Service Console kernel is updated to include kernel version 2.6.18-194.11.1.\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"vmware_esx.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-201101201-SG\",\n \"4.0.0\", \"ESXi400-201103401-SG\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-10-30T10:48:18", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0003.2.\n\nSummary\n\nUpdate 1 for vCenter Server 4.x, vCenter Update Manager 4.x, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1,\naddresses several security issues.\n\nRelevant releases\n\nvCenter Server 4.1 without Update 1,\nvCenter Server 4.0 without Update 3,\nvCenter Update Manager 4.1 without Update 1,\nvCenter Update Manager 4.0 without Update 3,\nESXi 4.1 without patch ESXi410-201101201-SG,\nESXi 4.0 without patch ESXi400-201103401-SG.\nESX 4.1 without patch ESX410-201101201-SG.\nESX 4.0 without patches ESX400-201103401-SG, ESX400-201103403-SG.\n \nProblem Description\n\na. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3\n\n Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter\n Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address\n multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database\n solutions need not update for these issues.\n\nb. vCenter Apache Tomcat Management Application Credential Disclosure\n\n The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local\n users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter\n 4.1 Update 1 the logon credentials are not present in the configuration file after the update.\n\nc. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21\n\n Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of \n Oracle (Sun) JRE.\n\nd. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26\n\n Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of \n Oracle (Sun) JRE.\n\ne. vCenter Server and ESX Apache Tomcat updated to version 6.0.28\n\n Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache\n Tomcat\n\nf. vCenter Server third party component OpenSSL updated to version 0.9.8n\n\n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n.\n\ng. ESX third party component OpenSSL updated to version 0.9.8p\n\n The version of the ESX OpenSSL library is updated to 0.9.8p.\n\nh. ESXi third party component cURL updated\n\n The version of cURL library in ESXi is updated.\n\ni. ESX third party component pam_krb5 updated\n\n The version of pam_krb5 library is updated.\n\nj. ESX third party update for Service Console kernel\n\n The Service Console kernel is updated to include kernel version 2.6.18-194.11.1.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0307", "CVE-2010-3562", "CVE-2010-0740", "CVE-2010-2066", "CVE-2010-0089", "CVE-2010-0008", "CVE-2010-0886", "CVE-2010-3557", "CVE-2010-1641", "CVE-2008-0106", "CVE-2010-2248", "CVE-2010-0088", "CVE-2010-2226", "CVE-2010-0410", "CVE-2010-3551", "CVE-2010-0730", "CVE-2010-0085", "CVE-2008-3825", "CVE-2010-0007", "CVE-2008-0086", "CVE-2010-3553", "CVE-2010-3550", "CVE-2010-2521", "CVE-2010-0087", "CVE-2010-1437", "CVE-2010-3566", "CVE-2010-2939", "CVE-2010-3565", "CVE-2010-0092", "CVE-2010-1187", "CVE-2010-3572", "CVE-2009-2693", "CVE-2010-0848", "CVE-2010-0291", "CVE-2010-0082", "CVE-2010-0838", "CVE-2010-0840", "CVE-2010-0095", "CVE-2010-2070", "CVE-2010-2524", "CVE-2010-0839", "CVE-2010-0094", "CVE-2010-3574", "CVE-2010-0415", "CVE-2010-1157", "CVE-2010-1084", "CVE-2010-0847", "CVE-2010-0842", "CVE-2010-3541", "CVE-2010-0845", "CVE-2010-3571", "CVE-2009-3555", "CVE-2010-0841", "CVE-2010-0844", "CVE-2010-0846", "CVE-2010-2240", "CVE-2010-0837", "CVE-2009-2901", "CVE-2010-3559", "CVE-2010-1321", "CVE-2010-3081", "CVE-2010-3556", "CVE-2010-0734", "CVE-2010-0849", "CVE-2008-0085", "CVE-2010-3561", "CVE-2008-5416", "CVE-2010-2227", "CVE-2010-0091", "CVE-2010-0622", "CVE-2010-3549", "CVE-2010-1085", "CVE-2010-1086", "CVE-2010-0090", "CVE-2010-3554", "CVE-2010-0433", "CVE-2010-1436", "CVE-2010-2928", "CVE-2010-1173", "CVE-2010-0437", "CVE-2010-3864", "CVE-2010-0093", "CVE-2009-4308", "CVE-2008-0107", "CVE-2010-1088", "CVE-2009-1384", "CVE-2010-3567", "CVE-2010-3573", "CVE-2010-0003", "CVE-2010-1087", "CVE-2009-2902", "CVE-2010-3548", "CVE-2010-0843", "CVE-2010-3568", "CVE-2010-0084", "CVE-2010-0850", "CVE-2010-3569", "CVE-2009-3548"], "modified": "2017-10-26T00:00:00", "id": "OPENVAS:103454", "href": "http://plugins.openvas.org/nasl.php?oid=103454", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2011-0003.nasl 7583 2017-10-26 12:07:01Z cfischer $\n#\n# VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply the missing patch(es).\n\nSee Also:\nhttp://www.vmware.com/security/advisories/VMSA-2011-0003.html\";\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2011-0003.2.\n\nSummary\n\nUpdate 1 for vCenter Server 4.x, vCenter Update Manager 4.x, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1,\naddresses several security issues.\n\nRelevant releases\n\nvCenter Server 4.1 without Update 1,\nvCenter Server 4.0 without Update 3,\nvCenter Update Manager 4.1 without Update 1,\nvCenter Update Manager 4.0 without Update 3,\nESXi 4.1 without patch ESXi410-201101201-SG,\nESXi 4.0 without patch ESXi400-201103401-SG.\nESX 4.1 without patch ESX410-201101201-SG.\nESX 4.0 without patches ESX400-201103401-SG, ESX400-201103403-SG.\n \nProblem Description\n\na. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3\n\n Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter\n Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address\n multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database\n solutions need not update for these issues.\n\nb. vCenter Apache Tomcat Management Application Credential Disclosure\n\n The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local\n users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter\n 4.1 Update 1 the logon credentials are not present in the configuration file after the update.\n\nc. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21\n\n Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of \n Oracle (Sun) JRE.\n\nd. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26\n\n Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of \n Oracle (Sun) JRE.\n\ne. vCenter Server and ESX Apache Tomcat updated to version 6.0.28\n\n Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache\n Tomcat\n\nf. vCenter Server third party component OpenSSL updated to version 0.9.8n\n\n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n.\n\ng. ESX third party component OpenSSL updated to version 0.9.8p\n\n The version of the ESX OpenSSL library is updated to 0.9.8p.\n\nh. ESXi third party component cURL updated\n\n The version of cURL library in ESXi is updated.\n\ni. ESX third party component pam_krb5 updated\n\n The version of pam_krb5 library is updated.\n\nj. ESX third party update for Service Console kernel\n\n The Service Console kernel is updated to include kernel version 2.6.18-194.11.1.\";\n\n\nif (description)\n{\n script_id(103454);\n script_cve_id(\"CVE-2009-2693\",\"CVE-2009-2901\",\"CVE-2009-2902\",\"CVE-2009-3548\",\"CVE-2010-2227\",\"CVE-2010-1157\",\"CVE-2010-2928\",\"CVE-2010-0734\",\"CVE-2010-1084\",\"CVE-2010-2066\",\"CVE-2010-2070\",\"CVE-2010-2226\",\"CVE-2010-2248\",\"CVE-2010-2521\",\"CVE-2010-2524\",\"CVE-2010-0008\",\"CVE-2010-0415\",\"CVE-2010-0437\",\"CVE-2009-4308\",\"CVE-2010-0003\",\"CVE-2010-0007\",\"CVE-2010-0307\",\"CVE-2010-1086\",\"CVE-2010-0410\",\"CVE-2010-0730\",\"CVE-2010-1085\",\"CVE-2010-0291\",\"CVE-2010-0622\",\"CVE-2010-1087\",\"CVE-2010-1173\",\"CVE-2010-1437\",\"CVE-2010-1088\",\"CVE-2010-1187\",\"CVE-2010-1436\",\"CVE-2010-1641\",\"CVE-2010-3081\",\"CVE-2010-2240\",\"CVE-2008-5416\",\"CVE-2008-0085\",\"CVE-2008-0086\",\"CVE-2008-0107\",\"CVE-2008-0106\",\"CVE-2010-0740\",\"CVE-2010-0433\",\"CVE-2010-3864\",\"CVE-2010-2939\",\"CVE-2009-3555\",\"CVE-2010-0082\",\"CVE-2010-0084\",\"CVE-2010-0085\",\"CVE-2010-0087\",\"CVE-2010-0088\",\"CVE-2010-0089\",\"CVE-2010-0090\",\"CVE-2010-0091\",\"CVE-2010-0092\",\"CVE-2010-0093\",\"CVE-2010-0094\",\"CVE-2010-0095\",\"CVE-2010-0837\",\"CVE-2010-0838\",\"CVE-2010-0839\",\"CVE-2010-0840\",\"CVE-2010-0841\",\"CVE-2010-0842\",\"CVE-2010-0843\",\"CVE-2010-0844\",\"CVE-2010-0845\",\"CVE-2010-0846\",\"CVE-2010-0847\",\"CVE-2010-0848\",\"CVE-2010-0849\",\"CVE-2010-0850\",\"CVE-2010-0886\",\"CVE-2010-3556\",\"CVE-2010-3566\",\"CVE-2010-3567\",\"CVE-2010-3550\",\"CVE-2010-3561\",\"CVE-2010-3573\",\"CVE-2010-3565\",\"CVE-2010-3568\",\"CVE-2010-3569\",\"CVE-2010-1321\",\"CVE-2010-3548\",\"CVE-2010-3551\",\"CVE-2010-3562\",\"CVE-2010-3571\",\"CVE-2010-3554\",\"CVE-2010-3559\",\"CVE-2010-3572\",\"CVE-2010-3553\",\"CVE-2010-3549\",\"CVE-2010-3557\",\"CVE-2010-3541\",\"CVE-2010-3574\",\"CVE-2008-3825\",\"CVE-2009-1384\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version (\"$Revision: 7583 $\");\n script_name(\"VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-26 14:07:01 +0200 (Thu, 26 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 11:19:42 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\"); # Used in _esxi_patch_missing()\ninclude(\"vmware_esx.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-201101201-SG\",\n \"4.0.0\",\"ESXi400-201103401-SG\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2023-01-11T15:10:03", "description": "Versions of OpenSSL earlier than 0.9.8o and 1.0.0a are potentially affected by multiple vulnerabilities :\n\n - CMS structures containing 'OriginatorInfo' are mishandled which can cause the application to write to invalid memory addresses or free up memory twice. Note that this only affects OpenSSL with CMS code present. (CVE-2010-0742)\n\n - When verification recovery fails for RSA keys, an uninitialized buffer with an undefined length is returned instead of an error code. Note that this only affects OpenSSL 1.0.0. (CVE-2010-1633)", "cvss3": {}, "published": "2010-06-02T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8o / 1.0.0a Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2010-06-02T00:00:00", "cpe": [], "id": "801057.PRM", "href": "https://www.tenable.com/plugins/lce/801057", "sourceData": "Binary data 801057.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T14:56:13", "description": "Versions of OpenSSL earlier than 0.9.8o and 1.0.0a are potentially affected by multiple vulnerabilities :\n\n - CMS structures containing 'OriginatorInfo' are mishandled which can cause the application to write to invalid memory addresses or free up memory twice. Note that this only affects OpenSSL with CMS code present. (CVE-2010-0742)\n\n - When verification recovery fails for RSA keys, an uninitialized buffer with an undefined length is returned instead of an error code. Note that this only affects OpenSSL 1.0.0. (CVE-2010-1633)", "cvss3": {}, "published": "2010-06-02T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8o / 1.0.0a Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "5559.PRM", "href": "https://www.tenable.com/plugins/nnm/5559", "sourceData": "Binary data 5559.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T14:57:50", "description": "Minor update from upstream fixing two security vulnerabilities - CVE-2010-0742 and CVE-2010-1633. It is fully ABI compatible with openssl-1.0.0.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 13 : openssl-1.0.0a-1.fc13 (2010-9574)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-9574.NASL", "href": "https://www.tenable.com/plugins/nessus/47542", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-9574.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47542);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-1633\");\n script_bugtraq_id(40503);\n script_xref(name:\"FEDORA\", value:\"2010-9574\");\n\n script_name(english:\"Fedora 13 : openssl-1.0.0a-1.fc13 (2010-9574)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor update from upstream fixing two security vulnerabilities -\nCVE-2010-0742 and CVE-2010-1633. It is fully ABI compatible with\nopenssl-1.0.0.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598738\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-June/042855.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5da790a8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"openssl-1.0.0a-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T14:57:29", "description": "According to its banner, the remote web server is running a version of OpenSSL older than 0.9.8o / 1.0.0a. Such versions have the following vulnerabilities :\n\n - The mishandling of Cryptographic Message Syntax structures containing an OriginatorInfo element can lead to data being written to invalid memory addresses or memory being freed up twice. (CVE-2010-0742)\n\n - An uninitialized buffer of undefined length is returned when verification recovery fails for RSA keys. This allows an attacker to bypass key checks in applications calling the function EVP_PKEY_verify_recover(). Note this function is not used by OpenSSLcode itself. (CVE-2010-1633)", "cvss3": {}, "published": "2010-06-03T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8o / 1.0.0a Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_0A.NASL", "href": "https://www.tenable.com/plugins/nessus/46801", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(46801);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-1633\");\n script_bugtraq_id(40502, 40503);\n script_xref(name:\"Secunia\", value:\"40024\");\n\n script_name(english:\"OpenSSL < 0.9.8o / 1.0.0a Multiple Vulnerabilities\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote web server has a SSL-related vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its banner, the remote web server is running a version\nof OpenSSL older than 0.9.8o / 1.0.0a. Such versions have the\nfollowing vulnerabilities :\n\n - The mishandling of Cryptographic Message Syntax \n structures containing an OriginatorInfo element can \n lead to data being written to invalid memory addresses \n or memory being freed up twice. (CVE-2010-0742)\n\n - An uninitialized buffer of undefined length is returned\n when verification recovery fails for RSA keys. This \n allows an attacker to bypass key checks in applications\n calling the function EVP_PKEY_verify_recover(). Note \n this function is not used by OpenSSLcode itself. \n (CVE-2010-1633)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20100601.txt\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to OpenSSL 0.9.8o / 1.0.0a or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2010/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2010/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\",value:\"2010/06/03\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencie(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"backport.inc\");\n\n\nif (report_paranoia < 2)\n exit(1, \"This plugin only runs if 'Report paranoia' is set to 'Paranoid'.\");\n\nport = get_http_port(default:80);\n\nbanner = get_backport_banner(banner:get_http_banner(port:port));\nif (!banner) \n exit(1, \"Unable to get the banner from the web server on port \"+port+\".\");\n\nif (!egrep(string:banner, pattern:'^Server:'))\n exit(0, \"The web server on port \"+port+\" doesn't return a Server response header.\");\nif (\"OpenSSL/\" >!< banner)\n exit(0, \"The Server response header for the web server on port \"+port+\" doesn't mention OpenSSL.\");\n\npat = \"^Server:.*OpenSSL/([^ ]+)\";\nversion = NULL;\n\nforeach line (split(banner, sep:'\\r\\n', keep:FALSE))\n{\n match = eregmatch(pattern:pat, string:line);\n if (!isnull(match))\n {\n version = match[1];\n break;\n }\n}\nif (isnull(version))\n exit(0, \"The web server on port \"+port+\" doesn't appear to use OpenSSL.\");\n\nif (\n (version =~ \"^0\\.9\\.([0-7]([^0-9]|$)|8([^a-z0-9]|[a-n]|$))\") ||\n (version =~ \"^1\\.0\\.0(-beta|$)\")\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\nOpenSSL version '+version+' appears to be running on the remote\\n'+\n 'host based on the following Server response header :\\n\\n'+\n ' '+line+'\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse exit(0, 'The web server on port \"+port+\" uses OpenSSL '+version+', which is not affected.');\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T14:58:17", "description": "Minor update from upstream fixing two security vulnerabilities - CVE-2010-0742 and CVE-2010-1633. It is fully ABI compatible with openssl-1.0.0.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 12 : openssl-1.0.0a-1.fc12 (2010-9639)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-9639.NASL", "href": "https://www.tenable.com/plugins/nessus/47546", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-9639.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47546);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0742\", \"CVE-2010-1633\");\n script_bugtraq_id(40502, 40503);\n script_xref(name:\"FEDORA\", value:\"2010-9639\");\n\n script_name(english:\"Fedora 12 : openssl-1.0.0a-1.fc12 (2010-9639)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor update from upstream fixing two security vulnerabilities -\nCVE-2010-0742 and CVE-2010-1633. It is fully ABI compatible with\nopenssl-1.0.0.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598738\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-June/042919.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb56823c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"openssl-1.0.0a-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:28:46", "description": "The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. (CVE-2010-0742)\n\nImpact\n\nA locally authenticated user, with a role that allowsadvanced shell (bash) access, may be able to exploit OpenSSL to modify invalid memory locations or conduct double-free attacks, and execute arbitrary code.\nHowever, affected F5 products that contain the vulnerable software component do not use the components in a way that exposes this vulnerability. There are no remote access vectors for this issue, and there is no data plane exposure.", "cvss3": {}, "published": "2015-09-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : OpenSSL vulnerability (K17248)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL17248.NASL", "href": "https://www.tenable.com/plugins/nessus/85890", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K17248.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85890);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2010-0742\");\n script_bugtraq_id(40502);\n\n script_name(english:\"F5 Networks BIG-IP : OpenSSL vulnerability (K17248)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Cryptographic Message Syntax (CMS) implementation in\ncrypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a\ndoes not properly handle structures that contain OriginatorInfo, which\nallows context-dependent attackers to modify invalid memory locations\nor conduct double-free attacks, and possibly execute arbitrary code,\nvia unspecified vectors. (CVE-2010-0742)\n\nImpact\n\nA locally authenticated user, with a role that allowsadvanced shell\n(bash) access, may be able to exploit OpenSSL to modify invalid memory\nlocations or conduct double-free attacks, and execute arbitrary code.\nHowever, affected F5 products that contain the vulnerable software\ncomponent do not use the components in a way that exposes this\nvulnerability. There are no remote access vectors for this issue, and\nthere is no data plane exposure.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K17248\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K17248.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K17248\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.0.0-11.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.0.0-11.3.0\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.0.0-11.3.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T14:58:16", "description": "Fix for an important security vulnerability CVE-2010-0742.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 11 : openssl-0.9.8n-2.fc11 (2010-9421)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2010-9421.NASL", "href": "https://www.tenable.com/plugins/nessus/47534", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-9421.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47534);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-0742\");\n script_bugtraq_id(31692, 35001, 35138, 38533, 38562, 39013, 40502);\n script_xref(name:\"FEDORA\", value:\"2010-9421\");\n\n script_name(english:\"Fedora 11 : openssl-0.9.8n-2.fc11 (2010-9421)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for an important security vulnerability CVE-2010-0742.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598738\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-June/043193.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?65b43e29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"openssl-0.9.8n-2.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-04T14:37:37", "description": "This is a minor update from upstream fixing one race condition theoretically exploitable from remote connections in some SSL servers (CVE-2010-3864). There are also a few additional bug fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-11-22T00:00:00", "type": "nessus", "title": "Fedora 14 : openssl-1.0.0b-1.fc14 (2010-17827)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2010-17827.NASL", "href": "https://www.tenable.com/plugins/nessus/50664", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-17827.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50664);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3864\");\n script_bugtraq_id(44884);\n script_xref(name:\"FEDORA\", value:\"2010-17827\");\n\n script_name(english:\"Fedora 14 : openssl-1.0.0b-1.fc14 (2010-17827)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a minor update from upstream fixing one race condition\ntheoretically exploitable from remote connections in some SSL servers\n(CVE-2010-3864). There are also a few additional bug fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=649304\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f066200f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"openssl-1.0.0b-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:37:28", "description": "Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nA race condition flaw has been found in the OpenSSL TLS server extension parsing code, which could affect some multithreaded OpenSSL applications. Under certain specific conditions, it may be possible for a remote attacker to trigger this race condition and cause such an application to crash, or possibly execute arbitrary code with the permissions of the application. (CVE-2010-3864)\n\nNote that this issue does not affect the Apache HTTP Server. Refer to Red Hat Bugzilla bug 649304 for more technical details on how to determine if your application is affected.\n\nRed Hat would like to thank Rob Hulswit for reporting this issue.\n\nAll OpenSSL users should upgrade to these updated packages, which contain a backported patch to resolve this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2010-11-18T00:00:00", "type": "nessus", "title": "RHEL 6 : openssl (RHSA-2010:0888)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2010-0888.NASL", "href": "https://www.tenable.com/plugins/nessus/50642", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0888. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50642);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3864\");\n script_bugtraq_id(44884);\n script_xref(name:\"RHSA\", value:\"2010:0888\");\n\n script_name(english:\"RHEL 6 : openssl (RHSA-2010:0888)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA race condition flaw has been found in the OpenSSL TLS server\nextension parsing code, which could affect some multithreaded OpenSSL\napplications. Under certain specific conditions, it may be possible\nfor a remote attacker to trigger this race condition and cause such an\napplication to crash, or possibly execute arbitrary code with the\npermissions of the application. (CVE-2010-3864)\n\nNote that this issue does not affect the Apache HTTP Server. Refer to\nRed Hat Bugzilla bug 649304 for more technical details on how to\ndetermine if your application is affected.\n\nRed Hat would like to thank Rob Hulswit for reporting this issue.\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0888\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0888\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-1.0.0-4.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-debuginfo-1.0.0-4.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-devel-1.0.0-4.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-perl-1.0.0-4.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-perl-1.0.0-4.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.0-4.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-static-1.0.0-4.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-static-1.0.0-4.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.0-4.el6_0.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n }\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T14:39:39", "description": "This is a minor update from upstream fixing one race condition theoretically exploitable from remote connections in some SSL servers (CVE-2010-3864). There are also a few additional bug fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-11-22T00:00:00", "type": "nessus", "title": "Fedora 12 : openssl-1.0.0b-1.fc12 (2010-17826)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-17826.NASL", "href": "https://www.tenable.com/plugins/nessus/50674", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-17826.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50674);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3864\");\n script_bugtraq_id(44884);\n script_xref(name:\"FEDORA\", value:\"2010-17826\");\n\n script_name(english:\"Fedora 12 : openssl-1.0.0b-1.fc12 (2010-17826)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a minor update from upstream fixing one race condition\ntheoretically exploitable from remote connections in some SSL servers\n(CVE-2010-3864). There are also a few additional bug fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=649304\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ddfc8e9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"openssl-1.0.0b-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:37:36", "description": "A vulnerability was discovered in openssl that causes a race condition within the TLS extension parsing code and which can be exploited to cause a heap-based buffer overflow (CVE-2010-3864).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&products_id=4 90\n\nThe updated packages have been patched to correct this issue.", "cvss3": {}, "published": "2010-11-18T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : openssl (MDVSA-2010:238)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8-devel", "p-cpe:/a:mandriva:linux:lib64openssl0.9.8-static-devel", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0-devel", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0-static-devel", "p-cpe:/a:mandriva:linux:libopenssl-engines1.0.0", "p-cpe:/a:mandriva:linux:libopenssl0.9.8", "p-cpe:/a:mandriva:linux:libopenssl0.9.8-devel", "p-cpe:/a:mandriva:linux:libopenssl0.9.8-static-devel", "p-cpe:/a:mandriva:linux:libopenssl1.0.0", "p-cpe:/a:mandriva:linux:libopenssl1.0.0-devel", "p-cpe:/a:mandriva:linux:libopenssl1.0.0-static-devel", "p-cpe:/a:mandriva:linux:openssl", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2010-238.NASL", "href": "https://www.tenable.com/plugins/nessus/50628", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:238. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50628);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3864\");\n script_bugtraq_id(44884);\n script_xref(name:\"MDVSA\", value:\"2010:238\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openssl (MDVSA-2010:238)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered in openssl that causes a race condition\nwithin the TLS extension parsing code and which can be exploited to\ncause a heap-based buffer overflow (CVE-2010-3864).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&products_id=4\n90\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20101116.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl0.9.8-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl-engines1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl0.9.8-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopenssl1.0.0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-0.9.8h-3.8mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-devel-0.9.8h-3.8mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-static-devel-0.9.8h-3.8mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-0.9.8h-3.8mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-devel-0.9.8h-3.8mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-static-devel-0.9.8h-3.8mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"openssl-0.9.8h-3.8mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-0.9.8k-5.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-devel-0.9.8k-5.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64openssl0.9.8-static-devel-0.9.8k-5.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-0.9.8k-5.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-devel-0.9.8k-5.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libopenssl0.9.8-static-devel-0.9.8k-5.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"openssl-0.9.8k-5.3mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl-engines1.0.0-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-devel-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-static-devel-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl-engines1.0.0-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-devel-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libopenssl1.0.0-static-devel-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"openssl-1.0.0a-1.5mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T14:39:19", "description": "A flaw has been found in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack.\nThis allows an attacker to cause an application crash or potentially to execute arbitrary code.\n\nHowever, not all OpenSSL based SSL/TLS servers are vulnerable: a server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. In particular the Apache HTTP server (which never uses OpenSSL internal caching) and Stunnel (which includes its own workaround) are NOT affected.", "cvss3": {}, "published": "2010-11-24T00:00:00", "type": "nessus", "title": "Debian DSA-2125-1 : openssl - buffer overflow", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2125.NASL", "href": "https://www.tenable.com/plugins/nessus/50696", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2125. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50696);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3864\");\n script_bugtraq_id(44884);\n script_xref(name:\"DSA\", value:\"2125\");\n\n script_name(english:\"Debian DSA-2125-1 : openssl - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw has been found in the OpenSSL TLS server extension code parsing\nwhich on affected servers can be exploited in a buffer overrun attack.\nThis allows an attacker to cause an application crash or potentially\nto execute arbitrary code.\n\nHowever, not all OpenSSL based SSL/TLS servers are vulnerable: a\nserver is vulnerable if it is multi-threaded and uses OpenSSL's\ninternal caching mechanism. In particular the Apache HTTP server\n(which never uses OpenSSL internal caching) and Stunnel (which\nincludes its own workaround) are NOT affected.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2125\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nThis upgrade fixes this issue. After the upgrade, any services using\nthe openssl libraries need to be restarted. The checkrestart script\nfrom the debian-goodies package or lsof can help to find out which\nservices need to be restarted.\n\nA note to users of the tor packages from the Debian backports or\nDebian volatile: this openssl update causes problems with some\nversions of tor. You need to update to tor 0.2.1.26-4~bpo50+1 or\n0.2.1.26-1~lennyvolatile2, respectively. The tor package version\n0.2.0.35-1~lenny2 from Debian stable is not affected by these\nproblems.\n\nFor the stable distribution (lenny), the problem has been fixed in\nopenssl version 0.9.8g-15+lenny9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libssl-dev\", reference:\"0.9.8g-15+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8g-15+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8g-15+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"openssl\", reference:\"0.9.8g-15+lenny9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:50:30", "description": "Multithreaded OpenSSL servers using the TLS server extension are vulnerable to a buffer overrun attack. CVE-2010-3864 has been assigned to this issue.", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:openssl", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "href": "https://www.tenable.com/plugins/nessus/53675", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-3507.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53675);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3864\");\n\n script_name(english:\"openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-1)\");\n script_summary(english:\"Check for the libopenssl-devel-3507 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multithreaded OpenSSL servers using the TLS server extension are\nvulnerable to a buffer overrun attack. CVE-2010-3864 has been assigned\nto this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=651003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-11/msg00029.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libopenssl-devel-0.9.8h-28.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libopenssl0_9_8-0.9.8h-28.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openssl-0.9.8h-28.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-28.18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl0_9_8 / libopenssl0_9_8-32bit / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T16:35:03", "description": "Multithreaded OpenSSL servers using the TLS server extension are vulnerable to a buffer overrun attack (CVE-2010-3864).", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:openssl", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "href": "https://www.tenable.com/plugins/nessus/75593", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-3562.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75593);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3864\");\n\n script_name(english:\"openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-2)\");\n script_summary(english:\"Check for the libopenssl-devel-3562 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multithreaded OpenSSL servers using the TLS server extension are\nvulnerable to a buffer overrun attack (CVE-2010-3864).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=651003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-11/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libopenssl-devel-1.0.0-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libopenssl0_9_8-0.9.8m-3.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libopenssl1_0_0-1.0.0-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"openssl-1.0.0-6.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8m-3.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.0-6.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl0_9_8 / libopenssl0_9_8-32bit / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T14:39:11", "description": "Rob Hulswit discovered a race condition in the OpenSSL TLS server extension parsing code when used within a threaded server. A remote attacker could trigger this flaw to cause a denial of service or possibly execute arbitrary code with application privileges.\n(CVE-2010-3864).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-11-18T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openssl vulnerability (USN-1018-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl-dev", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg", "p-cpe:/a:canonical:ubuntu_linux:openssl", "p-cpe:/a:canonical:ubuntu_linux:openssl-doc", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-1018-1.NASL", "href": "https://www.tenable.com/plugins/nessus/50649", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1018-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50649);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-3864\");\n script_bugtraq_id(44884);\n script_xref(name:\"USN\", value:\"1018-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openssl vulnerability (USN-1018-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rob Hulswit discovered a race condition in the OpenSSL TLS server\nextension parsing code when used within a threaded server. A remote\nattacker could trigger this flaw to cause a denial of service or\npossibly execute arbitrary code with application privileges.\n(CVE-2010-3864).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1018-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-4ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-4ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-4ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl\", pkgver:\"0.9.8g-4ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-4ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libssl-dev\", pkgver:\"0.9.8g-16ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8g-16ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8g-16ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openssl\", pkgver:\"0.9.8g-16ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openssl-doc\", pkgver:\"0.9.8g-16ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8k-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8k-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8k-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openssl\", pkgver:\"0.9.8k-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openssl-doc\", pkgver:\"0.9.8k-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libssl-dev\", pkgver:\"0.9.8o-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8o-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8o-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openssl\", pkgver:\"0.9.8o-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openssl-doc\", pkgver:\"0.9.8o-1ubuntu4.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl-dev / libssl0.9.8 / libssl0.9.8-dbg / openssl / openssl-doc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T15:10:27", "description": "The following issue has been fixed :\n\n - Multithreaded OpenSSL servers using the TLS server extension were vulnerable to a buffer overrun attack.\n CVE-2010-3864 has been assigned to this issue.", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : libopenssl (SAT Patch Number 3539)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit", "p-cpe:/a:novell:suse_linux:11:openssl", "p-cpe:/a:novell:suse_linux:11:openssl-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "href": "https://www.tenable.com/plugins/nessus/51619", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51619);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3864\");\n\n script_name(english:\"SuSE 11.1 Security Update : libopenssl (SAT Patch Number 3539)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following issue has been fixed :\n\n - Multithreaded OpenSSL servers using the TLS server\n extension were vulnerable to a buffer overrun attack.\n CVE-2010-3864 has been assigned to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=651003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3864.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 3539.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libopenssl0_9_8-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"openssl-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"openssl-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libopenssl0_9_8-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"openssl-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"openssl-doc-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-03T14:43:11", "description": "The following issue has been fixed :\n\n - Multithreaded OpenSSL servers using the TLS server extension were vulnerable to a buffer overrun attack.\n CVE-2010-3864 has been assigned to this issue.", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : libopenssl (SAT Patch Number 3509)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit", "p-cpe:/a:novell:suse_linux:11:openssl", "p-cpe:/a:novell:suse_linux:11:openssl-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "href": "https://www.tenable.com/plugins/nessus/50939", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50939);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3864\");\n\n script_name(english:\"SuSE 11 Security Update : libopenssl (SAT Patch Number 3509)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following issue has been fixed :\n\n - Multithreaded OpenSSL servers using the TLS server\n extension were vulnerable to a buffer overrun attack.\n CVE-2010-3864 has been assigned to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=651003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3864.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 3509.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libopenssl0_9_8-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"openssl-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"openssl-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libopenssl0_9_8-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openssl-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openssl-doc-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.22.28.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8h-30.22.28.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:50:46", "description": "Multithreaded OpenSSL servers using the TLS server extension are vulnerable to a buffer overrun attack (CVE-2010-3864).", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl0_9_8", "p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit", "p-cpe:/a:novell:opensuse:openssl", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "href": "https://www.tenable.com/plugins/nessus/53750", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libopenssl-devel-3562.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53750);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3864\");\n\n script_name(english:\"openSUSE Security Update : libopenssl-devel (openSUSE-SU-2010:0965-2)\");\n script_summary(english:\"Check for the libopenssl-devel-3562 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multithreaded OpenSSL servers using the TLS server extension are\nvulnerable to a buffer overrun attack (CVE-2010-3864).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=651003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-11/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libopenssl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libopenssl-devel-0.9.8k-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libopenssl0_9_8-0.9.8k-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"openssl-0.9.8k-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8k-3.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl0_9_8 / libopenssl0_9_8-32bit / etc\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-05T14:30:49", "description": "According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8p / 1.0.0b.\n\nIf a TLS server is multithreaded and uses the SSL cache, a remote attacker could trigger a buffer overflow and crash the server or run arbitrary code.", "cvss3": {}, "published": "2012-01-04T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8p / 1.0.0b Buffer Overflow", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_0_9_8P_1_0_0B.NASL", "href": "https://www.tenable.com/plugins/nessus/17766", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(17766);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\"CVE-2010-3864\");\n script_bugtraq_id(44884);\n\n script_name(english:\"OpenSSL < 0.9.8p / 1.0.0b Buffer Overflow\");\n script_summary(english:\"Does a banner check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote server is affected by a buffer overflow vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote server is running a version of \nOpenSSL that is earlier than 0.9.8p / 1.0.0b.\n\nIf a TLS server is multithreaded and uses the SSL cache, a remote\nattacker could trigger a buffer overflow and crash the server or run\narbitrary code.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20101116.txt\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to OpenSSL 0.9.8p / 1.0.0b or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:make_list('0.9.8p', '1.0.0b'), severity:SECURITY_HOLE);\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:23:07", "description": "A race condition flaw has been found in the OpenSSL TLS server extension parsing code, which could affect some multithreaded OpenSSL applications. Under certain specific conditions, it may be possible for a remote attacker to trigger this race condition and cause such an application to crash, or possibly execute arbitrary code with the permissions of the application. (CVE-2010-3864)\n\nNote that this issue does not affect the Apache HTTP Server.\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101116_OPENSSL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60899", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60899);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3864\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A race condition flaw has been found in the OpenSSL TLS server\nextension parsing code, which could affect some multithreaded OpenSSL\napplications. Under certain specific conditions, it may be possible\nfor a remote attacker to trigger this race condition and cause such an\napplication to crash, or possibly execute arbitrary code with the\npermissions of the application. (CVE-2010-3864)\n\nNote that this issue does not affect the Apache HTTP Server.\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=5661\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72bd1e3a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"openssl-1.0.0-4.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-devel-1.0.0-4.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-perl-1.0.0-4.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-static-1.0.0-4.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:37:36", "description": "This is a minor update from upstream fixing one race condition theoretically exploitable from remote connections in some SSL servers (CVE-2010-3864). There are also a few additional bug fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-11-22T00:00:00", "type": "nessus", "title": "Fedora 13 : openssl-1.0.0b-1.fc13 (2010-17847)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-17847.NASL", "href": "https://www.tenable.com/plugins/nessus/50675", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-17847.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50675);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3864\");\n script_bugtraq_id(44884);\n script_xref(name:\"FEDORA\", value:\"2010-17847\");\n\n script_name(english:\"Fedora 13 : openssl-1.0.0b-1.fc13 (2010-17847)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a minor update from upstream fixing one race condition\ntheoretically exploitable from remote connections in some SSL servers\n(CVE-2010-3864). There are also a few additional bug fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=649304\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?685c0f14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"openssl-1.0.0b-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:37:36", "description": "OpenSSL Team reports :\n\nRob Hulswit has found a flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack.\n\nAny OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers that are multi-process and/or disable internal session caching are NOT affected.\n\nIn particular the Apache HTTP server (which never uses OpenSSL internal caching) and Stunnel (which includes its own workaround) are NOT affected.", "cvss3": {}, "published": "2010-11-18T00:00:00", "type": "nessus", "title": "FreeBSD : openssl -- TLS extension parsing race condition (3042c33a-f237-11df-9d02-0018fe623f2b)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:openssl", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "href": "https://www.tenable.com/plugins/nessus/50627", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50627);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3864\");\n\n script_name(english:\"FreeBSD : openssl -- TLS extension parsing race condition (3042c33a-f237-11df-9d02-0018fe623f2b)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL Team reports :\n\nRob Hulswit has found a flaw in the OpenSSL TLS server extension code\nparsing which on affected servers can be exploited in a buffer overrun\nattack.\n\nAny OpenSSL based TLS server is vulnerable if it is multi-threaded and\nuses OpenSSL's internal caching mechanism. Servers that are\nmulti-process and/or disable internal session caching are NOT\naffected.\n\nIn particular the Apache HTTP server (which never uses OpenSSL\ninternal caching) and Stunnel (which includes its own workaround) are\nNOT affected.\"\n );\n # http://openssl.org/news/secadv/20101116.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20101116.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/3042c33a-f237-11df-9d02-0018fe623f2b.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c36a26d7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"openssl<1.0.0_2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:53:14", "description": "The remote host is affected by the vulnerability described in GLSA-201110-01 (OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could cause a Denial of Service, possibly execute arbitrary code, bypass intended key requirements, force the downgrade to unintended ciphers, bypass the need for knowledge of shared secrets and successfully authenticate, bypass CRL validation, or obtain sensitive information in applications that use OpenSSL.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "nessus", "title": "GLSA-201110-01 : OpenSSL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3245", "CVE-2009-4355", "CVE-2010-0433", "CVE-2010-0740", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-2939", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-4252", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-3210"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201110-01.NASL", "href": "https://www.tenable.com/plugins/nessus/56425", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201110-01.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56425);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3245\", \"CVE-2009-4355\", \"CVE-2010-0433\", \"CVE-2010-0740\", \"CVE-2010-0742\", \"CVE-2010-1633\", \"CVE-2010-2939\", \"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2010-4252\", \"CVE-2011-0014\", \"CVE-2011-3207\", \"CVE-2011-3210\");\n script_xref(name:\"GLSA\", value:\"201110-01\");\n\n script_name(english:\"GLSA-201110-01 : OpenSSL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201110-01\n(OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could cause a Denial of Service, possibly\n execute arbitrary code, bypass intended key requirements, force the\n downgrade to unintended ciphers, bypass the need for knowledge of shared\n secrets and successfully authenticate, bypass CRL validation, or obtain\n sensitive information in applications that use OpenSSL.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201110-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All OpenSSL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.0.0e'\n NOTE: This is a legacy GLSA. Updates for all affected architectures are\n available since September 17, 2011. It is likely that your system is\n already no longer affected by most of these issues.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 1.0.0e\", \"rge 0.9.8r\", \"rge 0.9.8s\", \"rge 0.9.8t\", \"rge 0.9.8u\", \"rge 0.9.8v\", \"rge 0.9.8w\", \"rge 0.9.8x\", \"rge 0.9.8y\", \"rge 0.9.8z_p1\", \"rge 0.9.8z_p2\", \"rge 0.9.8z_p3\", \"rge 0.9.8z_p4\", \"rge 0.9.8z_p5\", \"rge 0.9.8z_p6\", \"rge 0.9.8z_p7\", \"rge 0.9.8z_p8\", \"rge 0.9.8z_p9\", \"rge 0.9.8z_p10\", \"rge 0.9.8z_p11\", \"rge 0.9.8z_p12\", \"rge 0.9.8z_p13\", \"rge 0.9.8z_p14\", \"rge 0.9.8z_p15\"), vulnerable:make_list(\"lt 1.0.0e\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:50:30", "description": "The version of Adobe Flash Media Server running on the remote host is earlier than version 3.5.6 or 4.0.2. Such versions are potentially affected by the following vulnerabilities :\n\n - The server is affected by a memory corruption issue due to a race condition in the TLS extension code provided by the bundled version of OpenSSL. A remote attacker may be able to exploit this vulnerability to execute arbitrary code on the server. (CVE-2010-3864)\n\n - The server is vulnerable to a denial of service attack due to an unspecified error related to processing certain XML content. (CVE-2011-0612)", "cvss3": {}, "published": "2011-05-13T00:00:00", "type": "nessus", "title": "Adobe Flash Media Server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864", "CVE-2011-0612"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:adobe:flash_media_server"], "id": "ADOBE_FMS_4_0_2.NASL", "href": "https://www.tenable.com/plugins/nessus/53895", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53895);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2010-3864\", \"CVE-2011-0612\");\n script_bugtraq_id(44884, 47840);\n script_xref(name:\"SECUNIA\", value:\"44589\");\n\n script_name(english:\"Adobe Flash Media Server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote media server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Flash Media Server running on the remote host is\nearlier than version 3.5.6 or 4.0.2. Such versions are potentially\naffected by the following vulnerabilities :\n\n - The server is affected by a memory corruption issue due \n to a race condition in the TLS extension code provided\n by the bundled version of OpenSSL. A remote attacker \n may be able to exploit this vulnerability to execute \n arbitrary code on the server. (CVE-2010-3864)\n\n - The server is vulnerable to a denial of service attack\n due to an unspecified error related to processing \n certain XML content. (CVE-2011-0612)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/bulletins/apsb11-11.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Flash Media Server 3.5.6 / 4.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_media_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"adobe_fms_detect.nasl\");\n script_require_keys(\"rtmp/adobe_fms\");\n script_require_ports(\"Services/rtmp\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\n\nport = get_kb_item_or_exit(\"Services/rtmp\");\nversion = get_kb_item_or_exit(\"rtmp/\" + port + \"/adobe_fms/version\");\nsource = get_kb_item_or_exit(\"rtmp/\" + port + \"/adobe_fms/version_source\");\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0;i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n \nif (\n ver[0] < 3 ||\n (ver[0] == 3 && ver[1] < 5) ||\n (ver[0] == 3 && ver[1] == 5 && ver[2] < 6) ||\n (ver[0] == 4 && ver[1] == 0 && ver[2] < 2)\n)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 3.5.6 / 4.0.2\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse exit(0, \"The Adobe Flash Media Server version \"+version+\" on port \"+port+\" is not affected.\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-04T14:37:28", "description": "New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues.", "cvss3": {}, "published": "2010-11-22T00:00:00", "type": "nessus", "title": "Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : openssl (SSA:2010-326-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1"], "id": "SLACKWARE_SSA_2010-326-01.NASL", "href": "https://www.tenable.com/plugins/nessus/50668", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2010-326-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50668);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2939\", \"CVE-2010-3864\");\n script_bugtraq_id(42306, 44884);\n script_xref(name:\"SSA\", value:\"2010-326-01\");\n\n script_name(english:\"Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : openssl (SSA:2010-326-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New openssl packages are available for Slackware 11.0, 12.0, 12.1,\n12.2, 13.0, 13.1, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dfab35a8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"11.0\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\nif (slackware_check(osver:\"11.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\nif (slackware_check(osver:\"12.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\nif (slackware_check(osver:\"12.1\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\nif (slackware_check(osver:\"12.2\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8p\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8p\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T14:50:34", "description": "The remote host is running Adobe Flash Media server. \n\nVersions of Adobe FLash Media Server earlier than 3.5.6 or 4.0.2 are potentially affected by multiple vulnerabilities : \n\n - A memory corruption issue exists due to a race condition in the TLS extension code provided by the bundled version of OpenSSL. (CVE-2010-3864)\n\n - An unspecified error relating to processing certain XML content could lead to a denial of service. (CVE-2011-0612)", "cvss3": {}, "published": "2011-05-16T00:00:00", "type": "nessus", "title": "Adobe Flash Media server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0612", "CVE-2010-3864", "CVE-2011-0612"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:adobe:flash_player"], "id": "5924.PRM", "href": "https://www.tenable.com/plugins/nnm/5924", "sourceData": "Binary data 5924.prm", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T16:30:55", "description": "The version of OpenSSL running on the remote host is affected by the following vulnerabilities :\n\n - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka 'OCSP stapling vulnerability.' (CVE-2011-0014)\n\n - Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi- threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap- based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.\n (CVE-2010-3864)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. (CVE-2010-4180)", "cvss3": {}, "published": "2014-04-16T00:00:00", "type": "nessus", "title": "AIX OpenSSL Advisory : openssl_advisory2.asc", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864", "CVE-2010-4180", "CVE-2011-0014"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix"], "id": "AIX_OPENSSL_ADVISORY2.NASL", "href": "https://www.tenable.com/plugins/nessus/73560", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory openssl_advisory2.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73560);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3864\", \"CVE-2010-4180\", \"CVE-2011-0014\");\n script_bugtraq_id(44884, 45164, 46264);\n\n script_name(english:\"AIX OpenSSL Advisory : openssl_advisory2.asc\");\n script_summary(english:\"Checks the version of the openssl packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote AIX host is running a vulnerable version of OpenSSL.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of OpenSSL running on the remote host is affected by the\nfollowing vulnerabilities :\n\n - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0\n through 1.0.0c allows remote attackers to cause a denial\n of service (crash), and possibly obtain sensitive\n information in applications that use OpenSSL, via a\n malformed ClientHello handshake message that triggers an\n out-of-bounds memory access, aka 'OCSP stapling\n vulnerability.' (CVE-2011-0014)\n\n - Multiple race conditions in ssl/t1_lib.c in OpenSSL\n 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-\n threading and internal caching are enabled on a TLS\n server, might allow remote attackers to execute\n arbitrary code via client data that triggers a heap-\n based buffer overflow, related to (1) the TLS server\n name extension and (2) elliptic curve cryptography.\n (CVE-2010-3864)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when\n SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does\n not properly prevent modification of the ciphersuite in\n the session cache, which allows remote attackers to\n force the downgrade to an unintended cipher via vectors\n involving sniffing network traffic to discover a session\n identifier. (CVE-2010-4180)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory2.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20110208.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20101116.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20101116.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"A fix is available, and it can be downloaded from the AIX website.\n\nTo extract the fixes from the tar file :\n\n zcat openssl.0.9.8.1302.tar.Z | tar xvf -\n or\n zcat openssl-fips.12.9.8.1302.tar.Z | tar xvf -\n or\n zcat openssl.0.9.8.808.tar.Z | tar xvf -\n\nIMPORTANT : If possible, it is recommended that a mksysb backup of\nthe system be created. Verify it is both bootable and readable\nbefore proceeding.\n\nTo preview the fix installation :\n\n installp -apYd . openssl\n\nTo install the fix package :\n\n installp -aXYd . openssl\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/16\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\ninclude(\"aix.inc\");\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item_or_exit(\"Host/AIX/version\");\nif ( oslevel != \"AIX-5.2\" && oslevel != \"AIX-5.3\" && oslevel != \"AIX-6.1\" && oslevel != \"AIX-7.1\" )\n{\n oslevel = ereg_replace(string:oslevel, pattern:\"-\", replace:\" \");\n audit(AUDIT_OS_NOT, \"AIX 5.2 / 5.3 / 6.1 / 7.1\", oslevel);\n}\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif (aix_check_package(release:\"5.2\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.807\", fixpackagever:\"0.9.8.808\") > 0) flag++;\nif (aix_check_package(release:\"5.3\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.1301\", fixpackagever:\"0.9.8.1302\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.1301\", fixpackagever:\"0.9.8.1302\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"0.9.8.1301\", fixpackagever:\"0.9.8.1302\") > 0) flag++;\nif (aix_check_package(release:\"5.3\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.1301\", fixpackagever:\"12.9.8.1302\") > 0) flag++;\nif (aix_check_package(release:\"6.1\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.1301\", fixpackagever:\"12.9.8.1302\") > 0) flag++;\nif (aix_check_package(release:\"7.1\", package:\"openssl-fips.base\", minpackagever:\"0.0.0.0\", maxpackagever:\"12.9.8.1301\", fixpackagever:\"12.9.8.1302\") > 0) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : aix_report_get()\n );\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl.base / openssl-fips.base\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:23:59", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities:\n\n - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an error state mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected. (CVE-2017-3737)\n\n - There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation).\n Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected.\n Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.\n (CVE-2017-3738)\n\n - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected.\n Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen. (CVE-2017-3736)\n\n - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. (CVE-2006-2937)\n\n - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) public exponent or (2) public modulus values in X.509 certificates that require extra time to process when using RSA signature verification.\n (CVE-2006-2940)\n\n - Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.\n (CVE-2006-3738)\n\n - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. (CVE-2006-4339)\n\n - The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. (CVE-2006-4343)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys. (CVE-2007-3108)\n\n - Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. (CVE-2007-4995)\n\n - Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.\n (CVE-2007-5135)\n\n - Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.\n (CVE-2008-0891)\n\n - OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses particular cipher suites, which triggers a NULL pointer dereference. (CVE-2008-1672)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. (CVE-2009-1377)\n\n - Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. (CVE-2009-1378)\n\n - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. (CVE-2009-1379)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post- renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue.\n (CVE-2009-3555)\n\n - Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. (CVE-2009-4355)\n\n - The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. (CVE-2010-0742)\n\n - RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information. (CVE-2010-1633)\n\n - Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi- threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap- based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.\n (CVE-2010-3864)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. (CVE-2010-4180)\n\n - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka OCSP stapling vulnerability. (CVE-2011-0014)\n\n - crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. (CVE-2011-3207)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. (CVE-2012-0050)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. (CVE-2012-2110)\n\n - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (CVE-2013-4353)\n\n - The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.\n (CVE-2013-6449)\n\n - The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (CVE-2013-6450)\n\n - An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160)\n\n - A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566)\n\n - A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2008-1678", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-4180", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-4108", "CVE-2012-0050", "CVE-2012-2110", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-3566", "CVE-2015-3193", "CVE-2016-0701", "CVE-2016-2183", "CVE-2017-3732", "CVE-2017-3736", "CVE-2017-3737", "CVE-2017-3738"], "modified": "2022-05-19T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/127201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0033. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127201);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2006-2937\",\n \"CVE-2006-2940\",\n \"CVE-2006-3738\",\n \"CVE-2006-4339\",\n \"CVE-2006-4343\",\n \"CVE-2007-3108\",\n \"CVE-2007-4995\",\n \"CVE-2007-5135\",\n \"CVE-2008-0891\",\n \"CVE-2008-1672\",\n \"CVE-2009-1377\",\n \"CVE-2009-1378\",\n \"CVE-2009-1379\",\n \"CVE-2009-3555\",\n \"CVE-2009-4355\",\n \"CVE-2010-0742\",\n \"CVE-2010-1633\",\n \"CVE-2010-3864\",\n \"CVE-2010-4180\",\n \"CVE-2011-0014\",\n \"CVE-2011-3207\",\n \"CVE-2012-0050\",\n \"CVE-2012-2110\",\n \"CVE-2013-4353\",\n \"CVE-2013-6449\",\n \"CVE-2013-6450\",\n \"CVE-2014-0160\",\n \"CVE-2014-3566\",\n \"CVE-2016-2183\",\n \"CVE-2017-3736\",\n \"CVE-2017-3737\",\n \"CVE-2017-3738\"\n );\n script_bugtraq_id(92630);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected\nby multiple vulnerabilities:\n\n - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced\n an error state mechanism. The intent was that if a\n fatal error occurred during a handshake then OpenSSL\n would move into the error state and would immediately\n fail if you attempted to continue the handshake. This\n works as designed for the explicit handshake functions\n (SSL_do_handshake(), SSL_accept() and SSL_connect()),\n however due to a bug it does not work correctly if\n SSL_read() or SSL_write() is called directly. In that\n scenario, if the handshake fails then a fatal error will\n be returned in the initial function call. If\n SSL_read()/SSL_write() is subsequently called by the\n application for the same SSL object then it will succeed\n and the data is passed without being decrypted/encrypted\n directly from the SSL/TLS record layer. In order to\n exploit this issue an application bug would have to be\n present that resulted in a call to\n SSL_read()/SSL_write() being issued after having already\n received a fatal error. OpenSSL version 1.0.2b-1.0.2m\n are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is\n not affected. (CVE-2017-3737)\n\n - There is an overflow bug in the AVX2 Montgomery\n multiplication procedure used in exponentiation with\n 1024-bit moduli. No EC algorithms are affected. Analysis\n suggests that attacks against RSA and DSA as a result of\n this defect would be very difficult to perform and are\n not believed likely. Attacks against DH1024 are\n considered just feasible, because most of the work\n necessary to deduce information about a private key may\n be performed offline. The amount of resources required\n for such an attack would be significant. However, for an\n attack on TLS to be meaningful, the server would have to\n share the DH1024 private key among multiple clients,\n which is no longer an option since CVE-2016-0701. This\n only affects processors that support the AVX2 but not\n ADX extensions like Intel Haswell (4th generation).\n Note: The impact from this issue is similar to\n CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL\n version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected.\n Fixed in OpenSSL 1.0.2n. Due to the low severity of this\n issue we are not issuing a new release of OpenSSL 1.1.0\n at this time. The fix will be included in OpenSSL 1.1.0h\n when it becomes available. The fix is also available in\n commit e502cc86d in the OpenSSL git repository.\n (CVE-2017-3738)\n\n - There is a carry propagating bug in the x86_64\n Montgomery squaring procedure in OpenSSL before 1.0.2m\n and 1.1.0 before 1.1.0g. No EC algorithms are affected.\n Analysis suggests that attacks against RSA and DSA as a\n result of this defect would be very difficult to perform\n and are not believed likely. Attacks against DH are\n considered just feasible (although very difficult)\n because most of the work necessary to deduce information\n about a private key may be performed offline. The amount\n of resources required for such an attack would be very\n significant and likely only accessible to a limited\n number of attackers. An attacker would additionally need\n online access to an unpatched system using the target\n private key in a scenario with persistent DH parameters\n and a private key that is shared between multiple\n clients. This only affects processors that support the\n BMI1, BMI2 and ADX extensions like Intel Broadwell (5th\n generation) and later or AMD Ryzen. (CVE-2017-3736)\n\n - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service\n (infinite loop and memory consumption) via malformed\n ASN.1 structures that trigger an improperly handled\n error condition. (CVE-2006-2937)\n\n - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows attackers to cause a denial of\n service (CPU consumption) via parasitic public keys with\n large (1) public exponent or (2) public modulus\n values in X.509 certificates that require extra time to\n process when using RSA signature verification.\n (CVE-2006-2940)\n\n - Buffer overflow in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions has unspecified impact and remote\n attack vectors involving a long list of ciphers.\n (CVE-2006-3738)\n\n - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3,\n removes PKCS-1 padding before generating a hash, which\n allows remote attackers to forge a PKCS #1 v1.5\n signature that is signed by that RSA key and prevents\n OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. (CVE-2006-4339)\n\n - The get_server_hello function in the SSLv2 client code\n in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows remote servers to cause a denial\n of service (client crash) via unknown vectors that\n trigger a null pointer dereference. (CVE-2006-4343)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c\n in OpenSSL 0.9.8e and earlier does not properly perform\n Montgomery multiplication, which might allow local users\n to conduct a side-channel attack and retrieve RSA\n private keys. (CVE-2007-3108)\n\n - Off-by-one error in the DTLS implementation in OpenSSL\n 0.9.8 before 0.9.8f allows remote attackers to execute\n arbitrary code via unspecified vectors. (CVE-2007-4995)\n\n - Off-by-one error in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f,\n might allow remote attackers to execute arbitrary code\n via a crafted packet that triggers a one-byte buffer\n underflow. NOTE: this issue was introduced as a result\n of a fix for CVE-2006-3738. As of 20071012, it is\n unknown whether code execution is possible.\n (CVE-2007-5135)\n\n - Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g,\n when the TLS server name extensions are enabled, allows\n remote attackers to cause a denial of service (crash)\n via a malformed Client Hello packet. NOTE: some of these\n details are obtained from third party information.\n (CVE-2008-0891)\n\n - OpenSSL 0.9.8f and 0.9.8g allows remote attackers to\n cause a denial of service (crash) via a TLS handshake\n that omits the Server Key Exchange message and uses\n particular cipher suites, which triggers a NULL\n pointer dereference. (CVE-2008-1672)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in\n OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote\n attackers to cause a denial of service (memory\n consumption) via a large series of future epoch DTLS\n records that are buffered in a queue, aka DTLS record\n buffer limitation bug. (CVE-2009-1377)\n\n - Multiple memory leaks in the\n dtls1_process_out_of_seq_message function in\n ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8\n versions allow remote attackers to cause a denial of\n service (memory consumption) via DTLS records that (1)\n are duplicates or (2) have sequence numbers much greater\n than current sequence numbers, aka DTLS fragment\n handling memory leak. (CVE-2009-1378)\n\n - Use-after-free vulnerability in the\n dtls1_retrieve_buffered_fragment function in\n ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote\n attackers to cause a denial of service (openssl s_client\n crash) and possibly have unspecified other impact via a\n DTLS packet, as demonstrated by a packet from a server\n that uses a crafted server certificate. (CVE-2009-1379)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly\n earlier, as used in Microsoft Internet Information\n Services (IIS) 7.0, mod_ssl in the Apache HTTP Server\n 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5\n and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, multiple Cisco products, and other\n products, does not properly associate renegotiation\n handshakes with an existing connection, which allows\n man-in-the-middle attackers to insert data into HTTPS\n sessions, and possibly other types of sessions protected\n by TLS or SSL, by sending an unauthenticated request\n that is processed retroactively by a server in a post-\n renegotiation context, related to a plaintext\n injection attack, aka the Project Mogul issue.\n (CVE-2009-3555)\n\n - Memory leak in the zlib_stateful_finish function in\n crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and\n 1.0.0 Beta through Beta 4 allows remote attackers to\n cause a denial of service (memory consumption) via\n vectors that trigger incorrect calls to the\n CRYPTO_cleanup_all_ex_data function, as demonstrated by\n use of SSLv3 and PHP with the Apache HTTP Server, a\n related issue to CVE-2008-1678. (CVE-2009-4355)\n\n - The Cryptographic Message Syntax (CMS) implementation in\n crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x\n before 1.0.0a does not properly handle structures that\n contain OriginatorInfo, which allows context-dependent\n attackers to modify invalid memory locations or conduct\n double-free attacks, and possibly execute arbitrary\n code, via unspecified vectors. (CVE-2010-0742)\n\n - RSA verification recovery in the EVP_PKEY_verify_recover\n function in OpenSSL 1.x before 1.0.0a, as used by\n pkeyutl and possibly other applications, returns\n uninitialized memory upon failure, which might allow\n context-dependent attackers to bypass intended key\n requirements or obtain sensitive information via\n unspecified vectors. NOTE: some of these details are\n obtained from third party information. (CVE-2010-1633)\n\n - Multiple race conditions in ssl/t1_lib.c in OpenSSL\n 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-\n threading and internal caching are enabled on a TLS\n server, might allow remote attackers to execute\n arbitrary code via client data that triggers a heap-\n based buffer overflow, related to (1) the TLS server\n name extension and (2) elliptic curve cryptography.\n (CVE-2010-3864)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when\n SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does\n not properly prevent modification of the ciphersuite in\n the session cache, which allows remote attackers to\n force the downgrade to an unintended cipher via vectors\n involving sniffing network traffic to discover a session\n identifier. (CVE-2010-4180)\n\n - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0\n through 1.0.0c allows remote attackers to cause a denial\n of service (crash), and possibly obtain sensitive\n information in applications that use OpenSSL, via a\n malformed ClientHello handshake message that triggers an\n out-of-bounds memory access, aka OCSP stapling\n vulnerability. (CVE-2011-0014)\n\n - crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e\n does not initialize certain structure members, which\n makes it easier for remote attackers to bypass CRL\n validation by using a nextUpdate value corresponding to\n a time in the past. (CVE-2011-3207)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS\n applications, which allows remote attackers to cause a\n denial of service (crash) via unspecified vectors\n related to an out-of-bounds read. NOTE: this\n vulnerability exists because of an incorrect fix for\n CVE-2011-4108. (CVE-2012-0050)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c\n in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1\n before 1.0.1a does not properly interpret integer data,\n which allows remote attackers to conduct buffer overflow\n attacks, and cause a denial of service (memory\n corruption) or possibly have unspecified other impact,\n via crafted DER data, as demonstrated by an X.509\n certificate or an RSA public key. (CVE-2012-2110)\n\n - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL\n 1.0.1 before 1.0.1f allows remote TLS servers to cause a\n denial of service (NULL pointer dereference and\n application crash) via a crafted Next Protocol\n Negotiation record in a TLS handshake. (CVE-2013-4353)\n\n - The ssl_get_algorithm2 function in ssl/s3_lib.c in\n OpenSSL before 1.0.2 obtains a certain version number\n from an incorrect data structure, which allows remote\n attackers to cause a denial of service (daemon crash)\n via crafted traffic from a TLS 1.2 client.\n (CVE-2013-6449)\n\n - The DTLS retransmission implementation in OpenSSL 1.0.0\n before 1.0.0l and 1.0.1 before 1.0.1f does not properly\n maintain data structures for digest and encryption\n contexts, which might allow man-in-the-middle attackers\n to trigger the use of a different context and cause a\n denial of service (application crash) by interfering\n with packet delivery, related to ssl/d1_both.c and\n ssl/t1_enc.c. (CVE-2013-6450)\n\n - An information disclosure flaw was found in the way\n OpenSSL handled TLS and DTLS Heartbeat Extension\n packets. A malicious TLS or DTLS client or server could\n send a specially crafted TLS or DTLS Heartbeat packet to\n disclose a limited portion of memory per request from a\n connected client or server. Note that the disclosed\n portions of memory could potentially include sensitive\n information such as private keys. (CVE-2014-0160)\n\n - A flaw was found in the way SSL 3.0 handled padding\n bytes when decrypting messages encrypted using block\n ciphers in cipher block chaining (CBC) mode. This flaw\n allows a man-in-the-middle (MITM) attacker to decrypt a\n selected byte of a cipher text in as few as 256 tries if\n they are able to force a victim application to\n repeatedly send the same data over newly created SSL 3.0\n connections. (CVE-2014-3566)\n\n - A flaw was found in the way the DES/3DES cipher was used\n as part of the TLS/SSL protocol. A man-in-the-middle\n attacker could use this flaw to recover some plaintext\n data by capturing large amounts of encrypted traffic\n between TLS/SSL server and client if the communication\n used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0033\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2006-3738\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-2183\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 287, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"openssl-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-crypto-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-debuginfo-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-devel-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-libs-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-perl-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-static-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\"\n ],\n \"CGSL MAIN 5.04\": [\n \"openssl-1.0.2k-12.el7.cgslv5\",\n \"openssl-debuginfo-1.0.2k-12.el7.cgslv5\",\n \"openssl-devel-1.0.2k-12.el7.cgslv5\",\n \"openssl-libs-1.0.2k-12.el7.cgslv5\",\n \"openssl-perl-1.0.2k-12.el7.cgslv5\",\n \"openssl-static-1.0.2k-12.el7.cgslv5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:22:32", "description": "According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request.(CVE-2015-0288)\n\n - Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.(CVE-2007-4995)\n\n - An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note:\n this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded.(CVE-2015-0292)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.(CVE-2010-4180)\n\n - OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.(CVE-2009-3245)\n\n - The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.(CVE-2010-0742)\n\n - Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.(CVE-2010-5298)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.(CVE-2007-3108)\n\n - A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server.(CVE-2014-3567)\n\n - It was discovered that OpenSSL would perform an ECDH key exchange with a non-ephemeral key even when the ephemeral ECDH cipher suite was selected. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method than the one requested by the user.(CVE-2014-3572)\n\n - A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash.(CVE-2014-0221)\n\n - A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw.(CVE-2015-1790)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the 'Lucky Thirteen' issue.(CVE-2013-0169)\n\n - OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.(CVE-2008-5077)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a 'plaintext injection' attack, aka the 'Project Mogul' issue.(CVE-2009-3555)\n\n - Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka 'DTLS fragment handling memory leak.'(CVE-2009-1378)\n\n - The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a 'fragment bug.'(CVE-2009-1387)\n\n - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected.\n Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.(CVE-2017-3736)\n\n - A flaw was discovered in the way OpenSSL handled DTLS packets. A remote attacker could use this flaw to cause a DTLS server or client using OpenSSL to crash or use excessive amounts of memory.(CVE-2014-3505)\n\n - The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.(CVE-2014-0195)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1547)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3108", "CVE-2007-4995", "CVE-2008-5077", "CVE-2009-1378", "CVE-2009-1387", "CVE-2009-3245", "CVE-2009-3555", "CVE-2010-0742", "CVE-2010-4180", "CVE-2010-5298", "CVE-2013-0169", "CVE-2014-0195", "CVE-2014-0221", "CVE-2014-3505", "CVE-2014-3567", "CVE-2014-3572", "CVE-2015-0288", "CVE-2015-0292", "CVE-2015-1790", "CVE-2017-3736"], "modified": "2021-02-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1547.NASL", "href": "https://www.tenable.com/plugins/nessus/125000", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125000);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/08\");\n\n script_cve_id(\n \"CVE-2007-3108\",\n \"CVE-2007-4995\",\n \"CVE-2008-5077\",\n \"CVE-2009-1378\",\n \"CVE-2009-1387\",\n \"CVE-2009-3245\",\n \"CVE-2009-3555\",\n \"CVE-2010-0742\",\n \"CVE-2010-4180\",\n \"CVE-2010-5298\",\n \"CVE-2013-0169\",\n \"CVE-2014-0195\",\n \"CVE-2014-0221\",\n \"CVE-2014-3505\",\n \"CVE-2014-3567\",\n \"CVE-2014-3572\",\n \"CVE-2015-0288\",\n \"CVE-2015-0292\",\n \"CVE-2015-1790\",\n \"CVE-2017-3736\"\n );\n script_bugtraq_id(\n 33150,\n 35001,\n 35417,\n 36935,\n 38562,\n 40502,\n 45164,\n 57778,\n 66801,\n 67900,\n 67901,\n 69081,\n 70586,\n 71942,\n 73196,\n 73228,\n 73237,\n 75157\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1547)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A NULL pointer dereference flaw was found in OpenSSL's\n X.509 certificate handling implementation. A specially\n crafted X.509 certificate could cause an application\n using OpenSSL to crash if the application attempted to\n convert the certificate to a certificate\n request.(CVE-2015-0288)\n\n - Off-by-one error in the DTLS implementation in OpenSSL\n 0.9.8 before 0.9.8f allows remote attackers to execute\n arbitrary code via unspecified vectors.(CVE-2007-4995)\n\n - An integer underflow flaw, leading to a buffer\n overflow, was found in the way OpenSSL decoded\n malformed Base64-encoded inputs. An attacker able to\n make an application using OpenSSL decode a specially\n crafted Base64-encoded input (such as a PEM file) could\n use this flaw to cause the application to crash. Note:\n this flaw is not exploitable via the TLS/SSL protocol\n because the data being transferred is not\n Base64-encoded.(CVE-2015-0292)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when\n SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled,\n does not properly prevent modification of the\n ciphersuite in the session cache, which allows remote\n attackers to force the downgrade to an unintended\n cipher via vectors involving sniffing network traffic\n to discover a session identifier.(CVE-2010-4180)\n\n - OpenSSL before 0.9.8m does not check for a NULL return\n value from bn_wexpand function calls in (1)\n crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3)\n crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which\n has unspecified impact and context-dependent attack\n vectors.(CVE-2009-3245)\n\n - The Cryptographic Message Syntax (CMS) implementation\n in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and\n 1.x before 1.0.0a does not properly handle structures\n that contain OriginatorInfo, which allows\n context-dependent attackers to modify invalid memory\n locations or conduct double-free attacks, and possibly\n execute arbitrary code, via unspecified\n vectors.(CVE-2010-0742)\n\n - Race condition in the ssl3_read_bytes function in\n s3_pkt.c in OpenSSL through 1.0.1g, when\n SSL_MODE_RELEASE_BUFFERS is enabled, allows remote\n attackers to inject data across sessions or cause a\n denial of service (use-after-free and parsing error)\n via an SSL connection in a multithreaded\n environment.(CVE-2010-5298)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c\n in OpenSSL 0.9.8e and earlier does not properly perform\n Montgomery multiplication, which might allow local\n users to conduct a side-channel attack and retrieve RSA\n private keys.(CVE-2007-3108)\n\n - A memory leak flaw was found in the way an OpenSSL\n handled failed session ticket integrity checks. A\n remote attacker could exhaust all available memory of\n an SSL/TLS or DTLS server by sending a large number of\n invalid session tickets to that server.(CVE-2014-3567)\n\n - It was discovered that OpenSSL would perform an ECDH\n key exchange with a non-ephemeral key even when the\n ephemeral ECDH cipher suite was selected. A malicious\n server could make a TLS/SSL client using OpenSSL use a\n weaker key exchange method than the one requested by\n the user.(CVE-2014-3572)\n\n - A denial of service flaw was found in the way OpenSSL\n handled certain DTLS ServerHello requests. A specially\n crafted DTLS handshake packet could cause a DTLS client\n using OpenSSL to crash.(CVE-2014-0221)\n\n - A NULL pointer dereference was found in the way OpenSSL\n handled certain PKCS#7 inputs. An attacker able to make\n an application using OpenSSL verify, decrypt, or parse\n a specially crafted PKCS#7 input could cause that\n application to crash. TLS/SSL clients and servers using\n OpenSSL were not affected by this flaw.(CVE-2015-1790)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing\n side-channel attacks on a MAC check requirement during\n the processing of malformed CBC padding, which allows\n remote attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the 'Lucky\n Thirteen' issue.(CVE-2013-0169)\n\n - OpenSSL 0.9.8i and earlier does not properly check the\n return value from the EVP_VerifyFinal function, which\n allows remote attackers to bypass validation of the\n certificate chain via a malformed SSL/TLS signature for\n DSA and ECDSA keys.(CVE-2008-5077)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly\n earlier, as used in Microsoft Internet Information\n Services (IIS) 7.0, mod_ssl in the Apache HTTP Server\n 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5\n and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, multiple Cisco products, and other\n products, does not properly associate renegotiation\n handshakes with an existing connection, which allows\n man-in-the-middle attackers to insert data into HTTPS\n sessions, and possibly other types of sessions\n protected by TLS or SSL, by sending an unauthenticated\n request that is processed retroactively by a server in\n a post-renegotiation context, related to a 'plaintext\n injection' attack, aka the 'Project Mogul'\n issue.(CVE-2009-3555)\n\n - Multiple memory leaks in the\n dtls1_process_out_of_seq_message function in\n ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8\n versions allow remote attackers to cause a denial of\n service (memory consumption) via DTLS records that (1)\n are duplicates or (2) have sequence numbers much\n greater than current sequence numbers, aka 'DTLS\n fragment handling memory leak.'(CVE-2009-1378)\n\n - The dtls1_retrieve_buffered_fragment function in\n ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows\n remote attackers to cause a denial of service (NULL\n pointer dereference and daemon crash) via an\n out-of-sequence DTLS handshake message, related to a\n 'fragment bug.'(CVE-2009-1387)\n\n - There is a carry propagating bug in the x86_64\n Montgomery squaring procedure in OpenSSL before 1.0.2m\n and 1.1.0 before 1.1.0g. No EC algorithms are affected.\n Analysis suggests that attacks against RSA and DSA as a\n result of this defect would be very difficult to\n perform and are not believed likely. Attacks against DH\n are considered just feasible (although very difficult)\n because most of the work necessary to deduce\n information about a private key may be performed\n offline. The amount of resources required for such an\n attack would be very significant and likely only\n accessible to a limited number of attackers. An\n attacker would additionally need online access to an\n unpatched system using the target private key in a\n scenario with persistent DH parameters and a private\n key that is shared between multiple clients. This only\n affects processors that support the BMI1, BMI2 and ADX\n extensions like Intel Broadwell (5th generation) and\n later or AMD Ryzen.(CVE-2017-3736)\n\n - A flaw was discovered in the way OpenSSL handled DTLS\n packets. A remote attacker could use this flaw to cause\n a DTLS server or client using OpenSSL to crash or use\n excessive amounts of memory.(CVE-2014-3505)\n\n - The dtls1_reassemble_fragment function in d1_both.c in\n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1\n before 1.0.1h does not properly validate fragment\n lengths in DTLS ClientHello messages, which allows\n remote attackers to execute arbitrary code or cause a\n denial of service (buffer overflow and application\n crash) via a long non-initial fragment.(CVE-2014-0195)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1547\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?21e8b4ff\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(20, 189, 310, 399);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h5\",\n \"openssl-devel-1.0.2k-16.h5\",\n \"openssl-libs-1.0.2k-16.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-17T15:04:00", "description": "Versions of Mac OS X 10.6 earlier than 10.6.8 are potentially affected by a security issue. Mac OS X 10.6.8 contains a security fix for the following products :\n\n - App Store\n\n - ATS\n\n - Certificate Trust Policy\n\n - CoreFoundation\n\n - CoreGraphics\n\n - FTP Server\n\n - ImageIO\n\n - International Components for Unicode\n\n - Kernel\n\n - Libsystem\n\n - libxslt\n\n - MobileMe\n\n - MySQL\n\n - OpenSSL\n\n - patch\n\n - QuickLook\n\n - QuickTime\n\n - Samba\n\n - servermgrd\n\n - subversion", "cvss3": {}, "published": "2011-06-23T00:00:00", "type": "nessus", "title": "Mac OS X 10.6 < 10.6.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3245", "CVE-2010-0740", "CVE-2010-2632", "CVE-2010-3677", "CVE-2010-3682", "CVE-2010-3790", "CVE-2010-3833", "CVE-2010-3834", "CVE-2010-3835", "CVE-2010-3836", "CVE-2010-3837", "CVE-2010-3838", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-4651", "CVE-2011-0014", "CVE-2011-0195", "CVE-2011-0197", "CVE-2011-0198", "CVE-2011-0199", "CVE-2011-0201", "CVE-2011-0202", "CVE-2011-0203", "CVE-2011-0204", "CVE-2011-0205", "CVE-2011-0206", "CVE-2011-0207", "CVE-2011-0208", "CVE-2011-0209", "CVE-2011-0210", "CVE-2011-0211", "CVE-2011-0212", "CVE-2011-0213", "CVE-2011-0715", "CVE-2011-0719", "CVE-2011-1132"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "5968.PRM", "href": "https://www.tenable.com/plugins/nnm/5968", "sourceData": "Binary data 5968.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:33:16", "description": "The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.8. This update contains security-related fixes for the following components :\n\n - App Store\n - ATS\n - Certificate Trust Policy\n - CoreFoundation\n - CoreGraphics\n - FTP Server\n - ImageIO\n - International Components for Unicode\n - Kernel\n - Libsystem\n - libxslt\n - MobileMe\n - MySQL\n - OpenSSL\n - patch\n - QuickLook\n - QuickTime\n - Samba\n - servermgrd\n - subversion", "cvss3": {}, "published": "2011-06-24T00:00:00", "type": "nessus", "title": "Mac OS X 10.6.x < 10.6.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3245", "CVE-2010-0740", "CVE-2010-2632", "CVE-2010-3677", "CVE-2010-3682", "CVE-2010-3790", "CVE-2010-3833", "CVE-2010-3834", "CVE-2010-3835", "CVE-2010-3836", "CVE-2010-3837", "CVE-2010-3838", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-4651", "CVE-2011-0014", "CVE-2011-0195", "CVE-2011-0197", "CVE-2011-0198", "CVE-2011-0199", "CVE-2011-0201", "CVE-2011-0202", "CVE-2011-0203", "CVE-2011-0204", "CVE-2011-0205", "CVE-2011-0206", "CVE-2011-0207", "CVE-2011-0208", "CVE-2011-0209", "CVE-2011-0210", "CVE-2011-0211", "CVE-2011-0212", "CVE-2011-0213", "CVE-2011-0715", "CVE-2011-0719", "CVE-2011-1132"], "modified": "2018-08-22T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_6_8.NASL", "href": "https://www.tenable.com/plugins/nessus/55416", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55416);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/08/22 16:49:14\");\n\n script_cve_id(\n \"CVE-2009-3245\",\n \"CVE-2010-0740\",\n \"CVE-2010-2632\",\n \"CVE-2010-3677\",\n \"CVE-2010-3682\",\n \"CVE-2010-3790\",\n \"CVE-2010-3833\",\n \"CVE-2010-3834\",\n \"CVE-2010-3835\",\n \"CVE-2010-3836\",\n \"CVE-2010-3837\",\n \"CVE-2010-3838\",\n \"CVE-2010-3864\",\n \"CVE-2010-4180\",\n \"CVE-2010-4651\",\n \"CVE-2011-0014\",\n \"CVE-2011-0195\",\n \"CVE-2011-0197\",\n \"CVE-2011-0198\",\n \"CVE-2011-0199\",\n \"CVE-2011-0201\",\n \"CVE-2011-0202\",\n \"CVE-2011-0203\",\n \"CVE-2011-0204\",\n \"CVE-2011-0205\",\n \"CVE-2011-0206\",\n \"CVE-2011-0207\",\n \"CVE-2011-0208\",\n \"CVE-2011-0209\",\n \"CVE-2011-0210\",\n \"CVE-2011-0211\",\n \"CVE-2011-0212\",\n \"CVE-2011-0213\",\n \"CVE-2011-0715\",\n \"CVE-2011-0719\",\n \"CVE-2011-1132\"\n );\n script_bugtraq_id(\n 38562,\n 39013,\n 42599,\n 42646,\n 43676,\n 43819,\n 44794,\n 44884,\n 45164,\n 46264,\n 46597,\n 46734,\n 46768,\n 47668,\n 48418,\n 48419,\n 48420,\n 48422,\n 48426,\n 48427,\n 48429,\n 48430,\n 48436,\n 48437,\n 48439,\n 48440,\n 48442,\n 48443,\n 48444,\n 48445,\n 48447\n );\n\n script_name(english:\"Mac OS X 10.6.x < 10.6.8 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is running a version of Mac OS X 10.6.x that is prior\nto 10.6.8. This update contains security-related fixes for the\nfollowing components :\n\n - App Store\n - ATS\n - Certificate Trust Policy\n - CoreFoundation\n - CoreGraphics\n - FTP Server\n - ImageIO\n - International Components for Unicode\n - Kernel\n - Libsystem\n - libxslt\n - MobileMe\n - MySQL\n - OpenSSL\n - patch\n - QuickLook\n - QuickTime\n - Samba\n - servermgrd\n - subversion\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT4723\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2011/Jun/msg00000.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Mac OS X 10.6.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20);\n; # CVE-2009-3245\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item(\"Host/OS\");\n if (isnull(os)) exit(0, \"The 'Host/OS' KB item is missing.\");\n if (\"Mac OS X\" >!< os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6($|\\.[0-7]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:31:59", "description": "Versions of Mac OS X 10.6 earlier than 10.6.8 are potentially affected by a security issue. Mac OS X 10.6.8 contains a security fix for the following products :\n\n - App Store\n\n - ATS\n\n - Certificate Trust Policy\n\n - CoreFoundation\n\n - CoreGraphics\n\n - FTP Server\n\n - ImageIO\n\n - International Components for Unicode\n\n - Kernel\n\n - Libsystem\n\n - libxslt\n\n - MobileMe\n\n - MySQL\n\n - OpenSSL\n\n - patch\n\n - QuickLook\n\n - QuickTime\n\n - Samba\n\n - servermgrd\n\n - subversion\nIAVA Reference : 2011-A-0160\nIAVB Reference : 2012-B-0038\nSTIG Finding Severity : Category I", "cvss3": {}, "published": "2011-06-23T00:00:00", "type": "nessus", "title": "Mac OS X 10.6 < 10.6.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3245", "CVE-2010-0740", "CVE-2010-2632", "CVE-2010-3677", "CVE-2010-3682", "CVE-2010-3790", "CVE-2010-3833", "CVE-2010-3834", "CVE-2010-3835", "CVE-2010-3836", "CVE-2010-3837", "CVE-2010-3838", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-4651", "CVE-2011-0014", "CVE-2011-0195", "CVE-2011-0197", "CVE-2011-0198", "CVE-2011-0199", "CVE-2011-0201", "CVE-2011-0202", "CVE-2011-0203", "CVE-2011-0204", "CVE-2011-0205", "CVE-2011-0206", "CVE-2011-0207", "CVE-2011-0208", "CVE-2011-0209", "CVE-2011-0210", "CVE-2011-0211", "CVE-2011-0212", "CVE-2011-0213", "CVE-2011-0715", "CVE-2011-0719", "CVE-2011-1132"], "modified": "2011-06-23T00:00:00", "cpe": [], "id": "800790.PRM", "href": "https://www.tenable.com/plugins/lce/800790", "sourceData": "Binary data 800790.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:22:59", "description": "a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3\n\n Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address multiple security issues that exist in the earlier releases of Microsoft SQL Express.\n\n Customers using other database solutions need not update for these issues.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086, CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL Express Service Pack 3.\n\nb. vCenter Apache Tomcat Management Application Credential Disclosure\n\n The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local users.\n\n The issue is resolved by removing the Manager application in vCenter 4.1 Update 1.\n\n If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon credentials are not present in the configuration file after the update.\n\n VMware would like to thank Claudio Criscione of Secure Networking for reporting this issue to us.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-2928 to this issue.\n\nc. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21\n\n Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name to the security issue fixed in Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886.\n\nd. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26\n\n Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566, CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573, CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555, CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562, CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572, CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541, CVE-2010-3574.\n\ne. vCenter Server and ESX Apache Tomcat updated to version 6.0.28\n\n Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache Tomcat\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i and CVE-2009-3548.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157.\n\nf. vCenter Server third-party component OpenSSL updated to version 0.9.8n\n\n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0740 and CVE-2010-0433 to the issues addressed in this version of OpenSSL.\n\ng. ESX third-party component OpenSSL updated to version 0.9.8p\n\n The version of the ESX OpenSSL library is updated to 0.9.8p.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3864 and CVE-2010-2939 to the issues addressed in this update.\n\nh. ESXi third-party component cURL updated\n\n The version of cURL library in ESXi is updated.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to the issues addressed in this update.\n\ni. ESX third-party component pam_krb5 updated\n\n The version of pam_krb5 library is updated.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3825 and CVE-2009-1384 to the issues addressed in the update.\n\nj. ESX third-party update for Service Console kernel\n\n The Service Console kernel is updated to include kernel version 2.6.18-194.11.1.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070, CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524, CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086, CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437, CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and CVE-2010-3081 to the issues addressed in the update.\n\n Notes :\n - The update also addresses the 64-bit compatibility mode stack pointer underflow issue identified by CVE-2010-3081. This issue was patched in an ESX 4.1 patch prior to the release of ESX 4.1 Update 1 and in a previous ESX 4.0 patch release.\n - The update also addresses CVE-2010-2240 for ESX 4.0.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2011-02-14T00:00:00", "type": "nessus", "title": "VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0085", "CVE-2008-0086", "CVE-2008-0106", "CVE-2008-0107", "CVE-2008-3825", "CVE-2008-5416", "CVE-2009-1384", "CVE-2009-2693", "CVE-2009-2901", "CVE-2009-2902", "CVE-2009-3548", "CVE-2009-3555", "CVE-2009-4308", "CVE-2010-0003", "CVE-2010-0007", "CVE-2010-0008", "CVE-2010-0082", "CVE-2010-0084", "CVE-2010-0085", "CVE-2010-0087", "CVE-2010-0088", "CVE-2010-0089", "CVE-2010-0090", "CVE-2010-0091", "CVE-2010-0092", "CVE-2010-0093", "CVE-2010-0094", "CVE-2010-0095", "CVE-2010-0291", "CVE-2010-0307", "CVE-2010-0410", "CVE-2010-0415", "CVE-2010-0433", "CVE-2010-0437", "CVE-2010-0622", "CVE-2010-0730", "CVE-2010-0734", "CVE-2010-0740", "CVE-2010-0837", "CVE-2010-0838", "CVE-2010-0839", "CVE-2010-0840", "CVE-2010-0841", "CVE-2010-0842", "CVE-2010-0843", "CVE-2010-0844", "CVE-2010-0845", "CVE-2010-0846", "CVE-2010-0847", "CVE-2010-0848", "CVE-2010-0849", "CVE-2010-0850", "CVE-2010-0886", "CVE-2010-1084", "CVE-2010-1085", "CVE-2010-1086", "CVE-2010-1087", "CVE-2010-1088", "CVE-2010-1157", "CVE-2010-1173", "CVE-2010-1187", "CVE-2010-1321", "CVE-2010-1436", "CVE-2010-1437", "CVE-2010-1641", "CVE-2010-2066", "CVE-2010-2070", "CVE-2010-2226", "CVE-2010-2227", "CVE-2010-2240", "CVE-2010-2248", "CVE-2010-2521", "CVE-2010-2524", "CVE-2010-2928", "CVE-2010-2939", "CVE-2010-3081", "CVE-2010-3541", "CVE-2010-3548", "CVE-2010-3549", "CVE-2010-3550", "CVE-2010-3551", "CVE-2010-3553", "CVE-2010-3554", "CVE-2010-3556", "CVE-2010-3557", "CVE-2010-3559", "CVE-2010-3561", "CVE-2010-3562", "CVE-2010-3565", "CVE-2010-3566", "CVE-2010-3567", "CVE-2010-3568", "CVE-2010-3569", "CVE-2010-3571", "CVE-2010-3572", "CVE-2010-3573", "CVE-2010-3574", "CVE-2010-3864"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:vmware:esx:4.0", "cpe:/o:vmware:esx:4.1", "cpe:/o:vmware:esxi:4.0", "cpe:/o:vmware:esxi:4.1"], "id": "VMWARE_VMSA-2011-0003.NASL", "href": "https://www.tenable.com/plugins/nessus/51971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2011-0003. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51971);\n script_version(\"1.46\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2008-0085\",\n \"CVE-2008-0086\",\n \"CVE-2008-0106\",\n \"CVE-2008-0107\",\n \"CVE-2008-3825\",\n \"CVE-2008-5416\",\n \"CVE-2009-1384\",\n \"CVE-2009-2693\",\n \"CVE-2009-2901\",\n \"CVE-2009-2902\",\n \"CVE-2009-3548\",\n \"CVE-2009-3555\",\n \"CVE-2009-4308\",\n \"CVE-2010-0003\",\n \"CVE-2010-0007\",\n \"CVE-2010-0008\",\n \"CVE-2010-0082\",\n \"CVE-2010-0084\",\n \"CVE-2010-0085\",\n \"CVE-2010-0087\",\n \"CVE-2010-0088\",\n \"CVE-2010-0089\",\n \"CVE-2010-0090\",\n \"CVE-2010-0091\",\n \"CVE-2010-0092\",\n \"CVE-2010-0093\",\n \"CVE-2010-0094\",\n \"CVE-2010-0095\",\n \"CVE-2010-0291\",\n \"CVE-2010-0307\",\n \"CVE-2010-0410\",\n \"CVE-2010-0415\",\n \"CVE-2010-0433\",\n \"CVE-2010-0437\",\n \"CVE-2010-0622\",\n \"CVE-2010-0730\",\n \"CVE-2010-0734\",\n \"CVE-2010-0740\",\n \"CVE-2010-0837\",\n \"CVE-2010-0838\",\n \"CVE-2010-0839\",\n \"CVE-2010-0840\",\n \"CVE-2010-0841\",\n \"CVE-2010-0842\",\n \"CVE-2010-0843\",\n \"CVE-2010-0844\",\n \"CVE-2010-0845\",\n \"CVE-2010-0846\",\n \"CVE-2010-0847\",\n \"CVE-2010-0848\",\n \"CVE-2010-0849\",\n \"CVE-2010-0850\",\n \"CVE-2010-0886\",\n \"CVE-2010-1084\",\n \"CVE-2010-1085\",\n \"CVE-2010-1086\",\n \"CVE-2010-1087\",\n \"CVE-2010-1088\",\n \"CVE-2010-1157\",\n \"CVE-2010-1173\",\n \"CVE-2010-1187\",\n \"CVE-2010-1321\",\n \"CVE-2010-1436\",\n \"CVE-2010-1437\",\n \"CVE-2010-1641\",\n \"CVE-2010-2066\",\n \"CVE-2010-2070\",\n \"CVE-2010-2226\",\n \"CVE-2010-2227\",\n \"CVE-2010-2240\",\n \"CVE-2010-2248\",\n \"CVE-2010-2521\",\n \"CVE-2010-2524\",\n \"CVE-2010-2928\",\n \"CVE-2010-2939\",\n \"CVE-2010-3081\",\n \"CVE-2010-3541\",\n \"CVE-2010-3548\",\n \"CVE-2010-3549\",\n \"CVE-2010-3550\",\n \"CVE-2010-3551\",\n \"CVE-2010-3553\",\n \"CVE-2010-3554\",\n \"CVE-2010-3556\",\n \"CVE-2010-3557\",\n \"CVE-2010-3559\",\n \"CVE-2010-3561\",\n \"CVE-2010-3562\",\n \"CVE-2010-3565\",\n \"CVE-2010-3566\",\n \"CVE-2010-3567\",\n \"CVE-2010-3568\",\n \"CVE-2010-3569\",\n \"CVE-2010-3571\",\n \"CVE-2010-3572\",\n \"CVE-2010-3573\",\n \"CVE-2010-3574\",\n \"CVE-2010-3864\"\n );\n script_bugtraq_id(\n 30082,\n 30083,\n 30118,\n 30119,\n 31534,\n 32710,\n 35112,\n 36935,\n 36954,\n 37724,\n 37762,\n 37906,\n 37942,\n 37944,\n 37945,\n 38027,\n 38058,\n 38144,\n 38162,\n 38165,\n 38185,\n 38348,\n 38479,\n 38533,\n 38857,\n 38898,\n 39013,\n 39044,\n 39062,\n 39067,\n 39068,\n 39069,\n 39070,\n 39071,\n 39072,\n 39073,\n 39075,\n 39077,\n 39078,\n 39081,\n 39082,\n 39083,\n 39084,\n 39085,\n 39086,\n 39088,\n 39089,\n 39090,\n 39091,\n 39093,\n 39094,\n 39095,\n 39096,\n 39120,\n 39492,\n 39569,\n 39635,\n 39715,\n 39719,\n 39794,\n 39979,\n 40235,\n 40356,\n 40776,\n 40920,\n 41466,\n 41544,\n 41904,\n 42242,\n 42249,\n 42306,\n 43239,\n 43965,\n 43971,\n 43979,\n 43985,\n 43988,\n 43992,\n 43994,\n 44009,\n 44011,\n 44012,\n 44013,\n 44014,\n 44016,\n 44017,\n 44026,\n 44027,\n 44028,\n 44030,\n 44032,\n 44035,\n 44040,\n 44884\n );\n script_xref(name:\"VMSA\", value:\"2011-0003\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote VMware ESXi / ESX host is missing one or more\nsecurity-related patches.\");\n script_set_attribute(attribute:\"description\", value:\n\"a. vCenter Server and vCenter Update Manager update Microsoft\n SQL Server 2005 Express Edition to Service Pack 3\n\n Microsoft SQL Server 2005 Express Edition (SQL Express)\n distributed with vCenter Server 4.1 Update 1 and vCenter Update\n Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2\n to SQL Express Service Pack 3, to address multiple security\n issues that exist in the earlier releases of Microsoft SQL Express.\n\n Customers using other database solutions need not update for\n these issues.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086,\n CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL\n Express Service Pack 3.\n\nb. vCenter Apache Tomcat Management Application Credential Disclosure\n\n The Apache Tomcat Manager application configuration file contains\n logon credentials that can be read by unprivileged local users.\n\n The issue is resolved by removing the Manager application in\n vCenter 4.1 Update 1.\n\n If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon\n credentials are not present in the configuration file after the\n update.\n\n VMware would like to thank Claudio Criscione of Secure Networking\n for reporting this issue to us.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-2928 to this issue.\n\nc. vCenter Server and ESX, Oracle (Sun) JRE is updated to version\n 1.6.0_21\n\n Oracle (Sun) JRE update to version 1.6.0_21, which addresses\n multiple security issues that existed in earlier releases of\n Oracle (Sun) JRE.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082,\n CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088,\n CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092,\n CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837,\n CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841,\n CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845,\n CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849,\n CVE-2010-0850.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following name to the security issue fixed in\n Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886.\n\nd. vCenter Update Manager Oracle (Sun) JRE is updated to version\n 1.5.0_26\n\n Oracle (Sun) JRE update to version 1.5.0_26, which addresses\n multiple security issues that existed in earlier releases of\n Oracle (Sun) JRE.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566,\n CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573,\n CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555,\n CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562,\n CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572,\n CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541,\n CVE-2010-3574.\n\ne. vCenter Server and ESX Apache Tomcat updated to version 6.0.28\n\n Apache Tomcat updated to version 6.0.28, which addresses multiple\n security issues that existed in earlier releases of Apache Tomcat\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i\n and CVE-2009-3548.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157.\n\nf. vCenter Server third-party component OpenSSL updated to version\n 0.9.8n\n\n The version of the OpenSSL library in vCenter Server is updated to\n 0.9.8n.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0740 and CVE-2010-0433 to the\n issues addressed in this version of OpenSSL.\n\ng. ESX third-party component OpenSSL updated to version 0.9.8p\n\n The version of the ESX OpenSSL library is updated to 0.9.8p.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-3864 and CVE-2010-2939 to the\n issues addressed in this update.\n\nh. ESXi third-party component cURL updated\n\n The version of cURL library in ESXi is updated.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-0734 to the issues addressed in\n this update.\n\ni. ESX third-party component pam_krb5 updated\n\n The version of pam_krb5 library is updated.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-3825 and CVE-2009-1384 to the\n issues addressed in the update.\n\nj. ESX third-party update for Service Console kernel\n\n The Service Console kernel is updated to include kernel version\n 2.6.18-194.11.1.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070,\n CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524,\n CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308,\n CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086,\n CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291,\n CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437,\n CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and\n CVE-2010-3081 to the issues addressed in the update.\n\n Notes :\n - The update also addresses the 64-bit compatibility mode\n stack pointer underflow issue identified by CVE-2010-3081. This\n issue was patched in an ESX 4.1 patch prior to the release of\n ESX 4.1 Update 1 and in a previous ESX 4.0 patch release.\n - The update also addresses CVE-2010-2240 for ESX 4.0.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.vmware.com/pipermail/security-announce/2011/000140.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sun Java Web Start Plugin Command Line Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(20, 22, 119, 189, 200, 255, 264, 287, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:4.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2011-02-10\");\nflag = 0;\n\n\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-201103401-SG\",\n patch_updates : make_list(\"ESX400-201104401-SG\", \"ESX400-201110401-SG\", \"ESX400-201111201-SG\", \"ESX400-201203401-SG\", \"ESX400-201205401-SG\", \"ESX400-201206401-SG\", \"ESX400-201209401-SG\", \"ESX400-201302401-SG\", \"ESX400-201305401-SG\", \"ESX400-201310401-SG\", \"ESX400-201404401-SG\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-201103403-SG\",\n patch_updates : make_list(\"ESX400-201111201-SG\", \"ESX400-201203401-SG\", \"ESX400-201205401-SG\", \"ESX400-201206401-SG\", \"ESX400-201209401-SG\", \"ESX400-201302401-SG\", \"ESX400-201305401-SG\", \"ESX400-201310401-SG\", \"ESX400-201404401-SG\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESX 4.1\",\n patch : \"ESX410-201101201-SG\",\n patch_updates : make_list(\"ESX40-TO-ESX41UPDATE01\", \"ESX410-201104401-SG\", \"ESX410-201110201-SG\", \"ESX410-201201401-SG\", \"ESX410-201204401-SG\", \"ESX410-201205401-SG\", \"ESX410-201206401-SG\", \"ESX410-201208101-SG\", \"ESX410-201211401-SG\", \"ESX410-201301401-SG\", \"ESX410-201304401-SG\", \"ESX410-201307401-SG\", \"ESX410-201312401-SG\", \"ESX410-201404401-SG\", \"ESX410-Update01\", \"ESX410-Update02\", \"ESX410-Update03\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESXi 4.0\",\n patch : \"ESXi400-201103401-SG\",\n patch_updates : make_list(\"ESXi400-201104401-SG\", \"ESXi400-201110401-SG\", \"ESXi400-201203401-SG\", \"ESXi400-201205401-SG\", \"ESXi400-201206401-SG\", \"ESXi400-201209401-SG\", \"ESXi400-201302401-SG\", \"ESXi400-201305401-SG\", \"ESXi400-201310401-SG\", \"ESXi400-201404401-SG\", \"ESXi400-Update03\", \"ESXi400-Update04\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESXi 4.1\",\n patch : \"ESXi410-201101201-SG\",\n patch_updates : make_list(\"ESXi410-201104401-SG\", \"ESXi410-201110201-SG\", \"ESXi410-201201401-SG\", \"ESXi410-201204401-SG\", \"ESXi410-201205401-SG\", \"ESXi410-201206401-SG\", \"ESXi410-201208101-SG\", \"ESXi410-201211401-SG\", \"ESXi410-201301401-SG\", \"ESXi410-201304401-SG\", \"ESXi410-201307401-SG\", \"ESXi410-201312401-SG\", \"ESXi410-201404401-SG\", \"ESXi410-Update01\", \"ESXi410-Update02\", \"ESXi410-Update03\")\n )\n) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:35:27", "description": "The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries :\n\n - Apache Tomcat \n - Apache Tomcat Manager\n - cURL \n - Java Runtime Environment (JRE)\n - Kernel \n - Microsoft SQL Express\n - OpenSSL\n - pam_krb5", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0085", "CVE-2008-0086", "CVE-2008-0106", "CVE-2008-0107", "CVE-2008-3825", "CVE-2008-5416", "CVE-2009-1384", "CVE-2009-2693", "CVE-2009-2901", "CVE-2009-2902", "CVE-2009-3548", "CVE-2009-3555", "CVE-2009-4308", "CVE-2010-0003", "CVE-2010-0007", "CVE-2010-0008", "CVE-2010-0082", "CVE-2010-0084", "CVE-2010-0085", "CVE-2010-0087", "CVE-2010-0088", "CVE-2010-0089", "CVE-2010-0090", "CVE-2010-0091", "CVE-2010-0092", "CVE-2010-0093", "CVE-2010-0094", "CVE-2010-0095", "CVE-2010-0291", "CVE-2010-0307", "CVE-2010-0410", "CVE-2010-0415", "CVE-2010-0433", "CVE-2010-0437", "CVE-2010-0622", "CVE-2010-0730", "CVE-2010-0734", "CVE-2010-0740", "CVE-2010-0837", "CVE-2010-0838", "CVE-2010-0839", "CVE-2010-0840", "CVE-2010-0841", "CVE-2010-0842", "CVE-2010-0843", "CVE-2010-0844", "CVE-2010-0845", "CVE-2010-0846", "CVE-2010-0847", "CVE-2010-0848", "CVE-2010-0849", "CVE-2010-0850", "CVE-2010-0886", "CVE-2010-1084", "CVE-2010-1085", "CVE-2010-1086", "CVE-2010-1087", "CVE-2010-1088", "CVE-2010-1157", "CVE-2010-1173", "CVE-2010-1187", "CVE-2010-1321", "CVE-2010-1436", "CVE-2010-1437", "CVE-2010-1641", "CVE-2010-2066", "CVE-2010-2070", "CVE-2010-2226", "CVE-2010-2227", "CVE-2010-2240", "CVE-2010-2248", "CVE-2010-2521", "CVE-2010-2524", "CVE-2010-2928", "CVE-2010-2939", "CVE-2010-3081", "CVE-2010-3541", "CVE-2010-3548", "CVE-2010-3549", "CVE-2010-3550", "CVE-2010-3551", "CVE-2010-3553", "CVE-2010-3554", "CVE-2010-3556", "CVE-2010-3557", "CVE-2010-3559", "CVE-2010-3561", "CVE-2010-3562", "CVE-2010-3565", "CVE-2010-3566", "CVE-2010-3567", "CVE-2010-3568", "CVE-2010-3569", "CVE-2010-3571", "CVE-2010-3572", "CVE-2010-3573", "CVE-2010-3574", "CVE-2010-3864"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:vmware:esx", "cpe:/o:vmware:esxi"], "id": "VMWARE_VMSA-2011-0003_REMOTE.NASL", "href": "https://www.tenable.com/plugins/nessus/89674", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89674);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2008-0085\",\n \"CVE-2008-0086\",\n \"CVE-2008-0106\",\n \"CVE-2008-0107\",\n \"CVE-2008-3825\",\n \"CVE-2008-5416\",\n \"CVE-2009-1384\",\n \"CVE-2009-2693\",\n \"CVE-2009-2901\",\n \"CVE-2009-2902\",\n \"CVE-2009-3548\",\n \"CVE-2009-3555\",\n \"CVE-2009-4308\",\n \"CVE-2010-0003\",\n \"CVE-2010-0007\",\n \"CVE-2010-0008\",\n \"CVE-2010-0082\",\n \"CVE-2010-0084\",\n \"CVE-2010-0085\",\n \"CVE-2010-0087\",\n \"CVE-2010-0088\",\n \"CVE-2010-0089\",\n \"CVE-2010-0090\",\n \"CVE-2010-0091\",\n \"CVE-2010-0092\",\n \"CVE-2010-0093\",\n \"CVE-2010-0094\",\n \"CVE-2010-0095\",\n \"CVE-2010-0291\",\n \"CVE-2010-0307\",\n \"CVE-2010-0410\",\n \"CVE-2010-0415\",\n \"CVE-2010-0433\",\n \"CVE-2010-0437\",\n \"CVE-2010-0622\",\n \"CVE-2010-0730\",\n \"CVE-2010-0734\",\n \"CVE-2010-0740\",\n \"CVE-2010-0837\",\n \"CVE-2010-0838\",\n \"CVE-2010-0839\",\n \"CVE-2010-0840\",\n \"CVE-2010-0841\",\n \"CVE-2010-0842\",\n \"CVE-2010-0843\",\n \"CVE-2010-0844\",\n \"CVE-2010-0845\",\n \"CVE-2010-0846\",\n \"CVE-2010-0847\",\n \"CVE-2010-0848\",\n \"CVE-2010-0849\",\n \"CVE-2010-0850\",\n \"CVE-2010-0886\",\n \"CVE-2010-1084\",\n \"CVE-2010-1085\",\n \"CVE-2010-1086\",\n \"CVE-2010-1087\",\n \"CVE-2010-1088\",\n \"CVE-2010-1157\",\n \"CVE-2010-1173\",\n \"CVE-2010-1187\",\n \"CVE-2010-1321\",\n \"CVE-2010-1436\",\n \"CVE-2010-1437\",\n \"CVE-2010-1641\",\n \"CVE-2010-2066\",\n \"CVE-2010-2070\",\n \"CVE-2010-2226\",\n \"CVE-2010-2227\",\n \"CVE-2010-2240\",\n \"CVE-2010-2248\",\n \"CVE-2010-2521\",\n \"CVE-2010-2524\",\n \"CVE-2010-2928\",\n \"CVE-2010-2939\",\n \"CVE-2010-3081\",\n \"CVE-2010-3541\",\n \"CVE-2010-3548\",\n \"CVE-2010-3549\",\n \"CVE-2010-3550\",\n \"CVE-2010-3551\",\n \"CVE-2010-3553\",\n \"CVE-2010-3554\",\n \"CVE-2010-3556\",\n \"CVE-2010-3557\",\n \"CVE-2010-3559\",\n \"CVE-2010-3561\",\n \"CVE-2010-3562\",\n \"CVE-2010-3565\",\n \"CVE-2010-3566\",\n \"CVE-2010-3567\",\n \"CVE-2010-3568\",\n \"CVE-2010-3569\",\n \"CVE-2010-3571\",\n \"CVE-2010-3572\",\n \"CVE-2010-3573\",\n \"CVE-2010-3574\",\n \"CVE-2010-3864\"\n );\n script_bugtraq_id(\n 30082,\n 30083,\n 30118,\n 30119,\n 31534,\n 32710,\n 35112,\n 36935,\n 36954,\n 37724,\n 37762,\n 37906,\n 37942,\n 37944,\n 37945,\n 38027,\n 38058,\n 38144,\n 38162,\n 38165,\n 38185,\n 38348,\n 38479,\n 38533,\n 38857,\n 38898,\n 39013,\n 39044,\n 39062,\n 39067,\n 39068,\n 39069,\n 39070,\n 39071,\n 39072,\n 39073,\n 39075,\n 39077,\n 39078,\n 39081,\n 39082,\n 39083,\n 39084,\n 39085,\n 39086,\n 39088,\n 39089,\n 39090,\n 39091,\n 39093,\n 39094,\n 39095,\n 39096,\n 39120,\n 39492,\n 39569,\n 39635,\n 39715,\n 39719,\n 39794,\n 39979,\n 40235,\n 40356,\n 40776,\n 40920,\n 41466,\n 41544,\n 41904,\n 42242,\n 42249,\n 42306,\n 43239,\n 43965,\n 43971,\n 43979,\n 43985,\n 43988,\n 43992,\n 43994,\n 44009,\n 44011,\n 44012,\n 44013,\n 44014,\n 44016,\n 44017,\n 44026,\n 44027,\n 44028,\n 44030,\n 44032,\n 44035,\n 44040,\n 44884\n );\n script_xref(name:\"VMSA\", value:\"2011-0003\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including\nremote code execution vulnerabilities, in several third-party\ncomponents and libraries :\n\n - Apache Tomcat \n - Apache Tomcat Manager\n - cURL \n - Java Runtime Environment (JRE)\n - Kernel \n - Microsoft SQL Express\n - OpenSSL\n - pam_krb5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2011-0003\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.vmware.com/pipermail/security-announce/2011/000140.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory that\npertains to ESX version 4.0 / 4.1 or ESXi version 4.0 / 4.1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-3574\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2010-3081\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sun Java Web Start Plugin Command Line Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(20, 22, 119, 189, 200, 255, 264, 287, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n script_require_ports(\"Host/VMware/vsphere\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/VMware/version\");\nrel = get_kb_item_or_exit(\"Host/VMware/release\");\nport = get_kb_item_or_exit(\"Host/VMware/vsphere\");\nesx = '';\n\nif (\"ESX\" >!< rel)\n audit(AUDIT_OS_NOT, \"VMware ESX/ESXi\");\n\nextract = eregmatch(pattern:\"^(ESXi?) (\\d\\.\\d).*$\", string:ver);\nif (isnull(extract))\n audit(AUDIT_UNKNOWN_APP_VER, \"VMware ESX/ESXi\");\nelse\n{\n esx = extract[1];\n ver = extract[2];\n}\n\n# fixed build numbers are the same for ESX and ESXi\nfixes = make_array(\n \"4.0\", \"360236\",\n \"4.1\", \"348481\"\n );\n\nfix = FALSE;\nfix = fixes[ver];\n\n# get the build before checking the fix for the most complete audit trail\nextract = eregmatch(pattern:'^VMware ESXi?.* build-([0-9]+)$', string:rel);\nif (isnull(extract))\n audit(AUDIT_UNKNOWN_BUILD, \"VMware \" + esx, ver);\n\nbuild = int(extract[1]);\n\n# if there is no fix in the array, fix is FALSE\nif (!fix)\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + esx, ver, build);\n\nif (build < fix)\n{\n\n report = '\\n Version : ' + esx + \" \" + ver +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fix +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE);\n exit(0);\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + esx, ver, build);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T18:10:50", "description": "No description provided by source.", "cvss3": {}, "published": "2010-06-03T00:00:00", "type": "seebug", "title": "OpenSSL Cryptographic Message Syntax "OriginatorInfo" Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-0742", "CVE-2010-1633"], "modified": "2010-06-03T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19727", "id": "SSV:19727", "sourceData": "\n OpenSSL Security Advisory [01-Jun-2010]\r\n\r\nTwo security flaws have been fixed in OpenSSL 0.9.8o and OpenSSL 1.0.0a.\r\n\r\nInvalid ASN1 module definition for CMS.\r\n=======================================\r\n\r\nCMS structures containing OriginatorInfo are mishandled this can write to\r\ninvalid memory addresses or free up memory twice\r\n(CVE-2010-0742).\r\n\r\nThis bug is only present in the CMS code: the older PKCS#7 code is not affected.\r\n\r\nCMS is only present in OpenSSL 0.9.8h and later where it is disabled by\r\ndefault and 1.0.0 where it is enabled by default.\r\n\r\nUsers of OpenSSL CMS code should update to 0.9.8o or 1.0.0a which contains a\r\npatch to correct this issue.\r\n\r\nThanks to Ronald Moesbergen for reporting this issue.\r\n\r\nInvalid Return value check in pkey_rsa_verifyrecover\r\n====================================================\r\n\r\nWhen verification recovery fails for RSA keys an uninitialised buffer with an\r\nundefined length is returned instead of an error code (CVE-2010-1633).\r\n\r\nThis bug is only present in OpenSSL 1.0.0 and only affects applications that\r\ncall the function EVP_PKEY_verify_recover(). As this function is not present\r\nin previous versions of OpenSSL and not used by OpenSSL internal code very few\r\napplications should be affected. The OpenSSL utility application "pkeyutl" does \r\nuse this function.\r\n\r\nAffected users should update to 1.0.0a which contains a patch to correct this\r\nbug.\r\n\r\nThanks to Peter-Michael Hager for reporting this issue.\r\n\r\n\r\nReferences\r\n===========\r\n\r\nURL for this Security Advisory:\r\nhttp://www.openssl.org/news/secadv_20100601.txt\r\n\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-19727", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:11:20", "description": "BUGTRAQ ID: 40503\r\nCVE ID: CVE-2010-1633\r\n\r\nOpenSSL\u662f\u4e00\u79cd\u5f00\u653e\u6e90\u7801\u7684SSL\u5b9e\u73b0\uff0c\u7528\u6765\u5b9e\u73b0\u7f51\u7edc\u901a\u4fe1\u7684\u9ad8\u5f3a\u5ea6\u52a0\u5bc6\uff0c\u73b0\u5728\u88ab\u5e7f\u6cdb\u5730\u7528\u4e8e\u5404\u79cd\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u4e2d\u3002\r\n\r\n\u5f53\u9a8c\u8bc1\u6062\u590d\u8fdb\u7a0b\u5931\u8d25\u7684\u60c5\u51b5\u4e0b\u6240\u8fd4\u56de\u7684\u662f\u672a\u521d\u59cb\u5316\u7684\u7f13\u51b2\u533a\u800c\u4e0d\u662f\u51fa\u9519\u4ee3\u7801\uff0c\u4f7f\u7528EVP_PKEY_verify_recover()\u51fd\u6570\u7684\u5e94\u7528\u53ef\u4ee5\u5229\u7528\u8fd9\u4e2a\u60c5\u51b5\u7ed5\u8fc7\u5bc6\u94a5\u9a8c\u8bc1\u83b7\u5f97\u975e\u6388\u6743\u8bbf\u95ee\u3002\n\nOpenSSL 1.0.0\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nOpenSSL Project\r\n---------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.openssl.org/source/openssl-1.0.0a.tar.gz", "cvss3": {}, "published": "2010-06-04T00:00:00", "type": "seebug", "title": "OpenSSL EVP_PKEY_verify_recover()\u65e0\u6548\u8fd4\u56de\u503c\u7ed5\u8fc7\u5bc6\u94a5\u9a8c\u8bc1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-1633"], "modified": "2010-06-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19736", "id": "SSV:19736", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-19T18:10:49", "description": "BUGTRAQ ID: 40502\r\nCVE ID: CVE-2010-0742\r\n\r\nOpenSSL\u662f\u4e00\u79cd\u5f00\u653e\u6e90\u7801\u7684SSL\u5b9e\u73b0\uff0c\u7528\u6765\u5b9e\u73b0\u7f51\u7edc\u901a\u4fe1\u7684\u9ad8\u5f3a\u5ea6\u52a0\u5bc6\uff0c\u73b0\u5728\u88ab\u5e7f\u6cdb\u5730\u7528\u4e8e\u5404\u79cd\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u4e2d\u3002\r\n\r\nOpenSSL\u6ca1\u6709\u6b63\u786e\u5730\u5904\u7406\u52a0\u5bc6\u6d88\u606f\u53e5\u6cd5\uff08CMS\uff09\u7ed3\u6784\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u5305\u542b\u6709OriginatorInfo\u5143\u7d20\u7684\u7279\u5236CMS\u7ed3\u6784\u89e6\u53d1\u65e0\u6548\u5185\u5b58\u5730\u5740\u5199\u5165\u6216\u53cc\u91cd\u91ca\u653e\uff0c\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n\nOpenSSL 1.0.0\r\nOpenSSL 0.9.8\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nOpenSSL Project\r\n---------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.openssl.org/source/openssl-0.9.8o.tar.gz\r\nhttp://www.openssl.org/source/openssl-1.0.0a.tar.gz", "cvss3": {}, "published": "2010-06-04T00:00:00", "type": "seebug", "title": "OpenSSL CMS\u7ed3\u6784\u5904\u7406\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-0742"], "modified": "2010-06-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19735", "id": "SSV:19735", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debiancve": [{"lastseen": "2023-02-14T06:10:13", "description": "RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information.", "cvss3": {}, "published": "2010-06-03T14:30:00", "type": "debiancve", "title": "CVE-2010-1633", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1633"], "modified": "2010-06-03T14:30:00", "id": "DEBIANCVE:CVE-2010-1633", "href": "https://security-tracker.debian.org/tracker/CVE-2010-1633", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-13T18:10:51", "description": "The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.", "cvss3": {}, "published": "2010-06-03T14:30:00", "type": "debiancve", "title": "CVE-2010-0742", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2010-06-03T14:30:00", "id": "DEBIANCVE:CVE-2010-0742", "href": "https://security-tracker.debian.org/tracker/CVE-2010-0742", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-14T06:10:13", "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.", "cvss3": {}, "published": "2010-11-17T16:00:00", "type": "debiancve", "title": "CVE-2010-3864", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2010-11-17T16:00:00", "id": "DEBIANCVE:CVE-2010-3864", "href": "https://security-tracker.debian.org/tracker/CVE-2010-3864", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2023-02-15T16:26:38", "description": "RSA verification recovery in the EVP_PKEY_verify_recover function in\nOpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other\napplications, returns uninitialized memory upon failure, which might allow\ncontext-dependent attackers to bypass intended key requirements or obtain\nsensitive information via unspecified vectors. NOTE: some of these details\nare obtained from third party information.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=598732>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | 1.x only\n", "cvss3": {}, "published": "2010-06-03T00:00:00", "type": "ubuntucve", "title": "CVE-2010-1633", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1633"], "modified": "2010-06-03T00:00:00", "id": "UB:CVE-2010-1633", "href": "https://ubuntu.com/security/CVE-2010-1633", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-08-04T14:37:00", "description": "The Cryptographic Message Syntax (CMS) implementation in\ncrypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does\nnot properly handle structures that contain OriginatorInfo, which allows\ncontext-dependent attackers to modify invalid memory locations or conduct\ndouble-free attacks, and possibly execute arbitrary code, via unspecified\nvectors.\n\n#### Bugs\n\n * [http://rt.openssl.org/Ticket/Display.html?id=2211&user=guest&pass=guest](<http://rt.openssl.org/Ticket/Display.html?id=2211&user=guest&pass=guest>)\n * <https://bugzilla.redhat.com/show_bug.cgi?id=598738>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | introduced in 0.9.8h. cms is not enabled in Ubuntu.\n", "cvss3": {}, "published": "2010-06-03T00:00:00", "type": "ubuntucve", "title": "CVE-2010-0742", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2010-06-03T00:00:00", "id": "UB:CVE-2010-0742", "href": "https://ubuntu.com/security/CVE-2010-0742", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-15T16:23:03", "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o,\n1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on\na TLS server, might allow remote attackers to execute arbitrary code via\nclient data that triggers a heap-based buffer overflow, related to (1) the\nTLS server name extension and (2) elliptic curve cryptography.", "cvss3": {}, "published": "2010-11-17T00:00:00", "type": "ubuntucve", "title": "CVE-2010-3864", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2010-11-17T00:00:00", "id": "UB:CVE-2010-3864", "href": "https://ubuntu.com/security/CVE-2010-3864", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "openssl": [{"lastseen": "2023-02-21T17:02:30", "description": " An invalid Return value check in pkey_rsa_verifyrecover was discovered. When verification recovery fails for RSA keys an uninitialised buffer with an undefined length is returned instead of an error code. This could lead to an information leak.\n", "cvss3": {}, "published": "2010-06-01T00:00:00", "type": "openssl", "title": "Vulnerability in OpenSSL CVE-2010-1633", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1633"], "modified": "2010-06-01T00:00:00", "id": "OPENSSL:CVE-2010-1633", "href": "https://www.openssl.org/news/secadv/20100601.txt", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T17:02:30", "description": " A flaw in the handling of CMS structures containing OriginatorInfo was found which could lead to a write to invalid memory address or double free. CMS support is disabled by default in OpenSSL 0.9.8 versions.\n", "cvss3": {}, "published": "2010-06-01T00:00:00", "type": "openssl", "title": "Vulnerability in OpenSSL CVE-2010-0742", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2010-06-01T00:00:00", "id": "OPENSSL:CVE-2010-0742", "href": "https://www.openssl.org/news/secadv/20100601.txt", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T17:02:29", "description": " A flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers that are multi-process and/or disable internal session caching are NOT affected.\n", "cvss3": {}, "published": "2010-11-16T00:00:00", "type": "openssl", "title": "Vulnerability in OpenSSL CVE-2010-3864", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2010-11-16T00:00:00", "id": "OPENSSL:CVE-2010-3864", "href": "https://www.openssl.org/news/secadv/20101116.txt", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2019-10-07T20:36:36", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {}, "published": "2018-04-04T02:08:00", "type": "f5", "title": "OpenSSL vulnerability CVE-2010-1633", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1633"], "modified": "2018-04-04T02:08:00", "id": "F5:K93959105", "href": "https://support.f5.com/csp/article/K93959105", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-04-16T04:21:28", "description": "\nF5 Product Development has assigned ID 539970 (BIG-IP) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H17248 on the **Diagnostics** > **Identified** > **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 10.1.0 - 10.2.4| 12.0.0 \n11.0.0 - 11.6.0| Low| OpenSSL \nBIG-IP AAM| None| 12.0.0 \n11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 \n11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| 10.1.0 - 10.2.4| 12.0.0 \n11.0.0 - 11.6.0| Low| OpenSSL \nBIG-IP ASM| 10.1.0 - 10.2.4| 12.0.0 \n11.0.0 - 11.6.0| Low| OpenSSL \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP Edge Gateway| 10.1.0 - 10.2.4| 11.0.0 - 11.3.0| Low| OpenSSL \nBIG-IP GTM| 10.1.0 - 10.2.4| 11.0.0 - 11.6.0| Low| OpenSSL \nBIG-IP Link Controller| 10.1.0 - 10.2.4| 12.0.0 \n11.0.0 - 11.6.0| Low| OpenSSL \nBIG-IP PEM| None| 12.0.0 \n11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| 10.1.0 - 10.2.4| 11.0.0 - 11.4.1| Low| OpenSSL \nBIG-IP WebAccelerator| 10.1.0 - 10.2.4| 11.0.0 - 11.3.0| Low| OpenSSL \nBIG-IP WOM| 10.1.0 - 10.2.4| 11.0.0 - 11.3.0| Low| OpenSSL \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| \nNone| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None \n \n**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to [K7448: Restricting access to the Configuration utility by source IP address (9.x - 10.x)](<https://support.f5.com/csp/article/K7448>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>). \n\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "cvss3": {}, "published": "2015-09-09T22:17:00", "type": "f5", "title": "OpenSSL vulnerability CVE-2010-0742", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2017-04-06T19:20:00", "id": "F5:K17248", "href": "https://support.f5.com/csp/article/K17248", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-03-19T09:01:56", "description": "**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nRecommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to SOL7448: Restricting access to the Configuration utility by source IP address (9.x - 10.x) and SOL13092: Overview of securing access to the BIG-IP system. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {}, "published": "2015-09-09T00:00:00", "type": "f5", "title": "SOL17248 - OpenSSL vulnerability CVE-2010-0742", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2015-09-23T00:00:00", "id": "SOL17248", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/200/sol17248.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T08:16:20", "description": "", "cvss3": {}, "published": "2011-01-28T00:19:00", "type": "f5", "title": "OpenSSL vulnerability CVE-2010-3864", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2017-03-14T22:07:00", "id": "F5:K12566", "href": "https://support.f5.com/csp/article/K12566", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:00", "description": "For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864>\n", "cvss3": {}, "published": "2011-01-27T00:00:00", "type": "f5", "title": "SOL12566 - OpenSSL vulnerability CVE-2010-3864", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2016-07-25T00:00:00", "id": "SOL12566", "href": "http://support.f5.com/kb/en-us/solutions/public/12000/500/sol12566.html", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2023-02-13T06:39:27", "description": "RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information.", "cvss3": {}, "published": "2010-06-03T14:30:00", "type": "cve", "title": "CVE-2010-1633", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1633"], "modified": "2023-02-13T04:18:00", "cpe": ["cpe:/a:openssl:openssl:1.0.0"], "id": "CVE-2010-1633", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1633", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T14:00:02", "description": "The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.", "cvss3": {}, "published": "2010-06-03T14:30:00", "type": "cve", "title": "CVE-2010-0742", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2017-09-19T01:30:00", "cpe": ["cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:1.0.0"], "id": "CVE-2010-0742", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0742", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T06:39:12", "description": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.", "cvss3": {}, "published": "2010-11-17T16:00:00", "type": "cve", "title": "CVE-2010-3864", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2023-02-13T04:27:00", "cpe": ["cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:0.9.8n"], "id": "CVE-2010-3864", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3864", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*"]}], "checkpoint_advisories": [{"lastseen": "2021-12-17T12:36:00", "description": "OpenSSL is an open-source library that implements Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocol functionality. OpenSSL contains an implementation of CMS. A memory corruption vulnerability has been reported in OpenSSL library. The vulnerability is due to an error in handling CMS (Cryptographic Message Syntax) structures. If a CMS structure contains a crafted 'OriginatorInfo' value, the vulnerable code could write to an invalid memory location or cause a double-free. A remote attacker could exploit this issue by sending a specially crafted CMS message to the target application using the vulnerable version of the OpenSSL library. Successful exploitation may allow for arbitrary code execution with the privileges of the application using the OpenSSL library.", "cvss3": {}, "published": "2010-08-01T00:00:00", "type": "checkpoint_advisories", "title": "OpenSSL CMS Structure OriginatorInfo Memory Corruption (CVE-2010-0742)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2012-01-17T00:00:00", "id": "CPAI-2010-354", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "attackerkb": [{"lastseen": "2023-02-13T05:15:28", "description": "The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.\n\n \n**Recent assessments:** \n \n**jhfhj23909092** at May 29, 2021 5:31pm UTC reported:\n\nnnnnnnnnnnnn\n\nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {}, "published": "2010-06-03T00:00:00", "type": "attackerkb", "title": "CVE-2010-0742", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0742"], "modified": "2020-06-05T00:00:00", "id": "AKB:38A528B1-7F68-45C8-911E-1D3F8DC5EDB4", "href": "https://attackerkb.com/topics/o0K4KvNFwP/cve-2010-0742", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-02-13T07:59:39", "description": "## Releases\n\n * Ubuntu 10.10 \n * Ubuntu 10.04 \n * Ubuntu 9.10 \n * Ubuntu 8.04 \n\n## Packages\n\n * openssl \\- \n\nRob Hulswit discovered a race condition in the OpenSSL TLS server \nextension parsing code when used within a threaded server. A remote \nattacker could trigger this flaw to cause a denial of service \nor possibly execute arbitrary code with application privileges. \n(CVE-2010-3864)\n", "cvss3": {}, "published": "2010-11-18T00:00:00", "type": "ubuntu", "title": "OpenSSL vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2010-11-18T00:00:00", "id": "USN-1018-1", "href": "https://ubuntu.com/security/notices/USN-1018-1", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2023-02-13T08:22:09", "description": "\n\nOpenSSL Team reports:\n\nRob Hulswit has found a flaw in the OpenSSL TLS server extension\n\t code parsing which on affected servers can be exploited in a buffer\n\t overrun attack.\nAny OpenSSL based TLS server is vulnerable if it is multi-threaded\n\t and uses OpenSSL's internal caching mechanism. Servers that are\n\t multi-process and/or disable internal session caching are NOT\n\t affected.\nIn particular the Apache HTTP server (which never uses OpenSSL\n\t internal caching) and Stunnel (which includes its own workaround)\n\t are NOT affected.\n\n\n", "cvss3": {}, "published": "2010-10-08T00:00:00", "type": "freebsd", "title": "openssl -- TLS extension parsing race condition", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2010-10-08T00:00:00", "id": "3042C33A-F237-11DF-9D02-0018FE623F2B", "href": "https://vuxml.freebsd.org/freebsd/3042c33a-f237-11df-9d02-0018fe623f2b.html", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-19T18:41:55", "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA race condition flaw has been found in the OpenSSL TLS server extension\nparsing code, which could affect some multithreaded OpenSSL applications.\nUnder certain specific conditions, it may be possible for a remote attacker\nto trigger this race condition and cause such an application to crash, or\npossibly execute arbitrary code with the permissions of the application.\n(CVE-2010-3864)\n\nNote that this issue does not affect the Apache HTTP Server. Refer to Red\nHat Bugzilla bug 649304 for more technical details on how to determine if\nyour application is affected.\n\nRed Hat would like to thank Rob Hulswit for reporting this issue.\n\nAll OpenSSL users should upgrade to these updated packages, which contain a\nbackported patch to resolve this issue. For the update to take effect, all\nservices linked to the OpenSSL library must be restarted, or the system\nrebooted.\n", "cvss3": {}, "published": "2010-11-16T00:00:00", "type": "redhat", "title": "(RHSA-2010:0888) Important: openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2018-06-06T16:24:33", "id": "RHSA-2010:0888", "href": "https://access.redhat.com/errata/RHSA-2010:0888", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2023-02-14T16:16:34", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2125-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nNovember 22, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : openssl\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nDebian Bug : 603709\nCVE Id(s) : CVE-2010-3864\n\nA flaw has been found in the OpenSSL TLS server extension code parsing\nwhich on affected servers can be exploited in a buffer overrun attack.\nThis allows an attacker to cause an appliation crash or potentially to\nexecute arbitrary code.\n\nHowever, not all OpenSSL based SSL/TLS servers are vulnerable: A server\nis vulnerable if it is multi-threaded and uses OpenSSL's internal caching\nmechanism. In particular the Apache HTTP server (which never uses OpenSSL\ninternal caching) and Stunnel (which includes its own workaround) are NOT\naffected.\n\nThis upgrade fixes this issue. After the upgrade, any services using the\nopenssl libraries need to be restarted. The checkrestart script from the\ndebian-goodies package or lsof can help to find out which services need\nto be restarted.\n\nA note to users of the tor packages from the Debian backports or Debian\nvolatile: This openssl update causes problems with some versions of tor.\nYou need to update to tor 0.2.1.26-4~bpo50+1 or 0.2.1.26-1~lennyvolatile2,\nrespectively. The tor package version 0.2.0.35-1~lenny2 from Debian stable\nis not affected by these problems.\n\nFor the stable distribution (lenny), the problem has been fixed in\nopenssl version 0.9.8g-15+lenny9.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 0.9.8o-3.\n\nWe recommend that you upgrade your openssl packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 5.0 alias lenny (stable)\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g.orig.tar.gz\n Size/MD5 checksum: 3354792 acf70a16359bf3658bdfb74bda1c4419\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.dsc\n Size/MD5 checksum: 1973 1efb69f23999507bf2e74f5b848744af\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.diff.gz\n Size/MD5 checksum: 60451 9aba44ed40b0c9c8ec82bd6cd33c44b8\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 2583248 3b3f0cbec4ec28eb310466237648db8f\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 1028998 79fe8cdd601aecd9f956033a04fb8da5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_alpha.udeb\n Size/MD5 checksum: 722114 a388304bf86381229c306e79a5e85bf8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 2814160 e0f6fc697f5e9c87b44aa15eb58c3ea8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 4369318 c3cf8c7ec27f86563c34f45e986e17c4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 975850 778916e8b0df8e216121cd5185d7ca43\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 2243180 ff6a898ccd6fb49d5fbec9f4bd3cb6da\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_amd64.udeb\n Size/MD5 checksum: 638414 9ea111d66ac5f394d35fb69defa5dd27\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 1627632 9f08e1da5cf9279cee4700e89dc6ee6d\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 1043320 9ada82a7417c0d714a38c3a7184c2401\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_arm.udeb\n Size/MD5 checksum: 536038 a9c90bb3ad326fa43c1285c1768df046\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 2087048 bded4e624fcf0791ae0885aa18d99123\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 1028894 20784774078f02ef7e9db2ddbd7d5548\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 1490666 700c80efddb108b3e2a65373cc10dcc8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 844426 4cad5651a6d37ab19fb80b05a423598d\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 1029206 6c6c35731ecacfc0280520097ee183d4\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_armel.udeb\n Size/MD5 checksum: 540780 3b9ab48015bbd4dfc1ab205b42f1113d\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 2100958 fbf2c222a504e09e30f73cb0740a73a5\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 1504318 8eaa760844c1b81d0f8bd21bdc7ca1d0\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 850286 3e656a0805eb31600f8e3e520a2a6e36\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 2268562 8cb4805915dfde8326fde4281c9aaa76\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 969104 805c95116706c82051a5d08efce729e5\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 1047026 2e06d411c0a8764db3504638d3b59ef9\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 1528456 de6a4129635ee4565696198ce3423674\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_hppa.udeb\n Size/MD5 checksum: 634504 bab8594389626190b71ee97bfb46fa71\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 2108452 d75ba6c13fc77dd3eefddde480a05231\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 5393290 14bf0f44b8c802e47834234be834d80b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 2977384 bf4c26767b006694843d036ebdca132a\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_i386.udeb\n Size/MD5 checksum: 591782 bf5007e22e4bd31445458a5379086103\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 1035868 64085f2b106009533bda0309f08548af\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 2666530 42cdae406ce22e3e538f0d744f043a39\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1465582 33c84255a9515a9a528cbf3df9398ef5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_ia64.udeb\n Size/MD5 checksum: 865352 9cbc10e393eb3d30d34ea384c6f1f9f5\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1105090 cc7485d310d4770c2b1e93c6d74dcc2b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1280654 fde186a4983ac6cafcd3d5ec7e1d6f98\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 1025868 8b7f565c4c0a15b15f20f2e074bb503a\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 900162 391ac436c8d7ed7b55a8ea9e90c7d8be\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 2307960 227ac5c7b409d061222b94bc40e8cd18\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 1622826 8a4f73d6cd497076490404a2dade26ba\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mips.udeb\n Size/MD5 checksum: 585108 d8447df55a530959b6cd9d5d3039c0da\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 1012186 4a154b5c4d864f7dcd0bf019dfb41c5d\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 1588308 1222eb6b1870602335ef0722b7047b6a\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mipsel.udeb\n Size/MD5 checksum: 572370 a2535f616be099e9361a55637c3375d3\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 2295070 7446121759684083870d5ae0d26969c0\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 885668 3745e7c578002628f78f02bd5afeb84f\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 1643808 43814c865d098046bc1dca1920820354\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 1047060 5c45e5a5d02f856cb9dc29029d0b5557\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_powerpc.udeb\n Size/MD5 checksum: 656166 309fdeebe15bbecbe8c55dbd5ddbdd3a\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 997540 f4bf73493f3964b8a23bdd424694f079\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 2251238 35f6f59b07e57eb538da19545a733d5f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_s390.udeb\n Size/MD5 checksum: 693040 26cab41169c6b8f64ce7936a2ea65a7b\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1051130 f67b4fd152e1175f81022ffd345d6c78\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 2231782 c7796fff8c97bbf0c5ab69440cbd50f9\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1602496 a9595ac98fc11015dd4bb2634416197b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1024562 ff293933ef4eb5e952659fe7caf82c8b\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 2290536 e5c655fbcc524fe7bb56945cc8b2f5d1\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 3868850 b9cbaa2cbb2cfa4aa1dce984148dba4b\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 2146488 d0c17736c2b26a97491e34321ffff3f5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_sparc.udeb\n Size/MD5 checksum: 580510 28ab74855c8a34bb002b44fd7ecb8997\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 1043044 d78ffaf44d1177b05fa0cfb02d76128a\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-11-22T20:17:04", "type": "debian", "title": "[SECURITY] [DSA-2125-1] New openssl packages fix buffer overflow", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2010-11-22T20:17:04", "id": "DEBIAN:DSA-2125-1:26495", "href": "https://lists.debian.org/debian-security-announce/2010/msg00176.html", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T00:31:51", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2125-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nNovember 22, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : openssl\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nDebian Bug : 603709\nCVE Id(s) : CVE-2010-3864\n\nA flaw has been found in the OpenSSL TLS server extension code parsing\nwhich on affected servers can be exploited in a buffer overrun attack.\nThis allows an attacker to cause an appliation crash or potentially to\nexecute arbitrary code.\n\nHowever, not all OpenSSL based SSL/TLS servers are vulnerable: A server\nis vulnerable if it is multi-threaded and uses OpenSSL's internal caching\nmechanism. In particular the Apache HTTP server (which never uses OpenSSL\ninternal caching) and Stunnel (which includes its own workaround) are NOT\naffected.\n\nThis upgrade fixes this issue. After the upgrade, any services using the\nopenssl libraries need to be restarted. The checkrestart script from the\ndebian-goodies package or lsof can help to find out which services need\nto be restarted.\n\nA note to users of the tor packages from the Debian backports or Debian\nvolatile: This openssl update causes problems with some versions of tor.\nYou need to update to tor 0.2.1.26-4~bpo50+1 or 0.2.1.26-1~lennyvolatile2,\nrespectively. The tor package version 0.2.0.35-1~lenny2 from Debian stable\nis not affected by these problems.\n\nFor the stable distribution (lenny), the problem has been fixed in\nopenssl version 0.9.8g-15+lenny9.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 0.9.8o-3.\n\nWe recommend that you upgrade your openssl packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 5.0 alias lenny (stable)\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g.orig.tar.gz\n Size/MD5 checksum: 3354792 acf70a16359bf3658bdfb74bda1c4419\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.dsc\n Size/MD5 checksum: 1973 1efb69f23999507bf2e74f5b848744af\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.diff.gz\n Size/MD5 checksum: 60451 9aba44ed40b0c9c8ec82bd6cd33c44b8\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 2583248 3b3f0cbec4ec28eb310466237648db8f\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 1028998 79fe8cdd601aecd9f956033a04fb8da5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_alpha.udeb\n Size/MD5 checksum: 722114 a388304bf86381229c306e79a5e85bf8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 2814160 e0f6fc697f5e9c87b44aa15eb58c3ea8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 4369318 c3cf8c7ec27f86563c34f45e986e17c4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 975850 778916e8b0df8e216121cd5185d7ca43\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 2243180 ff6a898ccd6fb49d5fbec9f4bd3cb6da\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_amd64.udeb\n Size/MD5 checksum: 638414 9ea111d66ac5f394d35fb69defa5dd27\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 1627632 9f08e1da5cf9279cee4700e89dc6ee6d\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 1043320 9ada82a7417c0d714a38c3a7184c2401\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_arm.udeb\n Size/MD5 checksum: 536038 a9c90bb3ad326fa43c1285c1768df046\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 2087048 bded4e624fcf0791ae0885aa18d99123\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 1028894 20784774078f02ef7e9db2ddbd7d5548\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 1490666 700c80efddb108b3e2a65373cc10dcc8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 844426 4cad5651a6d37ab19fb80b05a423598d\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 1029206 6c6c35731ecacfc0280520097ee183d4\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_armel.udeb\n Size/MD5 checksum: 540780 3b9ab48015bbd4dfc1ab205b42f1113d\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 2100958 fbf2c222a504e09e30f73cb0740a73a5\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 1504318 8eaa760844c1b81d0f8bd21bdc7ca1d0\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 850286 3e656a0805eb31600f8e3e520a2a6e36\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 2268562 8cb4805915dfde8326fde4281c9aaa76\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 969104 805c95116706c82051a5d08efce729e5\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 1047026 2e06d411c0a8764db3504638d3b59ef9\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 1528456 de6a4129635ee4565696198ce3423674\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_hppa.udeb\n Size/MD5 checksum: 634504 bab8594389626190b71ee97bfb46fa71\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 2108452 d75ba6c13fc77dd3eefddde480a05231\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 5393290 14bf0f44b8c802e47834234be834d80b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 2977384 bf4c26767b006694843d036ebdca132a\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_i386.udeb\n Size/MD5 checksum: 591782 bf5007e22e4bd31445458a5379086103\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 1035868 64085f2b106009533bda0309f08548af\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 2666530 42cdae406ce22e3e538f0d744f043a39\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1465582 33c84255a9515a9a528cbf3df9398ef5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_ia64.udeb\n Size/MD5 checksum: 865352 9cbc10e393eb3d30d34ea384c6f1f9f5\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1105090 cc7485d310d4770c2b1e93c6d74dcc2b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1280654 fde186a4983ac6cafcd3d5ec7e1d6f98\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 1025868 8b7f565c4c0a15b15f20f2e074bb503a\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 900162 391ac436c8d7ed7b55a8ea9e90c7d8be\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 2307960 227ac5c7b409d061222b94bc40e8cd18\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 1622826 8a4f73d6cd497076490404a2dade26ba\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mips.udeb\n Size/MD5 checksum: 585108 d8447df55a530959b6cd9d5d3039c0da\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 1012186 4a154b5c4d864f7dcd0bf019dfb41c5d\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 1588308 1222eb6b1870602335ef0722b7047b6a\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mipsel.udeb\n Size/MD5 checksum: 572370 a2535f616be099e9361a55637c3375d3\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 2295070 7446121759684083870d5ae0d26969c0\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 885668 3745e7c578002628f78f02bd5afeb84f\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 1643808 43814c865d098046bc1dca1920820354\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 1047060 5c45e5a5d02f856cb9dc29029d0b5557\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_powerpc.udeb\n Size/MD5 checksum: 656166 309fdeebe15bbecbe8c55dbd5ddbdd3a\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 997540 f4bf73493f3964b8a23bdd424694f079\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 2251238 35f6f59b07e57eb538da19545a733d5f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_s390.udeb\n Size/MD5 checksum: 693040 26cab41169c6b8f64ce7936a2ea65a7b\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1051130 f67b4fd152e1175f81022ffd345d6c78\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 2231782 c7796fff8c97bbf0c5ab69440cbd50f9\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1602496 a9595ac98fc11015dd4bb2634416197b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1024562 ff293933ef4eb5e952659fe7caf82c8b\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 2290536 e5c655fbcc524fe7bb56945cc8b2f5d1\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 3868850 b9cbaa2cbb2cfa4aa1dce984148dba4b\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 2146488 d0c17736c2b26a97491e34321ffff3f5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_sparc.udeb\n Size/MD5 checksum: 580510 28ab74855c8a34bb002b44fd7ecb8997\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 1043044 d78ffaf44d1177b05fa0cfb02d76128a\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-11-22T20:17:04", "type": "debian", "title": "[SECURITY] [DSA-2125-1] New openssl packages fix buffer overflow", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2010-11-22T20:17:04", "id": "DEBIAN:DSA-2125-1:4BD9E", "href": "https://lists.debian.org/debian-security-announce/2010/msg00176.html", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:08:11", "description": "Race conditions with buffer overflow.", "cvss3": {}, "published": "2010-11-19T00:00:00", "type": "securityvulns", "title": "OpenSSL buffer overflow", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-3864"], "modified": "2010-11-19T00:00:00", "id": "SECURITYVULNS:VULN:11264", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11264", "sourceData": "", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:42", "description": "Privilege escalation, code execution, information leakage, DoS.", "cvss3": {}, "published": "2011-04-26T00:00:00", "type": "securityvulns", "title": "HP Insight Control multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0539", "CVE-2010-4180", "CVE-2011-0014", "CVE-2011-1535", "CVE-2010-3864"], "modified": "2011-04-26T00:00:00", "id": "SECURITYVULNS:VULN:11624", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11624", "sourceData": "", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c02794777\r\nVersion: 1\r\n\r\nHPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information\r\nDisclosure, Denial of Service (DoS)\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2011-04-19\r\nLast Updated: 2011-04-19\r\n\r\nPotential Security Impact: Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure, Denial of Servce (DoS)\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with Insight Control for Linux (IC-Linux). The vulnerabilities could be exploited remotely to allow unauthorized elevation\r\nof privilege, execution of arbitrary code, encryption downgrade, information disclosure, and Denial of Service (DoS).\r\n\r\nReferences: CVE-2010-3864, CVE-2010-4180, CVE-2011-0014, CVE-2011-0539, CVE-2011-1535 (privilege elevation)\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nInsight Control for Linux (IC-Linux) prior to v6.3\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2010-3864 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\r\nCVE-2010-4180 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\r\nCVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2011-0539 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\r\nCVE-2011-1535 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made Insight Control for Linux (IC-Linux) v6.3 or subsequent available to resolve the vulnerabilities.\r\n\r\nThe product kit is available here:\r\n\r\nhttp://h18004.www1.hp.com/products/servers/management/insightcontrol_linux2/index.html\r\n\r\nThe product kit is also available here: http://www.hp.com/go/ice-lx\r\n\r\nHISTORY\r\nVersion:1 (rev.1) 19 April 2011 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's\r\npatch management policy.\r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\r\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.\r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com\r\n Subject: get key\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up\r\nUnder Step1: your ITRC security bulletins and patches\r\n -check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems\r\n -verify your operating system selections are checked and save.\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\r\nLog in on the web page: Subscriber's choice for Business: sign-in.\r\nOn the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.\r\n\r\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\r\n\r\n* The Software Product Category that this Security Bulletin\r\nrelates to is represented by the 5th and 6th characters\r\nof the Bulletin number in the title:\r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing & Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n\r\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software\r\nproducts to provide customers with current secure solutions.\r\n\r\n"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this\r\nBulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this\r\ninformation is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the\r\ninformation provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and\r\nfitness for a particular purpose, title and non-infringement."\r\n\r\nCopyright 2011 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any\r\nkind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime\r\ncost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document\r\nis subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United\r\nStates and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niEYEARECAAYFAk2tjMAACgkQ4B86/C0qfVl2pgCgwXGSztItJz2iVYtrtl3ojJOY\r\nzlUAn2Tq9aUUHLrw2Ei3r7UGhWTooHh0\r\n=d+fD\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2011-04-26T00:00:00", "type": "securityvulns", "title": "[security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS)", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0539", "CVE-2010-4180", "CVE-2011-0014", "CVE-2011-1535", "CVE-2010-3864"], "modified": "2011-04-26T00:00:00", "id": "SECURITYVULNS:DOC:26212", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26212", "sourceData": "", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:41", "description": "About the security content of Mac OS X v10.6.8 and Security Update 2011-004\r\n\r\n Last Modified: June 23, 2011\r\n Article: HT4723\r\n\r\nEmail this article\r\nPrint this page\r\nSummary\r\n\r\nThis document describes of Mac OS X v10.6.8 and Security Update 2011-004, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.\r\n\r\nFor the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.\r\n\r\nFor information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."\r\n\r\nWhere possible, CVE IDs are used to reference the vulnerabilities for further information.\r\n\r\nTo learn about other Security Updates, see "Apple Security Updates."\r\nProducts Affected\r\n\r\nMac OS X 10.6, Product Security\r\nMac OS X v10.6.8 and Security Update 2011-004\r\n\r\n AirPort\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\r\n\r\n Impact: When connected to Wi-Fi, an attacker on the same network may be able to cause a system reset\r\n\r\n Description: An out of bounds memory read issue existed in the handling of Wi-Fi frames. When connected to Wi-Fi, an attacker on the same network may be able to cause a system reset. This issue does not affect Mac OS X v10.6\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0196\r\n\r\n App Store\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: The user's AppleID password may be logged to a local file\r\n\r\n Description: In certain circumstances, App Store may log the user's AppleID password to a file that is not readable by other users on the system. This issue is addressed through improved handling of credentials.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0197 : Paul Nelson\r\n\r\n ATS\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution\r\n\r\n Description: A heap buffer overflow issue existed in the handling of TrueType fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0198 : Harry Sintonen, Marc Schoenefeld of the Red Hat Security Response Team\r\n\r\n Certificate Trust Policy\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information\r\n\r\n Description: An error handling issue existed in the Certificate Trust Policy. If an Extended Validation (EV) certificate has no OCSP URL, and CRL checking is enabled, the CRL will not be checked and a revoked certificate may be accepted as valid. This issue is mitigated as most EV certificates specify an OCSP URL.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0199 : Chris Hawk and Wan-Teh Chang of Google\r\n\r\n ColorSync\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\r\n\r\n Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative\r\n\r\n CoreFoundation\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0201 : Harry Sintonen\r\n\r\n CoreGraphics\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team\r\n\r\n FTP Server\r\n\r\n Available for: Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: A person with FTP access may list files on the system\r\n\r\n Description: A path validation issue existed in xftpd. A person with FTP access may perform a recursive directory listing starting from the root, including directories that are not shared for FTP. The listing will eventually include any file that would be accessible to the FTP user. The contents of files are not disclosed. This issue is addressed through improved path validation. This issue only affects Mac OS X Server systems.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0203 : team karlkani\r\n\r\n ImageIO\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0204 : Dominic Chell of NGS Secure\r\n\r\n ImageIO\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow issue existed in ImageIO's handling of JPEG2000 images. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0205 : Harry Sintonen\r\n\r\n International Components for Unicode\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A buffer overflow issue existed in ICU's handling of uppercase strings. Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0206 : David Bienvenu of Mozilla\r\n\r\n Kernel\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: A local user may be able to cause a system reset\r\n\r\n Description: A null dereference issue existed in the handling of IPV6 socket options. A local user may be able to cause a system reset.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-1132 : Thomas Clement of Intego\r\n\r\n Libsystem\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Applications which use the glob(3) API may be vulnerable to a denial of service\r\n\r\n Description: Applications which use the glob(3) API may be vulnerable to a denial of service. If the glob pattern comes from untrusted input, the application may hang or use excessive CPU resources. This issue is addressed through improved validation of glob patterns.\r\n\r\n CVE-ID\r\n\r\n CVE-2010-2632 : Maksymilian Arciemowicz\r\n\r\n libxslt\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap\r\n\r\n Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0195 : Chris Evans of the Google Chrome Security Team\r\n\r\n MobileMe\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: An attacker with a privileged network position may read a user's MobileMe email aliases\r\n\r\n Description: When communicating with MobileMe to determine a user's email aliases, Mail will make requests over HTTP. As a result, an attacker with a privileged network position may read a user's MobileMe email aliases. This issue is addressed by using SSL to access the user's email aliases.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0207 : Aaron Sigel of vtty.com\r\n\r\n MySQL\r\n\r\n Available for: Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Multiple vulnerabilities in MySQL 5.0.91\r\n\r\n Description: MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems. Further information is available via the MySQL web site at http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html\r\n\r\n CVE-ID\r\n\r\n CVE-2010-3677\r\n\r\n CVE-2010-3682\r\n\r\n CVE-2010-3833\r\n\r\n CVE-2010-3834\r\n\r\n CVE-2010-3835\r\n\r\n CVE-2010-3836\r\n\r\n CVE-2010-3837\r\n\r\n CVE-2010-3838\r\n\r\n OpenSSL\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Multiple vulnerabilities in OpenSSL\r\n\r\n Description: Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to arbitrary code execution. These issues are addressed by updating OpenSSL to version 0.9.8r.\r\n\r\n CVE-ID\r\n\r\n CVE-2009-3245\r\n\r\n CVE-2010-0740\r\n\r\n CVE-2010-3864\r\n\r\n CVE-2010-4180\r\n\r\n CVE-2011-0014\r\n\r\n patch\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Running patch on a maliciously crafted patch file may cause arbitrary files to be created or overwritten\r\n\r\n Description: A directory traversal issue existed in GNU patch. Running patch on a maliciously crafted patch file may cause arbitrary files to be created or overwritten. This issue is addressed through improved validation of patch files.\r\n\r\n CVE-ID\r\n\r\n CVE-2010-4651\r\n\r\n QuickLook\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue existed in QuickLook's handling of Microsoft Office files. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution. This issue does not affect systems prior to Mac OS X v10.6.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0208 : Tobias Klein working with iDefense VCP\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted WAV file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer overflow existed in QuickTime's handling of RIFF WAV files. Viewing a maliciously crafted WAV file may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0209 : Luigi Auriemma working with TippingPoint's Zero Day Initiative\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue existed in QuickTime's handling of sample tables in QuickTime movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0210 : Honggang Ren of Fortinet's FortiGuard Labs\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer overflow existed in QuickTime's handling of movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0211 : Luigi Auriemma working with TippingPoint's Zero Day Initiative\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A buffer overflow existed in QuickTime's handling of PICT images. Viewing a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2010-3790 : Subreption LLC working with TippingPoint's Zero Day Initiative\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted JPEG file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A buffer overflow existed in QuickTime's handling of JPEG files. Viewing a maliciously crafted JPEG file may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0213 : Luigi Auriemma working with iDefense\r\n\r\n Samba\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\r\n\r\n Impact: If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution\r\n\r\n Description: A stack buffer overflow existed in Samba's handling of Windows Security IDs. If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X 10.6.7.\r\n\r\n CVE-ID\r\n\r\n CVE-2010-3069\r\n\r\n Samba\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution\r\n\r\n Description: A memory corruption issue existed in Samba's handling of file descriptors. If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0719 : Volker Lendecke of SerNet\r\n\r\n servermgrd\r\n\r\n Available for: Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: A remote attacker may be able to read arbitrary files from the system\r\n\r\n Description: An XML External Entity issue exists in servermgrd's handling of XML-RPC requests. This issue is addressed by removing servermgrd's XML-RPC interface. This issue only affects Mac OS X Server systems.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0212 : Apple\r\n\r\n subversion\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: If an http based Subversion server is configured, a remote attacker may be able to cause a denial of service\r\n\r\n Description: A null dereference issue existed in Subversion's handling of lock tokens sent over HTTP. If an http based Subversion server is configured, a remote attacker may be able to cause a denial of service. For Mac OS X v10.6 systems, Subversion is updated to version 1.6.6. For Mac OS X v10.5.8 systems, the issue is addressed through additional validation of lock tokens. Further information is available via the Subversion web site at http://subversion.tigris.org/\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0715\r\n\r\n", "cvss3": {}, "published": "2011-07-04T00:00:00", "type": "securityvulns", "title": "About the security content of Mac OS X v10.6.8 and Security Update 2011-004", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-4651", "CVE-2011-0197", "CVE-2011-0196", "CVE-2010-0740", "CVE-2011-0211", "CVE-2011-0202", "CVE-2011-0199", "CVE-2010-3790", "CVE-2011-0206", "CVE-2011-0204", "CVE-2010-3837", "CVE-2011-0719", "CVE-2011-0201", "CVE-2010-2632", "CVE-2010-3835", "CVE-2011-0210", "CVE-2011-1132", "CVE-2010-3833", "CVE-2010-4180", "CVE-2011-0208", "CVE-2011-0203", "CVE-2011-0212", "CVE-2009-3245", "CVE-2011-0213", "CVE-2011-0014", "CVE-2010-3682", "CVE-2010-3836", "CVE-2011-0195", "CVE-2010-3677", "CVE-2011-0715", "CVE-2010-3834", "CVE-2011-0200", "CVE-2010-3838", "CVE-2011-0205", "CVE-2010-3864", "CVE-2011-0198", "CVE-2011-0209", "CVE-2011-0207", "CVE-2010-3069"], "modified": "2011-07-04T00:00:00", "id": "SECURITYVULNS:DOC:26596", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26596", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:09", "description": "DoS conditions, buffer overflows, information leaks, code execution in different subsystems.", "cvss3": {}, "published": "2011-07-06T00:00:00", "type": "securityvulns", "title": "Apple Mac OS X multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-4651", "CVE-2011-0197", "CVE-2011-0196", "CVE-2010-0740", "CVE-2011-0211", "CVE-2011-0202", "CVE-2011-0199", "CVE-2010-3790", "CVE-2011-0206", "CVE-2011-0204", "CVE-2010-3837", "CVE-2011-0719", "CVE-2011-0201", "CVE-2010-2632", "CVE-2010-3835", "CVE-2011-0210", "CVE-2011-1132", "CVE-2010-3833", "CVE-2010-4180", "CVE-2011-0208", "CVE-2011-0203", "CVE-2011-0212", "CVE-2009-3245", "CVE-2011-0213", "CVE-2011-0014", "CVE-2010-3682", "CVE-2010-3836", "CVE-2011-0195", "CVE-2010-3677", "CVE-2011-0715", "CVE-2010-3834", "CVE-2011-0200", "CVE-2010-3838", "CVE-2011-0205", "CVE-2010-3864", "CVE-2011-0198", "CVE-2011-0209", "CVE-2011-0207", "CVE-2010-3069"], "modified": "2011-07-06T00:00:00", "id": "SECURITYVULNS:VULN:11754", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11754", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osv": [{"lastseen": "2022-08-10T07:08:00", "description": "\nA flaw has been found in the OpenSSL TLS server extension code parsing\nwhich on affected servers can be exploited in a buffer overrun attack.\nThis allows an attacker to cause an application crash or potentially to\nexecute arbitrary code.\n\n\nHowever, not all OpenSSL based SSL/TLS servers are vulnerable: a server\nis vulnerable if it is multi-threaded and uses OpenSSL's internal caching\nmechanism. In particular the Apache HTTP server (which never uses OpenSSL\ninternal caching) and Stunnel (which includes its own workaround) are NOT\naffected.\n\n\nThis upgrade fixes this issue. After the upgrade, any services using the\nopenssl libraries need to be restarted. The checkrestart script from the\ndebian-goodies package or lsof can help to find out which services need\nto be restarted.\n\n\nA note to users of the tor packages from the Debian backports or Debian\nvolatile: this openssl update causes problems with some versions of tor.\nYou need to update to tor 0.2.1.26-4~bpo50+1 or 0.2.1.26-1~lennyvolatile2,\nrespectively. The tor package version 0.2.0.35-1~lenny2 from Debian stable\nis not affected by these problems.\n\n\nFor the stable distribution (lenny), the problem has been fixed in\nopenssl version 0.9.8g-15+lenny9.\n\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 0.9.8o-3.\n\n\nWe recommend that you upgrade your openssl packages.\n\n\n", "cvss3": {}, "published": "2010-11-22T00:00:00", "type": "osv", "title": "openssl - buffer overflow", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3864"], "modified": "2022-08-10T07:07:48", "id": "OSV:DSA-2125-1", "href": "https://osv.dev/vulnerability/DSA-2125-1", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:13:35", "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. \n\n### Description\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could cause a Denial of Service, possibly execute arbitrary code, bypass intended key requirements, force the downgrade to unintended ciphers, bypass the need for knowledge of shared secrets and successfully authenticate, bypass CRL validation, or obtain sensitive information in applications that use OpenSSL. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll OpenSSL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-1.0.0e\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 17, 2011. It is likely that your system is already no longer affected by most of these issues.", "cvss3": {}, "published": "2011-10-09T00:00:00", "type": "gentoo", "title": "OpenSSL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3245", "CVE-2009-4355", "CVE-2010-0433", "CVE-2010-0740", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-2939", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-4252", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-3210"], "modified": "2015-06-06T00:00:00", "id": "GLSA-201110-01", "href": "https://security.gentoo.org/glsa/201110-01", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2023-02-13T08:13:58", "description": "New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\n13.1, and -current to fix security issues.\n\n\nHere are the details from the Slackware 13.1 ChangeLog:\n\npatches/packages/openssl-0.9.8p-i486-1_slack13.1.txz: Rebuilt.\n This OpenSSL update contains some security related bugfixes.\n For more information, see the included CHANGES and NEWS files, and:\n http://www.openssl.org/news/secadv_20101116.txt\n https://vulners.com/cve/CVE-2010-2939\n https://vulners.com/cve/CVE-2010-3864\n (* Security fix *)\npatches/packages/openssl-solibs-0.9.8p-i486-1_slack13.1.txz: Rebuilt.\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-0.9.8p-i486-1_slack11.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack11.0.tgz\n\nUpdated packages for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-0.9.8p-i486-1_slack12.0.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.0.tgz\n\nUpdated packages for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-0.9.8p-i486-1_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.1.tgz\n\nUpdated packages for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8p-i486-1_slack12.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.2.tgz\n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8p-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8p-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8p-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8p-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8p-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8p-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8p-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8p-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-0.9.8p-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-0.9.8p-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-0.9.8p-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-0.9.8p-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 packages:\n4afbe28d45b8a2308300117677d3fe55 openssl-0.9.8p-i486-1_slack11.0.tgz\n86e5c3024bb98af3b8f95dea0d25ddb1 openssl-solibs-0.9.8p-i486-1_slack11.0.tgz\n\nSlackware 12.0 packages:\nb6ca9a74664750269ff8d496619d7864 openssl-0.9.8p-i486-1_slack12.0.tgz\nb8933914f64907f0251beada06ca8325 openssl-solibs-0.9.8p-i486-1_slack12.0.tgz\n\nSlackware 12.1 packages:\n714055dcb36d66df90dd3ab39d1a8ffc openssl-0.9.8p-i486-1_slack12.1.tgz\n44721199ecb279310c1c78823aca2642 openssl-solibs-0.9.8p-i486-1_slack12.1.tgz\n\nSlackware 12.2 packages:\nf056a02b0c6ee9bbbd2351779104a5b5 openssl-0.9.8p-i486-1_slack12.2.tgz\nacd1c70ff6809c1395b238172c159c07 openssl-solibs-0.9.8p-i486-1_slack12.2.tgz\n\nSlackware 13.0 packages:\nc016754f3c6423bbe316d62fd0c2e7cc openssl-0.9.8p-i486-1_slack13.0.txz\ne32ed64837187409745c13726ec93c9b openssl-solibs-0.9.8p-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n683ccd42679217f50cfde53ce78c14c2 openssl-0.9.8p-x86_64-1_slack13.0.txz\nb8302ed88259a4d075ec6577a5b68f4e openssl-solibs-0.9.8p-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\nb11344999caa9758c005e9cf4ca569de openssl-0.9.8p-i486-1_slack13.1.txz\n841a5ac55f7fc5192018740998ac33ce openssl-solibs-0.9.8p-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n9fc9e76fa50989b6e5e610f9aae01a83 openssl-0.9.8p-x86_64-1_slack13.1.txz\nabcdafbc53666b5b646ad6e7349ae987 openssl-solibs-0.9.8p-x86_64-1_slack13.1.txz\n\nSlackware -current packages:\n354568cef2205d0fde6a72c9768f4609 openssl-solibs-0.9.8p-i486-1.txz\n83316eab3f9f4bf90e5ffb003fee9eba openssl-0.9.8p-i486-1.txz\n\nSlackware x86_64 -current packages:\n74bae522783c8af4874b82e1ac6cb0de openssl-solibs-0.9.8p-x86_64-1.txz\na53b35c6a75c00d7d3b4dcec3cf4cdcd openssl-0.9.8p-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-0.9.8p-i486-1_slack13.1.txz openssl-solibs-0.9.8p-i486-1_slack13.1.txz", "cvss3": {}, "published": "2010-11-22T07:07:48", "type": "slackware", "title": "[slackware-security] openssl", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "modified": "2010-11-22T07:07:48", "id": "SSA-2010-326-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "freebsd_advisory": [{"lastseen": "2023-02-13T09:26:53", "description": "\\-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:10.openssl Security Advisory The FreeBSD Project Topic: OpenSSL multiple vulnerabilities Category: contrib Module: openssl Announced: 2010-11-29 Credits: Georgi Guninski, Rob Hulswit Affects: FreeBSD 7.0 and later Corrected: 2010-11-26 22:50:58 UTC (RELENG_8, 8.1-STABLE) 2010-11-29 20:43:06 UTC (RELENG_8_1, 8.1-RELEASE-p2) 2010-11-29 20:43:06 UTC (RELENG_8_0, 8.0-RELEASE-p6) 2010-11-28 13:45:51 UTC (RELENG_7, 7.3-STABLE) 2010-11-29 20:43:06 UTC (RELENG_7_3, 7.3-RELEASE-p4) 2010-11-29 20:43:06 UTC (RELENG_7_1, 7.1-RELEASE-p16) CVE Name: CVE-2010-2939, CVE-2010-3864 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. II. Problem Description A race condition exists in the OpenSSL TLS server extension code parsing when used in a multi-threaded application, which uses OpenSSL's internal caching mechanism. The race condition can lead to a buffer overflow. [CVE-2010-3864] A double free exists in the SSL client ECDH handling code, when processing specially crafted public keys with invalid prime numbers. [CVE-2010-2939] III. Impact For affected server applications, an attacker may be able to utilize the buffer overflow to crash the application or potentially run arbitrary code with the privileges of the application. [CVE-2010-3864]. It may be possible to cause a DoS or potentially execute arbitrary in the context of the user connection to a malicious SSL server. [CVE-2010-2939] IV. Workaround No workaround is available, but CVE-2010-3864 only affects FreeBSD 8.0 and later. It should also be noted that CVE-2010-3864 affects neither the Apache HTTP server nor Stunnel. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 7-STABLE or 8-STABLE, or to the RELENG_8_1, RELENG_8_0, RELENG_7_3, or RELENG_7_1 security branch dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to FreeBSD 7.1, 7.3, 8.0 and 8.1 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 7.x] # fetch http://security.FreeBSD.org/patches/SA-10:10/openssl7.patch # fetch http://security.FreeBSD.org/patches/SA-10:10/openssl7.patch.asc [FreeBSD 8.x] # fetch http://security.FreeBSD.org/patches/SA-10:10/openssl.patch # fetch http://security.FreeBSD.org/patches/SA-10:10/openssl.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/secure/lib/libssl # make obj && make depend && make && make install NOTE: On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in 3) To update your vulnerable system via a binary patch: Systems running 7.1-RELEASE, 7.3-RELEASE, 8.0-RELEASE or 8.1-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path \\- ------------------------------------------------------------------------- RELENG_7_3 src/UPDATING 1.507.2.34.2.6 src/sys/conf/newvers.sh 1.72.2.16.2.8 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.2.1.4.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.19 src/sys/conf/newvers.sh 1.72.2.9.2.20 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.6.2 RELENG_8_1 src/UPDATING 1.632.2.14.2.5 src/sys/conf/newvers.sh 1.83.2.10.2.6 src/crypto/openssl/ssl/s3_clnt.c 1.3.2.1.2.1 src/crypto/openssl/ssl/t1_lib.c 1.2.2.1.2.1 RELENG_8_0 src/UPDATING 1.632.2.7.2.9 src/sys/conf/newvers.sh 1.83.2.6.2.9 src/crypto/openssl/ssl/s3_clnt.c 1.3.4.1 src/crypto/openssl/ssl/t1_lib.c 1.2.4.1 \\- ------------------------------------------------------------------------- Subversion: Branch/path Revision \\- ------------------------------------------------------------------------- stable/7/ r215997 releng/7.3/ r216063 releng/7.1/ r216063 stable/8/ r215912 releng/8.0/ r216063 releng/8.1/ r216063 \\- ------------------------------------------------------------------------- VII. References https://bugzilla.redhat.com/show_bug.cgi?id=649304 http://www.openssl.org/news/secadv_20101116.txt http://www.mail-archive.com/openssl-dev@openssl.org/msg28043.html https://vulners.com/cve/CVE-2010-2939 https://vulners.com/cve/CVE-2010-3864 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc \\-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 iEYEARECAAYFAkz0FdsACgkQFdaIBMps37JjAgCcC7NSDXR7P4d2y4XFF/Ce9sG1 Bs8An36Pjplsfovx6Im/NCnVgHtVgj5x =xU/h \\-----END PGP SIGNATURE----- \n", "cvss3": {}, "published": "2010-11-29T00:00:00", "type": "freebsd_advisory", "title": "\nFreeBSD-SA-10:10.openssl", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2939", "CVE-2010-3864"], "modified": "2010-11-29T00:00:00", "id": "FREEBSD_ADVISORY:FREEBSD-SA-10:10.OPENSSL", "href": "https://www.freebsd.org/security/advisories/FreeBSD-SA-10:10.openssl.asc", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:42", "description": "[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document\n[1.0.0-8]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0-7]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers (#619762)\n[1.0.0-6]\n- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864\n (#649304)\n[1.0.0-5]\n- fix race in extension parsing code - CVE-2010-3864 (#649304)", "cvss3": {}, "published": "2011-05-28T00:00:00", "type": "oraclelinux", "title": "openssl security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-0014", "CVE-2010-3864"], "modified": "2011-05-28T00:00:00", "id": "ELSA-2011-0677", "href": "http://linux.oracle.com/errata/ELSA-2011-0677.html", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:59", "description": "[1.0.0-4.2]\n- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864\n (#649304)\n[1.0.0-4.1]\n- fix race in extension parsing code - CVE-2010-3864 (#649304)", "cvss3": {}, "published": "2011-02-10T00:00:00", "type": "oraclelinux", "title": "openssl security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-4180", "CVE-2010-3864"], "modified": "2011-02-10T00:00:00", "id": "ELSA-2010-0979", "href": "http://linux.oracle.com/errata/ELSA-2010-0979.html", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-05-13T09:23:28", "description": "[1.0.1m-2.0.1]\n- update to upstream 1.0.1m\n- update to fips canister 2.0.9\n- regenerated below patches\n openssl-1.0.1-beta2-rpmbuild.patch\n openssl-1.0.1m-rhcompat.patch\n openssl-1.0.1m-ecc-suiteb.patch\n openssl-1.0.1m-fips-mode.patch\n openssl-1.0.1m-version.patch\n openssl-1.0.1m-evp-devel.patch\n[1.0.1j-2.0.4]\n- [Orabug 20182267] The openssl-fips-devel package should Provide:\n openssl-devel and openssl-devel(x86-64) like the standard -devel\n package\n- The openssl-fips-devel package should include fips.h and fips_rand.h\n for apps that want to build against FIPS* APIs\n[1.0.1j-2.0.3]\n- [Orabug 20086847] reintroduce patch openssl-1.0.1e-ecc-suiteb.patch,\n update ec_curve.c which gets copied into build tree to match the patch\n (ie only have curves which are advertised). The change items from the\n orignal patch are as follows:\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1j-2.0.2]\n- update README.FIPS with step-by-step install instructions\n[1.0.1j-2.0.1]\n- update to upstream 1.0.1j\n- change name to openssl-fips\n- change Obsoletes: openssl to Conflicts: openssl\n- add Provides: openssl\n[1.0.1i-2.0.3.fips]\n- update to fips canister 2.0.8 to remove Dual EC DRBG\n- run gcc -v so the gcc build version is captured in the build log\n[1.0.1i-2.0.2.fips]\n- flip EVP_CIPH_* flag bits for compatibility with original RH patched pkg\n[1.0.1i-2.0.1.fips]\n- build against upstream 1.0.1i\n- build against fips validated canister 2.0.7\n- add patch to support fips=1\n- rename pkg to openssl-fips and Obsolete openssl\n[1.0.1e-16.14]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-16.7]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-16.4]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-16.3]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-16.2]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-16.1]\n- add back some no-op symbols that were inadvertently dropped\n[1.0.1e-16]\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1e-15]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n[1.0.1e-14]\n- installation of dracut-fips marks that the FIPS module is installed\n[1.0.1e-13]\n- avoid dlopening libssl.so from libcrypto\n[1.0.1e-12]\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-11]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n[1.0.1e-9]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-8]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-7]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-6]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-5]\n- use _prefix macro\n[1.0.1e-4]\n- add relro linking flag\n[1.0.1e-2]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-1]\n- rebase to the 1.0.1e upstream version\n[1.0.0-28]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)\n[1.0.0-27]\n- fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645)\n- drop superfluous lib64 fixup in pkgconfig .pc files (#770872)\n- force BIO_accept_new(*:\n) to listen on IPv4\n[1.0.0-26]\n- use PKCS#8 when writing private keys in FIPS mode as the old\n PEM encryption mode is not FIPS compatible (#812348)\n[1.0.0-25]\n- fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n- properly initialize tkeylen in the CVE-2012-0884 fix\n[1.0.0-24]\n- fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)\n[1.0.0-23]\n- fix problem with the SGC restart patch that might terminate handshake\n incorrectly\n- fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n- fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n[1.0.0-22]\n- fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes\n[1.0.0-21]\n- fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery\n vulnerability and additional DTLS fixes (#771770)\n- fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n- fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778)\n- fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n[1.0.0-20]\n- fix x86cpuid.pl - patch by Paolo Bonzini\n[1.0.0-19]\n- add known answer test for SHA2 algorithms\n[1.0.0-18]\n- fix missing initialization of a variable in the CHIL engine (#740188)\n[1.0.0-17]\n- initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207\n (#736087)\n[1.0.0-16]\n- merge the optimizations for AES-NI, SHA1, and RC4 from the intelx\n engine to the internal implementations\n[1.0.0-15]\n- better documentation of the available digests in apps (#693858)\n- backported CHIL engine fixes (#693863)\n- allow testing build without downstream patches (#708511)\n- enable partial RELRO when linking (#723994)\n- add intelx engine with improved performance on new Intel CPUs\n- add OPENSSL_DISABLE_AES_NI environment variable which disables\n the AES-NI support (does not affect the intelx engine)\n[1.0.0-14]\n- use the AES-NI engine in the FIPS mode\n[1.0.0-11]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document\n[1.0.0-8]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0-7]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers (#619762)\n[1.0.0-6]\n- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864\n (#649304)\n[1.0.0-5]\n- fix race in extension parsing code - CVE-2010-3864 (#649304)\n[1.0.0-4]\n- openssl man page fix (#609484)\n[1.0.0-3]\n- fix wrong ASN.1 definition of OriginatorInfo - CVE-2010-0742 (#598738)\n- fix information leak in rsa_verify_recover - CVE-2010-1633 (#598732)\n[1.0.0-2]\n- make CA dir readable - the private keys are in private subdir (#584810)\n- a few fixes from upstream CVS\n- make X509_NAME_hash_old work in FIPS mode (#568395)\n[1.0.0-1]\n- update to final 1.0.0 upstream release\n[1.0.0-0.22.beta5]\n- make TLS work in the FIPS mode\n[1.0.0-0.21.beta5]\n- gracefully handle zero length in assembler implementations of\n OPENSSL_cleanse (#564029)\n- do not fail in s_server if client hostname not resolvable (#561260)\n[1.0.0-0.20.beta5]\n- new upstream release\n[1.0.0-0.19.beta4]\n- fix CVE-2009-4355 - leak in applications incorrectly calling\n CRYPTO_free_all_ex_data() before application exit (#546707)\n- upstream fix for future TLS protocol version handling\n[1.0.0-0.18.beta4]\n- add support for Intel AES-NI\n[1.0.0-0.17.beta4]\n- upstream fix compression handling on session resumption\n- various null checks and other small fixes from upstream\n- upstream changes for the renegotiation info according to the latest draft\n[1.0.0-0.16.beta4]\n- fix non-fips mingw build (patch by Kalev Lember)\n- add IPV6 fix for DTLS\n[1.0.0-0.15.beta4]\n- add better error reporting for the unsafe renegotiation\n[1.0.0-0.14.beta4]\n- fix build on s390x\n[1.0.0-0.13.beta4]\n- disable enforcement of the renegotiation extension on the client (#537962)\n- add fixes from the current upstream snapshot\n[1.0.0-0.12.beta4]\n- keep the beta status in version number at 3 so we do not have to rebuild\n openssh and possibly other dependencies with too strict version check\n[1.0.0-0.11.beta4]\n- update to new upstream version, no soname bump needed\n- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used\n so the compatibility with unfixed clients is not broken. The\n protocol extension is also not final.\n[1.0.0-0.10.beta3]\n- fix use of freed memory if SSL_CTX_free() is called before\n SSL_free() (#521342)\n[1.0.0-0.9.beta3]\n- fix typo in DTLS1 code (#527015)\n- fix leak in error handling of d2i_SSL_SESSION()\n[1.0.0-0.8.beta3]\n- fix RSA and DSA FIPS selftests\n- reenable fixed x86_64 camellia assembler code (#521127)\n[1.0.0-0.7.beta3]\n- temporarily disable x86_64 camellia assembler code (#521127)\n[1.0.0-0.6.beta3]\n- fix openssl dgst -dss1 (#520152)\n[1.0.0-0.5.beta3]\n- drop the compat symlink hacks\n[1.0.0-0.4.beta3]\n- constify SSL_CIPHER_description()\n[1.0.0-0.3.beta3]\n- fix WWW:Curl:Easy reference in tsget\n[1.0.0-0.2.beta3]\n- enable MD-2\n[1.0.0-0.1.beta3]\n- update to new major upstream release\n[0.9.8k-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Wed Jul 22 2009 Bill Nottingham \n- do not build special 'optimized' versions for i686, as that's the base\n arch in Fedora now\n[0.9.8k-6]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n- make CA dir absolute path (#445344)\n- change default length for RSA key generation to 2048 (#484101)\n[0.9.8k-5]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8k-4]\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n[0.9.8k-3]\n- correct the SHLIB_VERSION define\n[0.9.8k-2]\n- add support for multiple CRLs with same subject\n- load only dynamic engine support in FIPS mode\n[0.9.8k-1]\n- update to new upstream release (minor bug fixes, security\n fixes and machine code optimizations only)\n[0.9.8j-10]\n- move libraries to /usr/lib (#239375)\n[0.9.8j-9]\n- add a static subpackage\n[0.9.8j-8]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n[0.9.8j-7]\n- must also verify checksum of libssl.so in the FIPS mode\n- obtain the seed for FIPS rng directly from the kernel device\n- drop the temporary symlinks\n[0.9.8j-6]\n- drop the temporary triggerpostun and symlinking in post\n- fix the pkgconfig files and drop the unnecessary buildrequires\n on pkgconfig as it is a rpmbuild dependency (#481419)\n[0.9.8j-5]\n- add temporary triggerpostun to reinstate the symlinks\n[0.9.8j-4]\n- no pairwise key tests in non-fips mode (#479817)\n[0.9.8j-3]\n- even more robust test for the temporary symlinks\n[0.9.8j-2]\n- try to ensure the temporary symlinks exist\n[0.9.8j-1]\n- new upstream version with necessary soname bump (#455753)\n- temporarily provide symlink to old soname to make it possible to rebuild\n the dependent packages in rawhide\n- add eap-fast support (#428181)\n- add possibility to disable zlib by setting\n- add fips mode support for testing purposes\n- do not null dereference on some invalid smime files\n- add buildrequires pkgconfig (#479493)\n[0.9.8g-11]\n- do not add tls extensions to server hello for SSLv3 either\n[0.9.8g-10]\n- move root CA bundle to ca-certificates package\n[0.9.8g-9]\n- fix CVE-2008-0891 - server name extension crash (#448492)\n- fix CVE-2008-1672 - server key exchange message omit crash (#448495)\n[0.9.8g-8]\n- super-H arch support\n- drop workaround for bug 199604 as it should be fixed in gcc-4.3\n[0.9.8g-7]\n- sparc handling\n[0.9.8g-6]\n- update to new root CA bundle from mozilla.org (r1.45)\n[0.9.8g-5]\n- Autorebuild for GCC 4.3\n[0.9.8g-4]\n- merge review fixes (#226220)\n- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846)\n[0.9.8g-3]\n- set default paths when no explicit paths are set (#418771)\n- do not add tls extensions to client hello for SSLv3 (#422081)\n[0.9.8g-2]\n- enable some new crypto algorithms and features\n- add some more important bug fixes from openssl CVS\n[0.9.8g-1]\n- update to latest upstream release, SONAME bumped to 7\n[0.9.8b-17]\n- update to new CA bundle from mozilla.org\n[0.9.8b-16]\n- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)\n- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)\n- add alpha sub-archs (#296031)\n[0.9.8b-15]\n- rebuild\n[0.9.8b-14]\n- use localhost in testsuite, hopefully fixes slow build in koji\n- CVE-2007-3108 - fix side channel attack on private keys (#250577)\n- make ssl session cache id matching strict (#233599)\n[0.9.8b-13]\n- allow building on ARM architectures (#245417)\n- use reference timestamps to prevent multilib conflicts (#218064)\n- -devel package must require pkgconfig (#241031)\n[0.9.8b-12]\n- detect duplicates in add_dir properly (#206346)\n[0.9.8b-11]\n- the previous change still didn't make X509_NAME_cmp transitive\n[0.9.8b-10]\n- make X509_NAME_cmp transitive otherwise certificate lookup\n is broken (#216050)\n[0.9.8b-9]\n- aliasing bug in engine loading, patch by IBM (#213216)\n[0.9.8b-8]\n- CVE-2006-2940 fix was incorrect (#208744)\n[0.9.8b-7]\n- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n- fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n- fix CVE-2006-4343 - sslv2 client DoS (#206940)\n[0.9.8b-6]\n- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n[0.9.8b-5]\n- set buffering to none on stdio/stdout FILE when bufsize is set (#200580)\n patch by IBM\n[0.9.8b-4.1]\n- rebuild with new binutils (#200330)\n[0.9.8b-4]\n- add a temporary workaround for sha512 test failure on s390 (#199604)\n* Thu Jul 20 2006 Tomas Mraz \n- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737)\n- add patches for BN threadsafety, AES cache collision attack hazard fix and\n pkcs7 code memleak fix from upstream CVS\n[0.9.8b-3.1]\n- rebuild\n[0.9.8b-3]\n- dropped libica and ica engine from build\n* Wed Jun 21 2006 Joe Orton \n- update to new CA bundle from mozilla.org; adds CA certificates\n from netlock.hu and startcom.org\n[0.9.8b-2]\n- fixed a few rpmlint warnings\n- better fix for #173399 from upstream\n- upstream fix for pkcs12\n[0.9.8b-1]\n- upgrade to new version, stays ABI compatible\n- there is no more linux/config.h (it was empty anyway)\n[0.9.8a-6]\n- fix stale open handles in libica (#177155)\n- fix build if 'rand' or 'passwd' in buildroot path (#178782)\n- initialize VIA Padlock engine (#186857)\n[0.9.8a-5.2]\n- bump again for double-long bug on ppc(64)\n[0.9.8a-5.1]\n- rebuilt for new gcc4.1 snapshot and glibc changes\n[0.9.8a-5]\n- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n in SSL_OP_ALL (#175779)\n* Fri Dec 09 2005 Jesse Keating \n- rebuilt\n[0.9.8a-4]\n- fix build (-lcrypto was erroneusly dropped) of the updated libica\n- updated ICA engine to 1.3.6-rc3\n[0.9.8a-3]\n- disable builtin compression methods for now until they work\n properly (#173399)\n[0.9.8a-2]\n- don't set -rpath for openssl binary\n[0.9.8a-1]\n- new upstream version\n- patches partially renumbered\n[0.9.7f-11]\n- updated IBM ICA engine library and patch to latest upstream version\n[0.9.7f-10]\n- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which\n disables the countermeasure against man in the middle attack in SSLv2\n (#169863)\n- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)\n[0.9.7f-9]\n- add *.so.soversion as symlinks in /lib (#165264)\n- remove unpackaged symlinks (#159595)\n- fixes from upstream (constant time fixes for DSA,\n bn assembler div on ppc arch, initialize memory on realloc)\n[0.9.7f-8]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7f-7]\n- fix CAN-2005-0109 - use constant time/memory access mod_exp\n so bits of private key aren't leaked by cache eviction (#157631)\n- a few more fixes from upstream 0.9.7g\n[0.9.7f-6]\n- use poll instead of select in rand (#128285)\n- fix Makefile.certificate to point to /etc/pki/tls\n- change the default string mask in ASN1 to PrintableString+UTF8String\n[0.9.7f-5]\n- update to revision 1.37 of Mozilla CA bundle\n[0.9.7f-4]\n- move certificates to _sysconfdir/pki/tls (#143392)\n- move CA directories to _sysconfdir/pki/CA\n- patch the CA script and the default config so it points to the\n CA directories\n[0.9.7f-3]\n- uninitialized variable mustn't be used as input in inline\n assembly\n- reenable the x86_64 assembly again\n[0.9.7f-2]\n- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken\n- disable broken bignum assembly on x86_64\n[0.9.7f-1]\n- reenable optimizations on ppc64 and assembly code on ia64\n- upgrade to new upstream version (no soname bump needed)\n- disable thread test - it was testing the backport of the\n RSA blinding - no longer needed\n- added support for changing serial number to\n Makefile.certificate (#151188)\n- make ca-bundle.crt a config file (#118903)\n[0.9.7e-3]\n- libcrypto shouldn't depend on libkrb5 (#135961)\n[0.9.7e-2]\n- rebuild\n[0.9.7e-1]\n- new upstream source, updated patches\n- added patch so we are hopefully ABI compatible with upcoming\n 0.9.7f\n* Thu Feb 10 2005 Tomas Mraz \n- Support UTF-8 charset in the Makefile.certificate (#134944)\n- Added cmp to BuildPrereq\n[0.9.7a-46]\n- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32)\n[0.9.7a-45]\n- Fixed and updated libica-1.3.4-urandom.patch patch (#122967)\n[0.9.7a-44]\n- rebuild\n[0.9.7a-43]\n- rebuild\n[0.9.7a-42]\n- rebuild\n[0.9.7a-41]\n- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040)\n[0.9.7a-40]\n- Include latest libica version with important bugfixes\n* Tue Jun 15 2004 Elliot Lee \n- rebuilt\n[0.9.7a-38]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7a-37]\n- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik)\n[0.9.7a-36]\n- handle %{_arch}=i486/i586/i686/athlon cases in the intermediate\n header (#124303)\n[0.9.7a-35]\n- add security fixes for CAN-2004-0079, CAN-2004-0112\n* Tue Mar 16 2004 Phil Knirsch \n- Fixed libica filespec.\n[0.9.7a-34]\n- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix\n the intermediate header\n[0.9.7a-33]\n- add an intermediate \n which points to the right\n arch-specific opensslconf.h on multilib arches\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[0.9.7a-32]\n- Updated libica to latest upstream version 1.3.5.\n[0.9.7a-31]\n- Update ICA crypto engine patch from IBM to latest version.\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[0.9.7a-29]\n- rebuilt\n[0.9.7a-28]\n- Fixed libica build.\n* Wed Feb 04 2004 Nalin Dahyabhai \n- add '-ldl' to link flags added for Linux-on-ARM (#99313)\n[0.9.7a-27]\n- updated ca-bundle.crt: removed expired GeoTrust roots, added\n freessl.com root, removed trustcenter.de Class 0 root\n[0.9.7a-26]\n- Fix link line for libssl (bug #111154).\n[0.9.7a-25]\n- add dependency on zlib-devel for the -devel package, which depends on zlib\n symbols because we enable zlib for libssl (#102962)\n[0.9.7a-24]\n- Use /dev/urandom instead of PRNG for libica.\n- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c\n- Use latest ICA engine patch from IBM.\n[0.9.7a-22.1]\n- rebuild\n[0.9.7a-22]\n- rebuild (22 wasn't actually built, fun eh?)\n[0.9.7a-23]\n- re-disable optimizations on ppc64\n* Tue Sep 30 2003 Joe Orton \n- add a_mbstr.c fix for 64-bit platforms from CVS\n[0.9.7a-22]\n- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged\n as not needing executable stacks\n[0.9.7a-21]\n- rebuild\n* Thu Sep 25 2003 Nalin Dahyabhai \n- re-enable optimizations on ppc64\n* Thu Sep 25 2003 Nalin Dahyabhai \n- remove exclusivearch\n[0.9.7a-20]\n- only parse a client cert if one was requested\n- temporarily exclusivearch for %{ix86}\n* Tue Sep 23 2003 Nalin Dahyabhai \n- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544)\n and heap corruption (CAN-2003-0545)\n- update RHNS-CA-CERT files\n- ease back on the number of threads used in the threading test\n[0.9.7a-19]\n- rebuild to fix gzipped file md5sums (#91211)\n[0.9.7a-18]\n- Updated libica to version 1.3.4.\n[0.9.7a-17]\n- rebuild\n[0.9.7a-10.9]\n- free the kssl_ctx structure when we free an SSL structure (#99066)\n[0.9.7a-16]\n- rebuild\n[0.9.7a-15]\n- lower thread test count on s390x\n[0.9.7a-14]\n- rebuild\n[0.9.7a-13]\n- disable assembly on arches where it seems to conflict with threading\n[0.9.7a-12]\n- Updated libica to latest upstream version 1.3.0\n[0.9.7a-9.9]\n- rebuild\n[0.9.7a-11]\n- rebuild\n[0.9.7a-10]\n- ubsec: don't stomp on output data which might also be input data\n[0.9.7a-9]\n- temporarily disable optimizations on ppc64\n* Mon Jun 09 2003 Nalin Dahyabhai \n- backport fix for engine-used-for-everything from 0.9.7b\n- backport fix for prng not being seeded causing problems, also from 0.9.7b\n- add a check at build-time to ensure that RSA is thread-safe\n- keep perlpath from stomping on the libica configure scripts\n* Fri Jun 06 2003 Nalin Dahyabhai \n- thread-safety fix for RSA blinding\n[0.9.7a-8]\n- rebuilt\n[0.9.7a-7]\n- Added libica-1.2 to openssl (featurerequest).\n[0.9.7a-6]\n- fix building with incorrect flags on ppc64\n[0.9.7a-5]\n- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's\n attack (CAN-2003-0131)\n[ 0.9.7a-4]\n- add patch to enable RSA blinding by default, closing a timing attack\n (CAN-2003-0147)\n[0.9.7a-3]\n- disable use of BN assembly module on x86_64, but continue to allow inline\n assembly (#83403)\n[0.9.7a-2]\n- disable EC algorithms\n[0.9.7a-1]\n- update to 0.9.7a\n[0.9.7-8]\n- add fix to guard against attempts to allocate negative amounts of memory\n- add patch for CAN-2003-0078, fixing a timing attack\n[0.9.7-7]\n- Add openssl-ppc64.patch\n[0.9.7-6]\n- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(),\n to get the right behavior when passed uninitialized context structures\n (#83766)\n- build with -mcpu=ev5 on alpha family (#83828)\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[0.9.7-4]\n- Added IBM hw crypto support patch.\n* Wed Jan 15 2003 Nalin Dahyabhai \n- add missing builddep on sed\n[0.9.7-3]\n- debloat\n- fix broken manpage symlinks\n[0.9.7-2]\n- fix double-free in 'openssl ca'\n[0.9.7-1]\n- update to 0.9.7 final\n[0.9.7-0]\n- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n* Wed Dec 11 2002 Nalin Dahyabhai \n- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n[0.9.6b-30]\n- add configuration stanza for x86_64 and use it on x86_64\n- build for linux-ppc on ppc\n- start running the self-tests again\n[0.9.6b-29hammer.3]\n- Merge fixes from previous hammer packages, including general x86-64 and\n multilib\n[0.9.6b-29]\n- rebuild\n[0.9.6b-28]\n- update asn patch to fix accidental reversal of a logic check\n[0.9.6b-27]\n- update asn patch to reduce chance that compiler optimization will remove\n one of the added tests\n[0.9.6b-26]\n- rebuild\n[0.9.6b-25]\n- add patch to fix ASN.1 vulnerabilities\n[0.9.6b-24]\n- add backport of Ben Laurie's patches for OpenSSL 0.9.6d\n[0.9.6b-23]\n- own {_datadir}/ssl/misc\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[0.9.6b-20]\n- free ride through the build system (whee!)\n[0.9.6b-19]\n- rebuild in new environment\n[0.9.6b-17, 0.9.6b-18]\n- merge RHL-specific bits into stronghold package, rename\n[stronghold-0.9.6c-2]\n- add support for Chrysalis Luna token\n* Tue Mar 26 2002 Gary Benson \n- disable AEP random number generation, other AEP fixes\n[0.9.6b-15]\n- only build subpackages on primary arches\n[0.9.6b-13]\n- on ia32, only disable use of assembler on i386\n- enable assembly on ia64\n[0.9.6b-11]\n- fix sparcv9 entry\n[stronghold-0.9.6c-1]\n- upgrade to 0.9.6c\n- bump BuildArch to i686 and enable assembler on all platforms\n- synchronise with shrimpy and rawhide\n- bump soversion to 3\n* Wed Oct 10 2001 Florian La Roche \n- delete BN_LLONG for s390x, patch from Oliver Paukstadt\n[0.9.6b-9]\n- update AEP driver patch\n* Mon Sep 10 2001 Nalin Dahyabhai \n- adjust RNG disabling patch to match version of patch from Broadcom\n[0.9.6b-8]\n- disable the RNG in the ubsec engine driver\n[0.9.6b-7]\n- tweaks to the ubsec engine driver\n[0.9.6b-6]\n- tweaks to the ubsec engine driver\n[0.9.6b-5]\n- update ubsec engine driver from Broadcom\n[0.9.6b-4]\n- move man pages back to %{_mandir}/man?/foo.?ssl from\n %{_mandir}/man?ssl/foo.?\n- add an [ engine ] section to the default configuration file\n* Thu Aug 09 2001 Nalin Dahyabhai \n- add a patch for selecting a default engine in SSL_library_init()\n[0.9.6b-3]\n- add patches for AEP hardware support\n- add patch to keep trying when we fail to load a cert from a file and\n there are more in the file\n- add missing prototype for ENGINE_ubsec() in engine_int.h\n[0.9.6b-2]\n- actually add hw_ubsec to the engine list\n* Tue Jul 17 2001 Nalin Dahyabhai \n- add in the hw_ubsec driver from CVS\n[0.9.6b-1]\n- update to 0.9.6b\n* Thu Jul 05 2001 Nalin Dahyabhai \n- move .so symlinks back to %{_libdir}\n* Tue Jul 03 2001 Nalin Dahyabhai \n- move shared libraries to /lib (#38410)\n* Mon Jun 25 2001 Nalin Dahyabhai \n- switch to engine code base\n* Mon Jun 18 2001 Nalin Dahyabhai \n- add a script for creating dummy certificates\n- move man pages from %{_mandir}/man?/foo.?ssl to %{_mandir}/man?ssl/foo.?\n* Thu Jun 07 2001 Florian La Roche \n- add s390x support\n* Fri Jun 01 2001 Nalin Dahyabhai \n- change two memcpy() calls to memmove()\n- don't define L_ENDIAN on alpha\n[stronghold-0.9.6a-1]\n- Add 'stronghold-' prefix to package names.\n- Obsolete standard openssl packages.\n* Wed May 16 2001 Joe Orton \n- Add BuildArch: i586 as per Nalin's advice.\n* Tue May 15 2001 Joe Orton \n- Enable assembler on ix86 (using new .tar.bz2 which does\n include the asm directories).\n* Tue May 15 2001 Nalin Dahyabhai \n- make subpackages depend on the main package\n* Tue May 01 2001 Nalin Dahyabhai \n- adjust the hobble script to not disturb symlinks in include/ (fix from\n Joe Orton)\n* Fri Apr 27 2001 Nalin Dahyabhai \n- drop the m2crypo patch we weren't using\n* Tue Apr 24 2001 Nalin Dahyabhai \n- configure using 'shared' as well\n* Sun Apr 08 2001 Nalin Dahyabhai \n- update to 0.9.6a\n- use the build-shared target to build shared libraries\n- bump the soversion to 2 because we're no longer compatible with\n our 0.9.5a packages or our 0.9.6 packages\n- drop the patch for making rsatest a no-op when rsa null support is used\n- put all man pages into \nssl instead of \n- break the m2crypto modules into a separate package\n* Tue Mar 13 2001 Nalin Dahyabhai \n- use BN_LLONG on s390\n* Mon Mar 12 2001 Nalin Dahyabhai \n- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)\n* Sat Mar 03 2001 Nalin Dahyabhai \n- move c_rehash to the perl subpackage, because it's a perl script now\n* Fri Mar 02 2001 Nalin Dahyabhai \n- update to 0.9.6\n- enable MD2\n- use the libcrypto.so and libssl.so targets to build shared libs with\n- bump the soversion to 1 because we're no longer compatible with any of\n the various 0.9.5a packages circulating around, which provide lib*.so.0\n* Wed Feb 28 2001 Florian La Roche \n- change hobble-openssl for disabling MD2 again\n* Tue Feb 27 2001 Nalin Dahyabhai \n- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152\n bytes or so, causing EVP_DigestInit() to zero out stack variables in\n apps built against a version of the library without it\n* Mon Feb 26 2001 Nalin Dahyabhai \n- disable some inline assembly, which on x86 is Pentium-specific\n- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)\n* Thu Feb 08 2001 Florian La Roche \n- fix s390 patch\n* Fri Dec 08 2000 Than Ngo \n- added support s390\n* Mon Nov 20 2000 Nalin Dahyabhai \n- remove -Wa,* and -m* compiler flags from the default Configure file (#20656)\n- add the CA.pl man page to the perl subpackage\n* Thu Nov 02 2000 Nalin Dahyabhai \n- always build with -mcpu=ev5 on alpha\n* Tue Oct 31 2000 Nalin Dahyabhai \n- add a symlink from cert.pem to ca-bundle.crt\n* Wed Oct 25 2000 Nalin Dahyabhai \n- add a ca-bundle file for packages like Samba to reference for CA certificates\n* Tue Oct 24 2000 Nalin Dahyabhai \n- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)\n* Mon Oct 02 2000 Nalin Dahyabhai \n- add unzip as a buildprereq (#17662)\n- update m2crypto to 0.05-snap4\n* Tue Sep 26 2000 Bill Nottingham \n- fix some issues in building when it's not installed\n* Wed Sep 06 2000 Nalin Dahyabhai \n- make sure the headers we include are the ones we built with (aaaaarrgh!)\n* Fri Sep 01 2000 Nalin Dahyabhai \n- add Richard Henderson's patch for BN on ia64\n- clean up the changelog\n* Tue Aug 29 2000 Nalin Dahyabhai \n- fix the building of python modules without openssl-devel already installed\n* Wed Aug 23 2000 Nalin Dahyabhai \n- byte-compile python extensions without the build-root\n- adjust the makefile to not remove temporary files (like .key files when\n building .csr files) by marking them as .PRECIOUS\n* Sat Aug 19 2000 Nalin Dahyabhai \n- break out python extensions into a subpackage\n* Mon Jul 17 2000 Nalin Dahyabhai \n- tweak the makefile some more\n* Tue Jul 11 2000 Nalin Dahyabhai \n- disable MD2 support\n* Thu Jul 06 2000 Nalin Dahyabhai \n- disable MDC2 support\n* Sun Jul 02 2000 Nalin Dahyabhai \n- tweak the disabling of RC5, IDEA support\n- tweak the makefile\n* Thu Jun 29 2000 Nalin Dahyabhai \n- strip binaries and libraries\n- rework certificate makefile to have the right parts for Apache\n* Wed Jun 28 2000 Nalin Dahyabhai \n- use %{_perl} instead of /usr/bin/perl\n- disable alpha until it passes its own test suite\n* Fri Jun 09 2000 Nalin Dahyabhai \n- move the passwd.1 man page out of the passwd package's way\n* Fri Jun 02 2000 Nalin Dahyabhai \n- update to 0.9.5a, modified for U.S.\n- add perl as a build-time requirement\n- move certificate makefile to another package\n- disable RC5, IDEA, RSA support\n- remove optimizations for now\n* Wed Mar 01 2000 Florian La Roche \n- Bero told me to move the Makefile into this package\n* Wed Mar 01 2000 Florian La Roche \n- add lib*.so symlinks to link dynamically against shared libs\n* Tue Feb 29 2000 Florian La Roche \n- update to 0.9.5\n- run ldconfig directly in post/postun\n- add FAQ\n* Sat Dec 18 1999 Bernhard Rosenkrdnzer \n- Fix build on non-x86 platforms\n* Fri Nov 12 1999 Bernhard Rosenkrdnzer \n- move /usr/share/ssl/* from -devel to main package\n* Tue Oct 26 1999 Bernhard Rosenkrdnzer \n- inital packaging\n- changes from base:\n - Move /usr/local/ssl to /usr/share/ssl for FHS compliance\n - handle RPM_OPT_FLAGS\nopenssl-1.0.1-beta2-rpmbuild.patch\nopenssl-0.9.8a-no-rpath.patch", "cvss3": {}, "published": "2015-04-02T00:00:00", "type": "oraclelinux", "title": "openssl-fips security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2003-0078", "CVE-2003-0131", "CVE-2003-0147", "CVE-2003-0543", "CVE-2003-0544", "CVE-2003-0545", "CVE-2004-0079", "CVE-2004-0112", "CVE-2004-0975", "CVE-2005-0109", "CVE-2005-2946", "CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-5298", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2333", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2015-04-02T00:00:00", "id": "ELSA-2015-3022", "href": "http://linux.oracle.com/errata/ELSA-2015-3022.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-30T06:24:33", "description": "[1.0.2k-16.0.1.el7_6.1]\n- Bump release for rebuild.\n[1.0.2k-16.1]\n- use SHA-256 in FIPS RSA pairwise key check\n- fix CVE-2018-5407 - EC signature local timing side-channel key extraction\n[1.0.2k-16]\n- fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA\n- fix incorrect error message on FIPS DSA parameter generation (#1603597)\n[1.0.2k-14]\n- ppc64le is not multilib architecture (#1585004)\n[1.0.2k-13]\n- add S390x assembler updates\n- make CA name list comparison function case sensitive (#1548401)\n- fix CVE-2017-3735 - possible one byte overread with X.509 IPAdressFamily\n- fix CVE-2018-0732 - large prime DH DoS of TLS client\n- fix CVE-2018-0737 - RSA key generation cache timing vulnerability\n- fix CVE-2018-0739 - stack overflow parsing recursive ASN.1 structure\n[1.0.2k-12]\n- fix CVE-2017-3737 - incorrect handling of fatal error state\n- fix CVE-2017-3738 - AVX2 Montgomery multiplication bug with 1024 bit modulus\n[1.0.2k-11]\n- fix deadlock in RNG in the FIPS mode in mariadb\n[1.0.2k-9]\n- fix CVE-2017-3736 - carry propagation bug in Montgomery multiplication\n[1.0.2k-8]\n- fix regression in openssl req -x509 command (#1450015)\n[1.0.2k-7]\n- handle incorrect size gracefully in aes_p8_cbc_encrypt()\n[1.0.2k-6]\n- allow long client hellos to be received by server\n[1.0.2k-5]\n- fix CPU features detection on new AMD processors\n[1.0.2k-4]\n- add support for additional STARTTLS protocols to s_client\n original backported patch by Robert Scheck (#1396209)\n[1.0.2k-3]\n- properly document the SSLv2 support removal\n[1.0.2k-2]\n- add PPC assembler updates\n[1.0.2k-1]\n- minor upstream release 1.0.2k fixing security issues\n[1.0.2j-2]\n- deprecate and disable verification of insecure hash algorithms\n- add support for /etc/pki/tls/legacy-settings also for minimum DH length\n accepted by SSL client\n- compare the encrypt and tweak key in XTS as required by FIPS\n[1.0.2j-1]\n- rebase to latest upstream release from the 1.0.2 branch, ABI compatible\n[1.0.1e-60]\n- fix CVE-2016-2177 - possible integer overflow\n- fix CVE-2016-2178 - non-constant time DSA operations\n- fix CVE-2016-2179 - further DoS issues in DTLS\n- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()\n- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue\n- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()\n- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check\n- fix CVE-2016-6304 - unbound memory growth with OCSP status request\n- fix CVE-2016-6306 - certificate message OOB reads\n- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to\n 112 bit effective strength\n[1.0.1e-58]\n- replace expired testing certificates\n[1.0.1e-57]\n- fix CVE-2016-2105 - possible overflow in base64 encoding\n- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()\n- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC\n- fix CVE-2016-2108 - memory corruption in ASN.1 encoder\n- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO\n[1.0.1e-56]\n- fix 1-byte memory leak in pkcs12 parse (#1312112)\n- document some options of the speed command (#1312110)\n- fix high-precision timestamps in timestamping authority\n- enable SCTP support in DTLS\n- use correct digest when exporting keying material in TLS1.2 (#1289620)\n- fix CVE-2016-0799 - memory issues in BIO_printf\n- add support for setting Kerberos service and keytab in\n s_server and s_client\n[1.0.1e-55]\n- fix CVE-2016-0702 - side channel attack on modular exponentiation\n- fix CVE-2016-0705 - double-free in DSA private key parsing\n- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn\n[1.0.1e-54]\n- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement\n- disable SSLv2 in the generic TLS method\n[1.0.1e-53]\n- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2\n[1.0.1e-52]\n- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter\n- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak\n- fix CVE-2015-3196 - race condition when handling PSK identity hint\n[1.0.1e-51]\n- fix the CVE-2015-1791 fix (broken server side renegotiation)\n[1.0.1e-50]\n- improved fix for CVE-2015-1791\n- add missing parts of CVE-2015-0209 fix for corectness although unexploitable\n[1.0.1e-49]\n- fix CVE-2014-8176 - invalid free in DTLS buffering code\n- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time\n- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent\n- fix CVE-2015-1791 - race condition handling NewSessionTicket\n- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function\n[1.0.1e-48]\n- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on\n read in multithreaded applications\n[1.0.1e-47]\n- fix CVE-2015-4000 - prevent the logjam attack on client - restrict\n the DH key size to at least 768 bits (limit will be increased in future)\n[1.0.1e-46]\n- drop the AES-GCM restriction of 2^32 operations because the IV is\n always 96 bits (32 bit fixed field + 64 bit invocation field)\n[1.0.1e-45]\n- update fix for CVE-2015-0287 to what was released upstream\n[1.0.1e-44]\n- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()\n- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison\n- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption\n- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference\n- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data\n- fix CVE-2015-0292 - integer underflow in base64 decoder\n- fix CVE-2015-0293 - triggerable assert in SSLv2 server\n[1.0.1e-43]\n- fix broken error detection when unwrapping unpadded key\n[1.0.1e-42.1]\n- fix the RFC 5649 for key material that does not need padding\n[1.0.1e-42]\n- test in the non-FIPS RSA keygen for minimal distance of p and q\n similarly to the FIPS RSA keygen\n[1.0.1e-41]\n- fix CVE-2014-3570 - incorrect computation in BN_sqr()\n- fix CVE-2014-3571 - possible crash in dtls1_get_record()\n- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state\n- fix CVE-2014-8275 - various certificate fingerprint issues\n- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export\n ciphersuites and on server\n- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate\n- fix CVE-2015-0206 - possible memory leak when buffering DTLS records\n[1.0.1e-40]\n- use FIPS approved method for computation of d in RSA\n- copy digest algorithm when handling SNI context switch\n[1.0.1e-39]\n- fix CVE-2014-3567 - memory leak when handling session tickets\n- fix CVE-2014-3513 - memory leak in srtp support\n- add support for fallback SCSV to partially mitigate CVE-2014-3566\n (padding attack on SSL3)\n[1.0.1e-38]\n- do FIPS algorithm selftest before the integrity check\n[1.0.1e-37]\n- add support for RFC 5649 (#1119738)\n- do not pass the FIPS integrity check if the .hmac files are empty (#1128849)\n- add ECC TLS extensions to DTLS (#1119803)\n- do not send ECC ciphersuites in SSLv2 client hello (#1090955)\n- properly propagate encryption failure in BIO_f_cipher (#1072439)\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n- improve documentation of ciphersuites - patch by Hubert Kario (#1108026)\n- use case insensitive comparison for servername in s_server (#1081163)\n- add support for automatic ECDH curve selection on server (#1080128)\n- FIPS mode: make the limitations on DSA, DH, and RSA keygen\n length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment\n variable is set\n[1.0.1e-36]\n- add support for ppc64le architecture\n- add Power 8 optimalizations\n[1.0.1e-35]\n- fix CVE-2014-3505 - doublefree in DTLS packet processing\n- fix CVE-2014-3506 - avoid memory exhaustion in DTLS\n- fix CVE-2014-3507 - avoid memory leak in DTLS\n- fix CVE-2014-3508 - fix OID handling to avoid information leak\n- fix CVE-2014-3509 - fix race condition when parsing server hello\n- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS\n- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation\n[1.0.1e-34.3]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-34]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-33]\n- use the key length from configuration file if req -newkey rsa is invoked\n[1.0.1e-32]\n- avoid unnecessary reseeding in BN_rand in the FIPS mode\n[1.0.1e-31]\n- print ephemeral key size negotiated in TLS handshake (#1057715)\n- add DH_compute_key_padded needed for FIPS CAVS testing\n- make expiration and key length changeable by DAYS and KEYLEN\n variables in the certificate Makefile (#1058108)\n- change default hash to sha256 (#1062325)\n- lower the actual 3des strength so it is sorted behind aes128 (#1056616)\n[1:1.0.1e-30]\n- Mass rebuild 2014-01-24\n[1.0.1e-29]\n- rebuild with -O3 on ppc64 architecture\n[1.0.1e-28]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1:1.0.1e-27]\n- Mass rebuild 2013-12-27\n[1.0.1e-26]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n- drop weak ciphers from the default TLS ciphersuite list\n- add back some symbols that were dropped with update to 1.0.1 branch\n- more FIPS validation requirement changes\n[1.0.1e-25]\n- fix locking and reseeding problems with FIPS drbg\n[1.0.1e-24]\n- additional changes required for FIPS validation\n- disable verification of certificate, CRL, and OCSP signatures\n using MD5 if OPENSSL_ENABLE_MD5_VERIFY environment variable\n is not set\n[1.0.1e-23]\n- add back support for secp521r1 EC curve\n- add aarch64 to Configure (#969692)\n[1.0.1e-22]\n- do not advertise ECC curves we do not support (#1022493)\n[1.0.1e-21]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n- drop the -fips subpackage, installation of dracut-fips marks that the FIPS\n module is installed\n- avoid dlopening libssl.so from libcrypto\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-20]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n- try to avoid some races when updating the -fips subpackage\n[1.0.1e-19]\n- use version-release in .hmac suffix to avoid overwrite\n during upgrade\n[1.0.1e-18]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-16]\n- add -fips subpackage that contains the FIPS module files\n[1.0.1e-15]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-14]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-13]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-12]\n- use _prefix macro\n[1.0.1e-11]\n- add openssl.cnf.5 manpage symlink to config.5\n[1.0.1e-10]\n- add relro linking flag\n[1.0.1e-9]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-8]\n- disable GOST engine\n[1.0.1e-7]\n- add symbol version for ECC functions\n[1.0.1e-6]\n- update the FIPS selftests to use 256 bit curves\n[1.0.1e-5]\n- enabled NIST Suite B ECC curves and algorithms\n[1.0.1e-4]\n- fix random bad record mac errors (#918981)\n[1.0.1e-3]\n- fix up the SHLIB_VERSION_NUMBER\n[1.0.1e-2]\n- disable ZLIB loading by default (due to CRIME attack)\n[1.0.1e-1]\n- new upstream version\n[1.0.1c-12]\n- more fixes from upstream\n- fix errors in manual causing build failure (#904777)\n[1.0.1c-11]\n- add script for renewal of a self-signed cert by Philip Prindeville (#871566)\n- allow X509_issuer_and_serial_hash() produce correct result in\n the FIPS mode (#881336)\n[1.0.1c-10]\n- do not load default verify paths if CApath or CAfile specified (#884305)\n[1.0.1c-9]\n- more fixes from upstream CVS\n- fix DSA key pairwise check (#878597)\n[1.0.1c-8]\n- use 1024 bit DH parameters in s_server as 512 bit is not allowed\n in FIPS mode and it is quite weak anyway\n[1.0.1c-7]\n- add missing initialization of str in aes_ccm_init_key (#853963)\n- add important patches from upstream CVS\n- use the secure_getenv() with new glibc\n[1:1.0.1c-6]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild\n[1.0.1c-5]\n- use __getenv_secure() instead of __libc_enable_secure\n[1.0.1c-4]\n- do not move libcrypto to /lib\n- do not use environment variables if __libc_enable_secure is on\n- fix strict aliasing problems in modes\n[1.0.1c-3]\n- fix DSA key generation in FIPS mode (#833866)\n- allow duplicate FIPS_mode_set(1)\n- enable build on ppc64 subarch (#834652)\n[1.0.1c-2]\n- fix s_server with new glibc when no global IPv6 address (#839031)\n- make it build with new Perl\n[1.0.1c-1]\n- new upstream version\n[1.0.1b-1]\n- new upstream version\n[1.0.1a-1]\n- new upstream version fixing CVE-2012-2110\n[1.0.1-3]\n- add Kerberos 5 libraries to pkgconfig for static linking (#807050)\n[1.0.1-2]\n- backports from upstream CVS\n- fix segfault when /dev/urandom is not available (#809586)\n[1.0.1-1]\n- new upstream release\n[1.0.1-0.3.beta3]\n- add obsoletes to assist multilib updates (#799636)\n[1.0.1-0.2.beta3]\n- epoch bumped to 1 due to revert to 1.0.0g on Fedora 17\n- new upstream release from the 1.0.1 branch\n- fix s390x build (#798411)\n- versioning for the SSLeay symbol (#794950)\n- add -DPURIFY to build flags (#797323)\n- filter engine provides\n- split the libraries to a separate -libs package\n- add make to requires on the base package (#783446)\n[1.0.1-0.1.beta2]\n- new upstream release from the 1.0.1 branch, ABI compatible\n- add documentation for the -no_ign_eof option\n[1.0.0g-1]\n- new upstream release fixing CVE-2012-0050 - DoS regression in\n DTLS support introduced by the previous release (#782795)\n[1.0.0f-1]\n- new upstream release fixing multiple CVEs\n[1.0.0e-4]\n- move the libraries needed for static linking to Libs.private\n[1.0.0e-3]\n- do not use AVX instructions when osxsave bit not set\n- add direct known answer tests for SHA2 algorithms\n[1.0.0e-2]\n- fix missing initialization of variable in CHIL engine\n[1.0.0e-1]\n- new upstream release fixing CVE-2011-3207 (#736088)\n[1.0.0d-8]\n- drop the separate engine for Intel acceleration improvements\n and merge in the AES-NI, SHA1, and RC4 optimizations\n- add support for OPENSSL_DISABLE_AES_NI environment variable\n that disables the AES-NI support\n[1.0.0d-7]\n- correct openssl cms help output (#636266)\n- more tolerant starttls detection in XMPP protocol (#608239)\n[1.0.0d-6]\n- add support for newest Intel acceleration improvements backported\n from upstream by Intel in form of a separate engine\n[1.0.0d-5]\n- allow the AES-NI engine in the FIPS mode\n[1.0.0d-4]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0d-3]\n- add support for VIA Padlock on 64bit arch from upstream (#617539)\n- do not return bogus values from load_certs (#652286)\n[1.0.0d-2]\n- clarify apps help texts for available digest algorithms (#693858)\n[1.0.0d-1]\n- new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability)\n[1.0.0c-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild\n[1.0.0c-3]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0c-2]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers\n[1.0.0c-1]\n- new upstream version fixing CVE-2010-4180\n[1.0.0b-3]\n- replace the revert for the s390x bignum asm routines with\n fix from upstream\n[1.0.0b-2]\n- revert upstream change in s390x bignum asm routines\n[1.0.0b-1]\n- new upstream version fixing CVE-2010-3864 (#649304)\n[1.0.0a-3]\n- make SHLIB_VERSION reflect the library suffix\n[1.0.0a-2]\n- openssl man page fix (#609484)\n[1.0.0a-1]\n- new upstream patch release, fixes CVE-2010-0742 (#598738)\n and CVE-2010-1633 (#598732)\n[1.0.0-5]\n- pkgconfig files now contain the correct libdir (#593723)\n[1.0.0-4]\n- make CA dir readable - the private keys are in private subdir (#584810)\n[1.0.0-3]\n- a few fixes from upstream CVS\n- move libcrypto to /lib (#559953)\n[1.0.0-2]\n- set UTC timezone on pod2man run (#578842)\n- make X509_NAME_hash_old work in FIPS mode\n[1.0.0-1]\n- update to final 1.0.0 upstream release\n[1.0.0-0.22.beta5]\n- make TLS work in the FIPS mode\n[1.0.0-0.21.beta5]\n- gracefully handle zero length in assembler implementations of\n OPENSSL_cleanse (#564029)\n- do not fail in s_server if client hostname not resolvable (#561260)\n[1.0.0-0.20.beta5]\n- new upstream release\n[1.0.0-0.19.beta4]\n- fix CVE-2009-4355 - leak in applications incorrectly calling\n CRYPTO_free_all_ex_data() before application exit (#546707)\n- upstream fix for future TLS protocol version handling\n[1.0.0-0.18.beta4]\n- add support for Intel AES-NI\n[1.0.0-0.17.beta4]\n- upstream fix compression handling on session resumption\n- various null checks and other small fixes from upstream\n- upstream changes for the renegotiation info according to the latest draft\n[1.0.0-0.16.beta4]\n- fix non-fips mingw build (patch by Kalev Lember)\n- add IPV6 fix for DTLS\n[1.0.0-0.15.beta4]\n- add better error reporting for the unsafe renegotiation\n[1.0.0-0.14.beta4]\n- fix build on s390x\n[1.0.0-0.13.beta4]\n- disable enforcement of the renegotiation extension on the client (#537962)\n- add fixes from the current upstream snapshot\n[1.0.0-0.12.beta4]\n- keep the beta status in version number at 3 so we do not have to rebuild\n openssh and possibly other dependencies with too strict version check\n[1.0.0-0.11.beta4]\n- update to new upstream version, no soname bump needed\n- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used\n so the compatibility with unfixed clients is not broken. The\n protocol extension is also not final.\n[1.0.0-0.10.beta3]\n- fix use of freed memory if SSL_CTX_free() is called before\n SSL_free() (#521342)\n[1.0.0-0.9.beta3]\n- fix typo in DTLS1 code (#527015)\n- fix leak in error handling of d2i_SSL_SESSION()\n[1.0.0-0.8.beta3]\n- fix RSA and DSA FIPS selftests\n- reenable fixed x86_64 camellia assembler code (#521127)\n[1.0.0-0.7.beta3]\n- temporarily disable x86_64 camellia assembler code (#521127)\n[1.0.0-0.6.beta3]\n- fix openssl dgst -dss1 (#520152)\n[1.0.0-0.5.beta3]\n- drop the compat symlink hacks\n[1.0.0-0.4.beta3]\n- constify SSL_CIPHER_description()\n[1.0.0-0.3.beta3]\n- fix WWW:Curl:Easy reference in tsget\n[1.0.0-0.2.beta3]\n- enable MD-2\n[1.0.0-0.1.beta3]\n- update to new major upstream release\n[0.9.8k-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Wed Jul 22 2009 Bill Nottingham \n- do not build special 'optimized' versions for i686, as that's the base\n arch in Fedora now\n[0.9.8k-6]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n- make CA dir absolute path (#445344)\n- change default length for RSA key generation to 2048 (#484101)\n[0.9.8k-5]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8k-4]\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n[0.9.8k-3]\n- correct the SHLIB_VERSION define\n[0.9.8k-2]\n- add support for multiple CRLs with same subject\n- load only dynamic engine support in FIPS mode\n[0.9.8k-1]\n- update to new upstream release (minor bug fixes, security\n fixes and machine code optimizations only)\n[0.9.8j-10]\n- move libraries to /usr/lib (#239375)\n[0.9.8j-9]\n- add a static subpackage\n[0.9.8j-8]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n[0.9.8j-7]\n- must also verify checksum of libssl.so in the FIPS mode\n- obtain the seed for FIPS rng directly from the kernel device\n- drop the temporary symlinks\n[0.9.8j-6]\n- drop the temporary triggerpostun and symlinking in post\n- fix the pkgconfig files and drop the unnecessary buildrequires\n on pkgconfig as it is a rpmbuild dependency (#481419)\n[0.9.8j-5]\n- add temporary triggerpostun to reinstate the symlinks\n[0.9.8j-4]\n- no pairwise key tests in non-fips mode (#479817)\n[0.9.8j-3]\n- even more robust test for the temporary symlinks\n[0.9.8j-2]\n- try to ensure the temporary symlinks exist\n[0.9.8j-1]\n- new upstream version with necessary soname bump (#455753)\n- temporarily provide symlink to old soname to make it possible to rebuild\n the dependent packages in rawhide\n- add eap-fast support (#428181)\n- add possibility to disable zlib by setting\n- add fips mode support for testing purposes\n- do not null dereference on some invalid smime files\n- add buildrequires pkgconfig (#479493)\n[0.9.8g-11]\n- do not add tls extensions to server hello for SSLv3 either\n[0.9.8g-10]\n- move root CA bundle to ca-certificates package\n[0.9.8g-9]\n- fix CVE-2008-0891 - server name extension crash (#448492)\n- fix CVE-2008-1672 - server key exchange message omit crash (#448495)\n[0.9.8g-8]\n- super-H arch support\n- drop workaround for bug 199604 as it should be fixed in gcc-4.3\n[0.9.8g-7]\n- sparc handling\n[0.9.8g-6]\n- update to new root CA bundle from mozilla.org (r1.45)\n[0.9.8g-5]\n- Autorebuild for GCC 4.3\n[0.9.8g-4]\n- merge review fixes (#226220)\n- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846)\n[0.9.8g-3]\n- set default paths when no explicit paths are set (#418771)\n- do not add tls extensions to client hello for SSLv3 (#422081)\n[0.9.8g-2]\n- enable some new crypto algorithms and features\n- add some more important bug fixes from openssl CVS\n[0.9.8g-1]\n- update to latest upstream release, SONAME bumped to 7\n[0.9.8b-17]\n- update to new CA bundle from mozilla.org\n[0.9.8b-16]\n- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)\n- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)\n- add alpha sub-archs (#296031)\n[0.9.8b-15]\n- rebuild\n[0.9.8b-14]\n- use localhost in testsuite, hopefully fixes slow build in koji\n- CVE-2007-3108 - fix side channel attack on private keys (#250577)\n- make ssl session cache id matching strict (#233599)\n[0.9.8b-13]\n- allow building on ARM architectures (#245417)\n- use reference timestamps to prevent multilib conflicts (#218064)\n- -devel package must require pkgconfig (#241031)\n[0.9.8b-12]\n- detect duplicates in add_dir properly (#206346)\n[0.9.8b-11]\n- the previous change still didn't make X509_NAME_cmp transitive\n[0.9.8b-10]\n- make X509_NAME_cmp transitive otherwise certificate lookup\n is broken (#216050)\n[0.9.8b-9]\n- aliasing bug in engine loading, patch by IBM (#213216)\n[0.9.8b-8]\n- CVE-2006-2940 fix was incorrect (#208744)\n[0.9.8b-7]\n- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n- fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n- fix CVE-2006-4343 - sslv2 client DoS (#206940)\n[0.9.8b-6]\n- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n[0.9.8b-5]\n- set buffering to none on stdio/stdout FILE when bufsize is set (#200580)\n patch by IBM\n[0.9.8b-4.1]\n- rebuild with new binutils (#200330)\n[0.9.8b-4]\n- add a temporary workaround for sha512 test failure on s390 (#199604)\n* Thu Jul 20 2006 Tomas Mraz \n- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737)\n- add patches for BN threadsafety, AES cache collision attack hazard fix and\n pkcs7 code memleak fix from upstream CVS\n[0.9.8b-3.1]\n- rebuild\n[0.9.8b-3]\n- dropped libica and ica engine from build\n* Wed Jun 21 2006 Joe Orton \n- update to new CA bundle from mozilla.org; adds CA certificates\n from netlock.hu and startcom.org\n[0.9.8b-2]\n- fixed a few rpmlint warnings\n- better fix for #173399 from upstream\n- upstream fix for pkcs12\n[0.9.8b-1]\n- upgrade to new version, stays ABI compatible\n- there is no more linux/config.h (it was empty anyway)\n[0.9.8a-6]\n- fix stale open handles in libica (#177155)\n- fix build if 'rand' or 'passwd' in buildroot path (#178782)\n- initialize VIA Padlock engine (#186857)\n[0.9.8a-5.2]\n- bump again for double-long bug on ppc(64)\n[0.9.8a-5.1]\n- rebuilt for new gcc4.1 snapshot and glibc changes\n[0.9.8a-5]\n- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n in SSL_OP_ALL (#175779)\n* Fri Dec 09 2005 Jesse Keating \n- rebuilt\n[0.9.8a-4]\n- fix build (-lcrypto was erroneusly dropped) of the updated libica\n- updated ICA engine to 1.3.6-rc3\n[0.9.8a-3]\n- disable builtin compression methods for now until they work\n properly (#173399)\n[0.9.8a-2]\n- don't set -rpath for openssl binary\n[0.9.8a-1]\n- new upstream version\n- patches partially renumbered\n[0.9.7f-11]\n- updated IBM ICA engine library and patch to latest upstream version\n[0.9.7f-10]\n- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which\n disables the countermeasure against man in the middle attack in SSLv2\n (#169863)\n- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)\n[0.9.7f-9]\n- add *.so.soversion as symlinks in /lib (#165264)\n- remove unpackaged symlinks (#159595)\n- fixes from upstream (constant time fixes for DSA,\n bn assembler div on ppc arch, initialize memory on realloc)\n[0.9.7f-8]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7f-7]\n- fix CAN-2005-0109 - use constant time/memory access mod_exp\n so bits of private key aren't leaked by cache eviction (#157631)\n- a few more fixes from upstream 0.9.7g\n[0.9.7f-6]\n- use poll instead of select in rand (#128285)\n- fix Makefile.certificate to point to /etc/pki/tls\n- change the default string mask in ASN1 to PrintableString+UTF8String\n[0.9.7f-5]\n- update to revision 1.37 of Mozilla CA bundle\n[0.9.7f-4]\n- move certificates to _sysconfdir/pki/tls (#143392)\n- move CA directories to _sysconfdir/pki/CA\n- patch the CA script and the default config so it points to the\n CA directories\n[0.9.7f-3]\n- uninitialized variable mustn't be used as input in inline\n assembly\n- reenable the x86_64 assembly again\n[0.9.7f-2]\n- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken\n- disable broken bignum assembly on x86_64\n[0.9.7f-1]\n- reenable optimizations on ppc64 and assembly code on ia64\n- upgrade to new upstream version (no soname bump needed)\n- disable thread test - it was testing the backport of the\n RSA blinding - no longer needed\n- added support for changing serial number to\n Makefile.certificate (#151188)\n- make ca-bundle.crt a config file (#118903)\n[0.9.7e-3]\n- libcrypto shouldn't depend on libkrb5 (#135961)\n[0.9.7e-2]\n- rebuild\n[0.9.7e-1]\n- new upstream source, updated patches\n- added patch so we are hopefully ABI compatible with upcoming\n 0.9.7f\n* Thu Feb 10 2005 Tomas Mraz \n- Support UTF-8 charset in the Makefile.certificate (#134944)\n- Added cmp to BuildPrereq\n[0.9.7a-46]\n- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32)\n[0.9.7a-45]\n- Fixed and updated libica-1.3.4-urandom.patch patch (#122967)\n[0.9.7a-44]\n- rebuild\n[0.9.7a-43]\n- rebuild\n[0.9.7a-42]\n- rebuild\n[0.9.7a-41]\n- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040)\n[0.9.7a-40]\n- Include latest libica version with important bugfixes\n* Tue Jun 15 2004 Elliot Lee \n- rebuilt\n[0.9.7a-38]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7a-37]\n- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik)\n[0.9.7a-36]\n- handle %{_arch}=i486/i586/i686/athlon cases in the intermediate\n header (#124303)\n[0.9.7a-35]\n- add security fixes for CAN-2004-0079, CAN-2004-0112\n* Tue Mar 16 2004 Phil Knirsch \n- Fixed libica filespec.\n[0.9.7a-34]\n- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix\n the intermediate header\n[0.9.7a-33]\n- add an intermediate \n which points to the right\n arch-specific opensslconf.h on multilib arches\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[0.9.7a-32]\n- Updated libica to latest upstream version 1.3.5.\n[0.9.7a-31]\n- Update ICA crypto engine patch from IBM to latest version.\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[0.9.7a-29]\n- rebuilt\n[0.9.7a-28]\n- Fixed libica build.\n* Wed Feb 04 2004 Nalin Dahyabhai \n- add '-ldl' to link flags added for Linux-on-ARM (#99313)\n[0.9.7a-27]\n- updated ca-bundle.crt: removed expired GeoTrust roots, added\n freessl.com root, removed trustcenter.de Class 0 root\n[0.9.7a-26]\n- Fix link line for libssl (bug #111154).\n[0.9.7a-25]\n- add dependency on zlib-devel for the -devel package, which depends on zlib\n symbols because we enable zlib for libssl (#102962)\n[0.9.7a-24]\n- Use /dev/urandom instead of PRNG for libica.\n- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c\n- Use latest ICA engine patch from IBM.\n[0.9.7a-22.1]\n- rebuild\n[0.9.7a-22]\n- rebuild (22 wasn't actually built, fun eh?)\n[0.9.7a-23]\n- re-disable optimizations on ppc64\n* Tue Sep 30 2003 Joe Orton \n- add a_mbstr.c fix for 64-bit platforms from CVS\n[0.9.7a-22]\n- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged\n as not needing executable stacks\n[0.9.7a-21]\n- rebuild\n* Thu Sep 25 2003 Nalin Dahyabhai \n- re-enable optimizations on ppc64\n* Thu Sep 25 2003 Nalin Dahyabhai \n- remove exclusivearch\n[0.9.7a-20]\n- only parse a client cert if one was requested\n- temporarily exclusivearch for %{ix86}\n* Tue Sep 23 2003 Nalin Dahyabhai \n- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544)\n and heap corruption (CAN-2003-0545)\n- update RHNS-CA-CERT files\n- ease back on the number of threads used in the threading test\n[0.9.7a-19]\n- rebuild to fix gzipped file md5sums (#91211)\n[0.9.7a-18]\n- Updated libica to version 1.3.4.\n[0.9.7a-17]\n- rebuild\n[0.9.7a-10.9]\n- free the kssl_ctx structure when we free an SSL structure (#99066)\n[0.9.7a-16]\n- rebuild\n[0.9.7a-15]\n- lower thread test count on s390x\n[0.9.7a-14]\n- rebuild\n[0.9.7a-13]\n- disable assembly on arches where it seems to conflict with threading\n[0.9.7a-12]\n- Updated libica to latest upstream version 1.3.0\n[0.9.7a-9.9]\n- rebuild\n[0.9.7a-11]\n- rebuild\n[0.9.7a-10]\n- ubsec: don't stomp on output data which might also be input data\n[0.9.7a-9]\n- temporarily disable optimizations on ppc64\n* Mon Jun 09 2003 Nalin Dahyabhai \n- backport fix for engine-used-for-everything from 0.9.7b\n- backport fix for prng not being seeded causing problems, also from 0.9.7b\n- add a check at build-time to ensure that RSA is thread-safe\n- keep perlpath from stomping on the libica configure scripts\n* Fri Jun 06 2003 Nalin Dahyabhai \n- thread-safety fix for RSA blinding\n[0.9.7a-8]\n- rebuilt\n[0.9.7a-7]\n- Added libica-1.2 to openssl (featurerequest).\n[0.9.7a-6]\n- fix building with incorrect flags on ppc64\n[0.9.7a-5]\n- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's\n attack (CAN-2003-0131)\n[ 0.9.7a-4]\n- add patch to enable RSA blinding by default, closing a timing attack\n (CAN-2003-0147)\n[0.9.7a-3]\n- disable use of BN assembly module on x86_64, but continue to allow inline\n assembly (#83403)\n[0.9.7a-2]\n- disable EC algorithms\n[0.9.7a-1]\n- update to 0.9.7a\n[0.9.7-8]\n- add fix to guard against attempts to allocate negative amounts of memory\n- add patch for CAN-2003-0078, fixing a timing attack\n[0.9.7-7]\n- Add openssl-ppc64.patch\n[0.9.7-6]\n- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(),\n to get the right behavior when passed uninitialized context structures\n (#83766)\n- build with -mcpu=ev5 on alpha family (#83828)\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[0.9.7-4]\n- Added IBM hw crypto support patch.\n* Wed Jan 15 2003 Nalin Dahyabhai \n- add missing builddep on sed\n[0.9.7-3]\n- debloat\n- fix broken manpage symlinks\n[0.9.7-2]\n- fix double-free in 'openssl ca'\n[0.9.7-1]\n- update to 0.9.7 final\n[0.9.7-0]\n- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n* Wed Dec 11 2002 Nalin Dahyabhai \n- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n[0.9.6b-30]\n- add configuration stanza for x86_64 and use it on x86_64\n- build for linux-ppc on ppc\n- start running the self-tests again\n[0.9.6b-29hammer.3]\n- Merge fixes from previous hammer packages, including general x86-64 and\n multilib\n[0.9.6b-29]\n- rebuild\n[0.9.6b-28]\n- update asn patch to fix accidental reversal of a logic check\n[0.9.6b-27]\n- update asn patch to reduce chance that compiler optimization will remove\n one of the added tests\n[0.9.6b-26]\n- rebuild\n[0.9.6b-25]\n- add patch to fix ASN.1 vulnerabilities\n[0.9.6b-24]\n- add backport of Ben Laurie's patches for OpenSSL 0.9.6d\n[0.9.6b-23]\n- own {_datadir}/ssl/misc\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[0.9.6b-20]\n- free ride through the build system (whee!)\n[0.9.6b-19]\n- rebuild in new environment\n[0.9.6b-17, 0.9.6b-18]\n- merge RHL-specific bits into stronghold package, rename\n[stronghold-0.9.6c-2]\n- add support for Chrysalis Luna token\n* Tue Mar 26 2002 Gary Benson \n- disable AEP random number generation, other AEP fixes\n[0.9.6b-15]\n- only build subpackages on primary arches\n[0.9.6b-13]\n- on ia32, only disable use of assembler on i386\n- enable assembly on ia64\n[0.9.6b-11]\n- fix sparcv9 entry\n[stronghold-0.9.6c-1]\n- upgrade to 0.9.6c\n- bump BuildArch to i686 and enable assembler on all platforms\n- synchronise with shrimpy and rawhide\n- bump soversion to 3\n* Wed Oct 10 2001 Florian La Roche \n- delete BN_LLONG for s390x, patch from Oliver Paukstadt\n[0.9.6b-9]\n- update AEP driver patch\n* Mon Sep 10 2001 Nalin Dahyabhai \n- adjust RNG disabling patch to match version of patch from Broadcom\n[0.9.6b-8]\n- disable the RNG in the ubsec engine driver\n[0.9.6b-7]\n- tweaks to the ubsec engine driver\n[0.9.6b-6]\n- tweaks to the ubsec engine driver\n[0.9.6b-5]\n- update ubsec engine driver from Broadcom\n[0.9.6b-4]\n- move man pages back to %{_mandir}/man?/foo.?ssl from\n %{_mandir}/man?ssl/foo.?\n- add an [ engine ] section to the default configuration file\n* Thu Aug 09 2001 Nalin Dahyabhai \n- add a patch for selecting a default engine in SSL_library_init()\n[0.9.6b-3]\n- add patches for AEP hardware support\n- add patch to keep trying when we fail to load a cert from a file and\n there are more in the file\n- add missing prototype for ENGINE_ubsec() in engine_int.h\n[0.9.6b-2]\n- actually add hw_ubsec to the engine list\n* Tue Jul 17 2001 Nalin Dahyabhai \n- add in the hw_ubsec driver from CVS\n[0.9.6b-1]\n- update to 0.9.6b\n* Thu Jul 05 2001 Nalin Dahyabhai \n- move .so symlinks back to %{_libdir}\n* Tue Jul 03 2001 Nalin Dahyabhai \n- move shared libraries to /lib (#38410)\n* Mon Jun 25 2001 Nalin Dahyabhai \n- switch to engine code base\n* Mon Jun 18 2001 Nalin Dahyabhai \n- add a script for creating dummy certificates\n- move man pages from %{_mandir}/man?/foo.?ssl to %{_mandir}/man?ssl/foo.?\n* Thu Jun 07 2001 Florian La Roche \n- add s390x support\n* Fri Jun 01 2001 Nalin Dahyabhai \n- change two memcpy() calls to memmove()\n- don't define L_ENDIAN on alpha\n[stronghold-0.9.6a-1]\n- Add 'stronghold-' prefix to package names.\n- Obsolete standard openssl packages.\n* Wed May 16 2001 Joe Orton \n- Add BuildArch: i586 as per Nalin's advice.\n* Tue May 15 2001 Joe Orton \n- Enable assembler on ix86 (using new .tar.bz2 which does\n include the asm directories).\n* Tue May 15 2001 Nalin Dahyabhai \n- make subpackages depend on the main package\n* Tue May 01 2001 Nalin Dahyabhai \n- adjust the hobble script to not disturb symlinks in include/ (fix from\n Joe Orton)\n* Fri Apr 27 2001 Nalin Dahyabhai \n- drop the m2crypo patch we weren't using\n* Tue Apr 24 2001 Nalin Dahyabhai \n- configure using 'shared' as well\n* Sun Apr 08 2001 Nalin Dahyabhai \n- update to 0.9.6a\n- use the build-shared target to build shared libraries\n- bump the soversion to 2 because we're no longer compatible with\n our 0.9.5a packages or our 0.9.6 packages\n- drop the patch for making rsatest a no-op when rsa null support is used\n- put all man pages into \nssl instead of \n- break the m2crypto modules into a separate package\n* Tue Mar 13 2001 Nalin Dahyabhai \n- use BN_LLONG on s390\n* Mon Mar 12 2001 Nalin Dahyabhai \n- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)\n* Sat Mar 03 2001 Nalin Dahyabhai \n- move c_rehash to the perl subpackage, because it's a perl script now\n* Fri Mar 02 2001 Nalin Dahyabhai \n- update to 0.9.6\n- enable MD2\n- use the libcrypto.so and libssl.so targets to build shared libs with\n- bump the soversion to 1 because we're no longer compatible with any of\n the various 0.9.5a packages circulating around, which provide lib*.so.0\n* Wed Feb 28 2001 Florian La Roche \n- change hobble-openssl for disabling MD2 again\n* Tue Feb 27 2001 Nalin Dahyabhai \n- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152\n bytes or so, causing EVP_DigestInit() to zero out stack variables in\n apps built against a version of the library without it\n* Mon Feb 26 2001 Nalin Dahyabhai \n- disable some inline assembly, which on x86 is Pentium-specific\n- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)\n* Thu Feb 08 2001 Florian La Roche \n- fix s390 patch\n* Fri Dec 08 2000 Than Ngo \n- added support s390\n* Mon Nov 20 2000 Nalin Dahyabhai \n- remove -Wa,* and -m* compiler flags from the default Configure file (#20656)\n- add the CA.pl man page to the perl subpackage\n* Thu Nov 02 2000 Nalin Dahyabhai \n- always build with -mcpu=ev5 on alpha\n* Tue Oct 31 2000 Nalin Dahyabhai \n- add a symlink from cert.pem to ca-bundle.crt\n* Wed Oct 25 2000 Nalin Dahyabhai \n- add a ca-bundle file for packages like Samba to reference for CA certificates\n* Tue Oct 24 2000 Nalin Dahyabhai \n- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)\n* Mon Oct 02 2000 Nalin Dahyabhai \n- add unzip as a buildprereq (#17662)\n- update m2crypto to 0.05-snap4\n* Tue Sep 26 2000 Bill Nottingham \n- fix some issues in building when it's not installed\n* Wed Sep 06 2000 Nalin Dahyabhai \n- make sure the headers we include are the ones we built with (aaaaarrgh!)\n* Fri Sep 01 2000 Nalin Dahyabhai \n- add Richard Henderson's patch for BN on ia64\n- clean up the changelog\n* Tue Aug 29 2000 Nalin Dahyabhai \n- fix the building of python modules without openssl-devel already installed\n* Wed Aug 23 2000 Nalin Dahyabhai \n- byte-compile python extensions without the build-root\n- adjust the makefile to not remove temporary files (like .key files when\n building .csr files) by marking them as .PRECIOUS\n* Sat Aug 19 2000 Nalin Dahyabhai \n- break out python extensions into a subpackage\n* Mon Jul 17 2000 Nalin Dahyabhai \n- tweak the makefile some more\n* Tue Jul 11 2000 Nalin Dahyabhai \n- disable MD2 support\n* Thu Jul 06 2000 Nalin Dahyabhai \n- disable MDC2 support\n* Sun Jul 02 2000 Nalin Dahyabhai \n- tweak the disabling of RC5, IDEA support\n- tweak the makefile\n* Thu Jun 29 2000 Nalin Dahyabhai \n- strip binaries and libraries\n- rework certificate makefile to have the right parts for Apache\n* Wed Jun 28 2000 Nalin Dahyabhai \n- use %{_perl} instead of /usr/bin/perl\n- disable alpha until it passes its own test suite\n* Fri Jun 09 2000 Nalin Dahyabhai \n- move the passwd.1 man page out of the passwd package's way\n* Fri Jun 02 2000 Nalin Dahyabhai \n- update to 0.9.5a, modified for U.S.\n- add perl as a build-time requirement\n- move certificate makefile to another package\n- disable RC5, IDEA, RSA support\n- remove optimizations for now\n* Wed Mar 01 2000 Florian La Roche \n- Bero told me to move the Makefile into this package\n* Wed Mar 01 2000 Florian La Roche \n- add lib*.so symlinks to link dynamically against shared libs\n* Tue Feb 29 2000 Florian La Roche \n- update to 0.9.5\n- run ldconfig directly in post/postun\n- add FAQ\n* Sat Dec 18 1999 Bernhard Rosenkrdnzer \n- Fix build on non-x86 platforms\n* Fri Nov 12 1999 Bernhard Rosenkrdnzer \n- move /usr/share/ssl/* from -devel to main package\n* Tue Oct 26 1999 Bernhard Rosenkrdnzer \n- inital packaging\n- changes from base:\n - Move /usr/local/ssl to /usr/share/ssl for FHS compliance\n - handle RPM_OPT_FLAGS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-03-13T00:00:00", "type": "oraclelinux", "title": "openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0078", "CVE-2003-0131", "CVE-2003-0147", "CVE-2003-0543", "CVE-2003-0544", "CVE-2003-0545", "CVE-2004-0079", "CVE-2004-0112", "CVE-2004-0975", "CVE-2005-0109", "CVE-2005-2946", "CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-4180", "CVE-2010-5298", "CVE-2011-0014", "CVE-2011-3207", "CVE-2012-0050", "CVE-2012-2110", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2014-3505", "CVE-2014-3506", "CVE-2014-3507", "CVE-2014-3508", "CVE-2014-3509", "CVE-2014-3510", "CVE-2014-3511", "CVE-2014-3513", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-8176", "CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2015-3197", "CVE-2015-3216", "CVE-2015-4000", "CVE-2015-7575", "CVE-2016-0702", "CVE-2016-0705", "CVE-2016-0797", "CVE-2016-0799", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2109", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6304", "CVE-2016-6306", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3737", "CVE-2017-3738", "CVE-2018-0495", "CVE-2018-0732", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-5407"], "modified": "2019-03-13T00:00:00", "id": "ELSA-2019-4581", "href": "http://linux.oracle.com/errata/ELSA-2019-4581.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-30T06:24:45", "description": "[1.0.1e-58.0.1]\n- Oracle bug 28730228: backport CVE-2018-0732\n- Oracle bug 28758493: backport CVE-2018-0737\n- Merge upstream patch to fix CVE-2018-0739\n- Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz\n- sha256 is used for the RSA pairwise consistency test instead of sha1\n[1.0.1e-58]\n- fix CVE-2019-1559 - 0-byte record padding oracle\n[1.0.1e-57]\n- fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher\n[1.0.1e-55]\n- fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts\n[1.0.1e-54]\n- fix handling of ciphersuites present after the FALLBACK_SCSV\n ciphersuite entry (#1386350)\n[1.0.1e-53]\n- add README.legacy-settings\n[1.0.1e-52]\n- deprecate and disable verification of insecure hash algorithms\n- disallow DH keys with less than 1024 bits in TLS client\n- remove support for weak and export ciphersuites\n- use correct digest when exporting keying material in TLS1.2 (#1376741)\n[1.0.1e-50]\n- fix CVE-2016-2177 - possible integer overflow\n- fix CVE-2016-2178 - non-constant time DSA operations\n- fix CVE-2016-2179 - further DoS issues in DTLS\n- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()\n- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue\n- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()\n- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check\n- fix CVE-2016-6304 - unbound memory growth with OCSP status request\n- fix CVE-2016-6306 - certificate message OOB reads\n- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to\n 112 bit effective strength\n- replace expired testing certificates\n[1.0.1e-49]\n- fix CVE-2016-2105 - possible overflow in base64 encoding\n- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()\n- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC\n- fix CVE-2016-2108 - memory corruption in ASN.1 encoder\n- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO\n- fix CVE-2016-0799 - memory issues in BIO_printf\n[1.0.1e-48]\n- fix CVE-2016-0702 - side channel attack on modular exponentiation\n- fix CVE-2016-0705 - double-free in DSA private key parsing\n- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn\n[1.0.1e-47]\n- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement\n- disable SSLv2 in the generic TLS method\n[1.0.1e-46]\n- fix 1-byte memory leak in pkcs12 parse (#1229871)\n- document some options of the speed command (#1197095)\n[1.0.1e-45]\n- fix high-precision timestamps in timestamping authority\n[1.0.1e-44]\n- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2\n[1.0.1e-43]\n- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter\n- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak\n- fix CVE-2015-3196 - race condition when handling PSK identity hint\n[1.0.1e-42]\n- fix regression caused by mistake in fix for CVE-2015-1791\n[1.0.1e-41]\n- improved fix for CVE-2015-1791\n- add missing parts of CVE-2015-0209 fix for corectness although unexploitable\n[1.0.1e-40]\n- fix CVE-2014-8176 - invalid free in DTLS buffering code\n- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time\n- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent\n- fix CVE-2015-1791 - race condition handling NewSessionTicket\n- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function\n[1.0.1e-39]\n- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on\n read in multithreaded applications\n[1.0.1e-38]\n- fix CVE-2015-4000 - prevent the logjam attack on client - restrict\n the DH key size to at least 768 bits (limit will be increased in future)\n[1.0.1e-37]\n- drop the AES-GCM restriction of 2^32 operations because the IV is\n always 96 bits (32 bit fixed field + 64 bit invocation field)\n[1.0.1e-36]\n- update fix for CVE-2015-0287 to what was released upstream\n[1.0.1e-35]\n- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()\n- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison\n- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption\n- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference\n- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data\n- fix CVE-2015-0292 - integer underflow in base64 decoder\n- fix CVE-2015-0293 - triggerable assert in SSLv2 server\n[1.0.1e-34]\n- copy digest algorithm when handling SNI context switch\n- improve documentation of ciphersuites - patch by Hubert Kario\n- add support for setting Kerberos service and keytab in\n s_server and s_client\n[1.0.1e-33]\n- fix CVE-2014-3570 - incorrect computation in BN_sqr()\n- fix CVE-2014-3571 - possible crash in dtls1_get_record()\n- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state\n- fix CVE-2014-8275 - various certificate fingerprint issues\n- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export\n ciphersuites and on server\n- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate\n- fix CVE-2015-0206 - possible memory leak when buffering DTLS records\n[1.0.1e-32]\n- use FIPS approved method for computation of d in RSA\n[1.0.1e-31]\n- fix CVE-2014-3567 - memory leak when handling session tickets\n- fix CVE-2014-3513 - memory leak in srtp support\n- add support for fallback SCSV to partially mitigate CVE-2014-3566\n (padding attack on SSL3)\n[1.0.1e-30]\n- add ECC TLS extensions to DTLS (#1119800)\n[1.0.1e-29]\n- fix CVE-2014-3505 - doublefree in DTLS packet processing\n- fix CVE-2014-3506 - avoid memory exhaustion in DTLS\n- fix CVE-2014-3507 - avoid memory leak in DTLS\n- fix CVE-2014-3508 - fix OID handling to avoid information leak\n- fix CVE-2014-3509 - fix race condition when parsing server hello\n- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS\n- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation\n[1.0.1e-28]\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n[1.0.1e-26]\n- drop EXPORT, RC2, and DES from the default cipher list (#1057520)\n- print ephemeral key size negotiated in TLS handshake (#1057715)\n- do not include ECC ciphersuites in SSLv2 client hello (#1090952)\n- properly detect encryption failure in BIO (#1100819)\n- fail on hmac integrity check if the .hmac file is empty (#1105567)\n- FIPS mode: make the limitations on DSA, DH, and RSA keygen\n length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment\n variable is set\n[1.0.1e-25]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-24]\n- add back support for secp521r1 EC curve\n[1.0.1e-23]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-22]\n- use 2048 bit RSA key in FIPS selftests\n[1.0.1e-21]\n- add DH_compute_key_padded needed for FIPS CAVS testing\n- make 3des strength to be 128 bits instead of 168 (#1056616)\n- FIPS mode: do not generate DSA keys and DH parameters < 2048 bits\n- FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys)\n- FIPS mode: add DH selftest\n- FIPS mode: reseed DRBG properly on RAND_add()\n- FIPS mode: add RSA encrypt/decrypt selftest\n- FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key\n- use the key length from configuration file if req -newkey rsa is invoked\n[1.0.1e-20]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-19]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-18]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-17]\n- add back some no-op symbols that were inadvertently dropped\n[1.0.1e-16]\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1e-15]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n[1.0.1e-14]\n- installation of dracut-fips marks that the FIPS module is installed\n[1.0.1e-13]\n- avoid dlopening libssl.so from libcrypto\n[1.0.1e-12]\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-11]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n[1.0.1e-9]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-8]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-7]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-6]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-5]\n- use _prefix macro\n[1.0.1e-4]\n- add relro linking flag\n[1.0.1e-2]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-1]\n- rebase to the 1.0.1e upstream version\n[1.0.0-28]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)\n[1.0.0-27]\n- fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645)\n- drop superfluous lib64 fixup in pkgconfig .pc files (#770872)\n- force BIO_accept_new(*:\n) to listen on IPv4\n[1.0.0-26]\n- use PKCS#8 when writing private keys in FIPS mode as the old\n PEM encryption mode is not FIPS compatible (#812348)\n[1.0.0-25]\n- fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n- properly initialize tkeylen in the CVE-2012-0884 fix\n[1.0.0-24]\n- fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)\n[1.0.0-23]\n- fix problem with the SGC restart patch that might terminate handshake\n incorrectly\n- fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n- fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n[1.0.0-22]\n- fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes\n[1.0.0-21]\n- fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery\n vulnerability and additional DTLS fixes (#771770)\n- fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n- fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778)\n- fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n[1.0.0-20]\n- fix x86cpuid.pl - patch by Paolo Bonzini\n[1.0.0-19]\n- add known answer test for SHA2 algorithms\n[1.0.0-18]\n- fix missing initialization of a variable in the CHIL engine (#740188)\n[1.0.0-17]\n- initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207\n (#736087)\n[1.0.0-16]\n- merge the optimizations for AES-NI, SHA1, and RC4 from the intelx\n engine to the internal implementations\n[1.0.0-15]\n- better documentation of the available digests in apps (#693858)\n- backported CHIL engine fixes (#693863)\n- allow testing build without downstream patches (#708511)\n- enable partial RELRO when linking (#723994)\n- add intelx engine with improved performance on new Intel CPUs\n- add OPENSSL_DISABLE_AES_NI environment variable which disables\n the AES-NI support (does not affect the intelx engine)\n[1.0.0-14]\n- use the AES-NI engine in the FIPS mode\n[1.0.0-11]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document\n[1.0.0-8]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0-7]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers (#619762)\n[1.0.0-6]\n- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864\n (#649304)\n[1.0.0-5]\n- fix race in extension parsing code - CVE-2010-3864 (#649304)\n[1.0.0-4]\n- openssl man page fix (#609484)\n[1.0.0-3]\n- fix wrong ASN.1 definition of OriginatorInfo - CVE-2010-0742 (#598738)\n- fix information leak in rsa_verify_recover - CVE-2010-1633 (#598732)\n[1.0.0-2]\n- make CA dir readable - the private keys are in private subdir (#584810)\n- a few fixes from upstream CVS\n- make X509_NAME_hash_old work in FIPS mode (#568395)\n[1.0.0-1]\n- update to final 1.0.0 upstream release\n[1.0.0-0.22.beta5]\n- make TLS work in the FIPS mode\n[1.0.0-0.21.beta5]\n- gracefully handle zero length in assembler implementations of\n OPENSSL_cleanse (#564029)\n- do not fail in s_server if client hostname not resolvable (#561260)\n[1.0.0-0.20.beta5]\n- new upstream release\n[1.0.0-0.19.beta4]\n- fix CVE-2009-4355 - leak in applications incorrectly calling\n CRYPTO_free_all_ex_data() before application exit (#546707)\n- upstream fix for future TLS protocol version handling\n[1.0.0-0.18.beta4]\n- add support for Intel AES-NI\n[1.0.0-0.17.beta4]\n- upstream fix compression handling on session resumption\n- various null checks and other small fixes from upstream\n- upstream changes for the renegotiation info according to the latest draft\n[1.0.0-0.16.beta4]\n- fix non-fips mingw build (patch by Kalev Lember)\n- add IPV6 fix for DTLS\n[1.0.0-0.15.beta4]\n- add better error reporting for the unsafe renegotiation\n[1.0.0-0.14.beta4]\n- fix build on s390x\n[1.0.0-0.13.beta4]\n- disable enforcement of the renegotiation extension on the client (#537962)\n- add fixes from the current upstream snapshot\n[1.0.0-0.12.beta4]\n- keep the beta status in version number at 3 so we do not have to rebuild\n openssh and possibly other dependencies with too strict version check\n[1.0.0-0.11.beta4]\n- update to new upstream version, no soname bump needed\n- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used\n so the compatibility with unfixed clients is not broken. The\n protocol extension is also not final.\n[1.0.0-0.10.beta3]\n- fix use of freed memory if SSL_CTX_free() is called before\n SSL_free() (#521342)\n[1.0.0-0.9.beta3]\n- fix typo in DTLS1 code (#527015)\n- fix leak in error handling of d2i_SSL_SESSION()\n[1.0.0-0.8.beta3]\n- fix RSA and DSA FIPS selftests\n- reenable fixed x86_64 camellia assembler code (#521127)\n[1.0.0-0.7.beta3]\n- temporarily disable x86_64 camellia assembler code (#521127)\n[1.0.0-0.6.beta3]\n- fix openssl dgst -dss1 (#520152)\n[1.0.0-0.5.beta3]\n- drop the compat symlink hacks\n[1.0.0-0.4.beta3]\n- constify SSL_CIPHER_description()\n[1.0.0-0.3.beta3]\n- fix WWW:Curl:Easy reference in tsget\n[1.0.0-0.2.beta3]\n- enable MD-2\n[1.0.0-0.1.beta3]\n- update to new major upstream release\n[0.9.8k-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Wed Jul 22 2009 Bill Nottingham \n- do not build special 'optimized' versions for i686, as that's the base\n arch in Fedora now\n[0.9.8k-6]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n- make CA dir absolute path (#445344)\n- change default length for RSA key generation to 2048 (#484101)\n[0.9.8k-5]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8k-4]\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n[0.9.8k-3]\n- correct the SHLIB_VERSION define\n[0.9.8k-2]\n- add support for multiple CRLs with same subject\n- load only dynamic engine support in FIPS mode\n[0.9.8k-1]\n- update to new upstream release (minor bug fixes, security\n fixes and machine code optimizations only)\n[0.9.8j-10]\n- move libraries to /usr/lib (#239375)\n[0.9.8j-9]\n- add a static subpackage\n[0.9.8j-8]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n[0.9.8j-7]\n- must also verify checksum of libssl.so in the FIPS mode\n- obtain the seed for FIPS rng directly from the kernel device\n- drop the temporary symlinks\n[0.9.8j-6]\n- drop the temporary triggerpostun and symlinking in post\n- fix the pkgconfig files and drop the unnecessary buildrequires\n on pkgconfig as it is a rpmbuild dependency (#481419)\n[0.9.8j-5]\n- add temporary triggerpostun to reinstate the symlinks\n[0.9.8j-4]\n- no pairwise key tests in non-fips mode (#479817)\n[0.9.8j-3]\n- even more robust test for the temporary symlinks\n[0.9.8j-2]\n- try to ensure the temporary symlinks exist\n[0.9.8j-1]\n- new upstream version with necessary soname bump (#455753)\n- temporarily provide symlink to old soname to make it possible to rebuild\n the dependent packages in rawhide\n- add eap-fast support (#428181)\n- add possibility to disable zlib by setting\n- add fips mode support for testing purposes\n- do not null dereference on some invalid smime files\n- add buildrequires pkgconfig (#479493)\n[0.9.8g-11]\n- do not add tls extensions to server hello for SSLv3 either\n[0.9.8g-10]\n- move root CA bundle to ca-certificates package\n[0.9.8g-9]\n- fix CVE-2008-0891 - server name extension crash (#448492)\n- fix CVE-2008-1672 - server key exchange message omit crash (#448495)\n[0.9.8g-8]\n- super-H arch support\n- drop workaround for bug 199604 as it should be fixed in gcc-4.3\n[0.9.8g-7]\n- sparc handling\n[0.9.8g-6]\n- update to new root CA bundle from mozilla.org (r1.45)\n[0.9.8g-5]\n- Autorebuild for GCC 4.3\n[0.9.8g-4]\n- merge review fixes (#226220)\n- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846)\n[0.9.8g-3]\n- set default paths when no explicit paths are set (#418771)\n- do not add tls extensions to client hello for SSLv3 (#422081)\n[0.9.8g-2]\n- enable some new crypto algorithms and features\n- add some more important bug fixes from openssl CVS\n[0.9.8g-1]\n- update to latest upstream release, SONAME bumped to 7\n[0.9.8b-17]\n- update to new CA bundle from mozilla.org\n[0.9.8b-16]\n- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)\n- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)\n- add alpha sub-archs (#296031)\n[0.9.8b-15]\n- rebuild\n[0.9.8b-14]\n- use localhost in testsuite, hopefully fixes slow build in koji\n- CVE-2007-3108 - fix side channel attack on private keys (#250577)\n- make ssl session cache id matching strict (#233599)\n[0.9.8b-13]\n- allow building on ARM architectures (#245417)\n- use reference timestamps to prevent multilib conflicts (#218064)\n- -devel package must require pkgconfig (#241031)\n[0.9.8b-12]\n- detect duplicates in add_dir properly (#206346)\n[0.9.8b-11]\n- the previous change still didn't make X509_NAME_cmp transitive\n[0.9.8b-10]\n- make X509_NAME_cmp transitive otherwise certificate lookup\n is broken (#216050)\n[0.9.8b-9]\n- aliasing bug in engine loading, patch by IBM (#213216)\n[0.9.8b-8]\n- CVE-2006-2940 fix was incorrect (#208744)\n[0.9.8b-7]\n- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n- fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n- fix CVE-2006-4343 - sslv2 client DoS (#206940)\n[0.9.8b-6]\n- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n[0.9.8b-5]\n- set buffering to none on stdio/stdout FILE when bufsize is set (#200580)\n patch by IBM\n[0.9.8b-4.1]\n- rebuild with new binutils (#200330)\n[0.9.8b-4]\n- add a temporary workaround for sha512 test failure on s390 (#199604)\n* Thu Jul 20 2006 Tomas Mraz \n- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737)\n- add patches for BN threadsafety, AES cache collision attack hazard fix and\n pkcs7 code memleak fix from upstream CVS\n[0.9.8b-3.1]\n- rebuild\n[0.9.8b-3]\n- dropped libica and ica engine from build\n* Wed Jun 21 2006 Joe Orton \n- update to new CA bundle from mozilla.org; adds CA certificates\n from netlock.hu and startcom.org\n[0.9.8b-2]\n- fixed a few rpmlint warnings\n- better fix for #173399 from upstream\n- upstream fix for pkcs12\n[0.9.8b-1]\n- upgrade to new version, stays ABI compatible\n- there is no more linux/config.h (it was empty anyway)\n[0.9.8a-6]\n- fix stale open handles in libica (#177155)\n- fix build if 'rand' or 'passwd' in buildroot path (#178782)\n- initialize VIA Padlock engine (#186857)\n[0.9.8a-5.2]\n- bump again for double-long bug on ppc(64)\n[0.9.8a-5.1]\n- rebuilt for new gcc4.1 snapshot and glibc changes\n[0.9.8a-5]\n- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n in SSL_OP_ALL (#175779)\n* Fri Dec 09 2005 Jesse Keating \n- rebuilt\n[0.9.8a-4]\n- fix build (-lcrypto was erroneusly dropped) of the updated libica\n- updated ICA engine to 1.3.6-rc3\n[0.9.8a-3]\n- disable builtin compression methods for now until they work\n properly (#173399)\n[0.9.8a-2]\n- don't set -rpath for openssl binary\n[0.9.8a-1]\n- new upstream version\n- patches partially renumbered\n[0.9.7f-11]\n- updated IBM ICA engine library and patch to latest upstream version\n[0.9.7f-10]\n- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which\n disables the countermeasure against man in the middle attack in SSLv2\n (#169863)\n- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)\n[0.9.7f-9]\n- add *.so.soversion as symlinks in /lib (#165264)\n- remove unpackaged symlinks (#159595)\n- fixes from upstream (constant time fixes for DSA,\n bn assembler div on ppc arch, initialize memory on realloc)\n[0.9.7f-8]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7f-7]\n- fix CAN-2005-0109 - use constant time/memory access mod_exp\n so bits of private key aren't leaked by cache eviction (#157631)\n- a few more fixes from upstream 0.9.7g\n[0.9.7f-6]\n- use poll instead of select in rand (#128285)\n- fix Makefile.certificate to point to /etc/pki/tls\n- change the default string mask in ASN1 to PrintableString+UTF8String\n[0.9.7f-5]\n- update to revision 1.37 of Mozilla CA bundle\n[0.9.7f-4]\n- move certificates to _sysconfdir/pki/tls (#143392)\n- move CA directories to _sysconfdir/pki/CA\n- patch the CA script and the default config so it points to the\n CA directories\n[0.9.7f-3]\n- uninitialized variable mustn't be used as input in inline\n assembly\n- reenable the x86_64 assembly again\n[0.9.7f-2]\n- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken\n- disable broken bignum assembly on x86_64\n[0.9.7f-1]\n- reenable optimizations on ppc64 and assembly code on ia64\n- upgrade to new upstream version (no soname bump needed)\n- disable thread test - it was testing the backport of the\n RSA blinding - no longer needed\n- added support for changing serial number to\n Makefile.certificate (#151188)\n- make ca-bundle.crt a config file (#118903)\n[0.9.7e-3]\n- libcrypto shouldn't depend on libkrb5 (#135961)\n[0.9.7e-2]\n- rebuild\n[0.9.7e-1]\n- new upstream source, updated patches\n- added patch so we are hopefully ABI compatible with upcoming\n 0.9.7f\n* Thu Feb 10 2005 Tomas Mraz \n- Support UTF-8 charset in the Makefile.certificate (#134944)\n- Added cmp to BuildPrereq\n[0.9.7a-46]\n- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32)\n[0.9.7a-45]\n- Fixed and updated libica-1.3.4-urandom.patch patch (#122967)\n[0.9.7a-44]\n- rebuild\n[0.9.7a-43]\n- rebuild\n[0.9.7a-42]\n- rebuild\n[0.9.7a-41]\n- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040)\n[0.9.7a-40]\n- Include latest libica version with important bugfixes\n* Tue Jun 15 2004 Elliot Lee \n- rebuilt\n[0.9.7a-38]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7a-37]\n- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik)\n[0.9.7a-36]\n- handle %{_arch}=i486/i586/i686/athlon cases in the intermediate\n header (#124303)\n[0.9.7a-35]\n- add security fixes for CAN-2004-0079, CAN-2004-0112\n* Tue Mar 16 2004 Phil Knirsch \n- Fixed libica filespec.\n[0.9.7a-34]\n- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix\n the intermediate header\n[0.9.7a-33]\n- add an intermediate \n which points to the right\n arch-specific opensslconf.h on multilib arches\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[0.9.7a-32]\n- Updated libica to latest upstream version 1.3.5.\n[0.9.7a-31]\n- Update ICA crypto engine patch from IBM to latest version.\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[0.9.7a-29]\n- rebuilt\n[0.9.7a-28]\n- Fixed libica build.\n* Wed Feb 04 2004 Nalin Dahyabhai \n- add '-ldl' to link flags added for Linux-on-ARM (#99313)\n[0.9.7a-27]\n- updated ca-bundle.crt: removed expired GeoTrust roots, added\n freessl.com root, removed trustcenter.de Class 0 root\n[0.9.7a-26]\n- Fix link line for libssl (bug #111154).\n[0.9.7a-25]\n- add dependency on zlib-devel for the -devel package, which depends on zlib\n symbols because we enable zlib for libssl (#102962)\n[0.9.7a-24]\n- Use /dev/urandom instead of PRNG for libica.\n- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c\n- Use latest ICA engine patch from IBM.\n[0.9.7a-22.1]\n- rebuild\n[0.9.7a-22]\n- rebuild (22 wasn't actually built, fun eh?)\n[0.9.7a-23]\n- re-disable optimizations on ppc64\n* Tue Sep 30 2003 Joe Orton \n- add a_mbstr.c fix for 64-bit platforms from CVS\n[0.9.7a-22]\n- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged\n as not needing executable stacks\n[0.9.7a-21]\n- rebuild\n* Thu Sep 25 2003 Nalin Dahyabhai \n- re-enable optimizations on ppc64\n* Thu Sep 25 2003 Nalin Dahyabhai \n- remove exclusivearch\n[0.9.7a-20]\n- only parse a client cert if one was requested\n- temporarily exclusivearch for %{ix86}\n* Tue Sep 23 2003 Nalin Dahyabhai \n- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544)\n and heap corruption (CAN-2003-0545)\n- update RHNS-CA-CERT files\n- ease back on the number of threads used in the threading test\n[0.9.7a-19]\n- rebuild to fix gzipped file md5sums (#91211)\n[0.9.7a-18]\n- Updated libica to version 1.3.4.\n[0.9.7a-17]\n- rebuild\n[0.9.7a-10.9]\n- free the kssl_ctx structure when we free an SSL structure (#99066)\n[0.9.7a-16]\n- rebuild\n[0.9.7a-15]\n- lower thread test count on s390x\n[0.9.7a-14]\n- rebuild\n[0.9.7a-13]\n- disable assembly on arches where it seems to conflict with threading\n[0.9.7a-12]\n- Updated libica to latest upstream version 1.3.0\n[0.9.7a-9.9]\n- rebuild\n[0.9.7a-11]\n- rebuild\n[0.9.7a-10]\n- ubsec: don't stomp on output data which might also be input data\n[0.9.7a-9]\n- temporarily disable optimizations on ppc64\n* Mon Jun 09 2003 Nalin Dahyabhai \n- backport fix for engine-used-for-everything from 0.9.7b\n- backport fix for prng not being seeded causing problems, also from 0.9.7b\n- add a check at build-time to ensure that RSA is thread-safe\n- keep perlpath from stomping on the libica configure scripts\n* Fri Jun 06 2003 Nalin Dahyabhai \n- thread-safety fix for RSA blinding\n[0.9.7a-8]\n- rebuilt\n[0.9.7a-7]\n- Added libica-1.2 to openssl (featurerequest).\n[0.9.7a-6]\n- fix building with incorrect flags on ppc64\n[0.9.7a-5]\n- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's\n attack (CAN-2003-0131)\n[ 0.9.7a-4]\n- add patch to enable RSA blinding by default, closing a timing attack\n (CAN-2003-0147)\n[0.9.7a-3]\n- disable use of BN assembly module on x86_64, but continue to allow inline\n assembly (#83403)\n[0.9.7a-2]\n- disable EC algorithms\n[0.9.7a-1]\n- update to 0.9.7a\n[0.9.7-8]\n- add fix to guard against attempts to allocate negative amounts of memory\n- add patch for CAN-2003-0078, fixing a timing attack\n[0.9.7-7]\n- Add openssl-ppc64.patch\n[0.9.7-6]\n- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(),\n to get the right behavior when passed uninitialized context structures\n (#83766)\n- build with -mcpu=ev5 on alpha family (#83828)\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[0.9.7-4]\n- Added IBM hw crypto support patch.\n* Wed Jan 15 2003 Nalin Dahyabhai \n- add missing builddep on sed\n[0.9.7-3]\n- debloat\n- fix broken manpage symlinks\n[0.9.7-2]\n- fix double-free in 'openssl ca'\n[0.9.7-1]\n- update to 0.9.7 final\n[0.9.7-0]\n- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n* Wed Dec 11 2002 Nalin Dahyabhai \n- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n[0.9.6b-30]\n- add configuration stanza for x86_64 and use it on x86_64\n- build for linux-ppc on ppc\n- start running the self-tests again\n[0.9.6b-29hammer.3]\n- Merge fixes from previous hammer packages, including general x86-64 and\n multilib\n[0.9.6b-29]\n- rebuild\n[0.9.6b-28]\n- update asn patch to fix accidental reversal of a logic check\n[0.9.6b-27]\n- update asn patch to reduce chance that compiler optimization will remove\n one of the added tests\n[0.9.6b-26]\n- rebuild\n[0.9.6b-25]\n- add patch to fix ASN.1 vulnerabilities\n[0.9.6b-24]\n- add backport of Ben Laurie's patches for OpenSSL 0.9.6d\n[0.9.6b-23]\n- own {_datadir}/ssl/misc\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[0.9.6b-20]\n- free ride through the build system (whee!)\n[0.9.6b-19]\n- rebuild in new environment\n[0.9.6b-17, 0.9.6b-18]\n- merge RHL-specific bits into stronghold package, rename\n[stronghold-0.9.6c-2]\n- add support for Chrysalis Luna token\n* Tue Mar 26 2002 Gary Benson \n- disable AEP random number generation, other AEP fixes\n[0.9.6b-15]\n- only build subpackages on primary arches\n[0.9.6b-13]\n- on ia32, only disable use of assembler on i386\n- enable assembly on ia64\n[0.9.6b-11]\n- fix sparcv9 entry\n[stronghold-0.9.6c-1]\n- upgrade to 0.9.6c\n- bump BuildArch to i686 and enable assembler on all platforms\n- synchronise with shrimpy and rawhide\n- bump soversion to 3\n* Wed Oct 10 2001 Florian La Roche \n- delete BN_LLONG for s390x, patch from Oliver Paukstadt\n[0.9.6b-9]\n- update AEP driver patch\n* Mon Sep 10 2001 Nalin Dahyabhai \n- adjust RNG disabling patch to match version of patch from Broadcom\n[0.9.6b-8]\n- disable the RNG in the ubsec engine driver\n[0.9.6b-7]\n- tweaks to the ubsec engine driver\n[0.9.6b-6]\n- tweaks to the ubsec engine driver\n[0.9.6b-5]\n- update ubsec engine driver from Broadcom\n[0.9.6b-4]\n- move man pages back to %{_mandir}/man?/foo.?ssl from\n %{_mandir}/man?ssl/foo.?\n- add an [ engine ] section to the default configuration file\n* Thu Aug 09 2001 Nalin Dahyabhai \n- add a patch for selecting a default engine in SSL_library_init()\n[0.9.6b-3]\n- add patches for AEP hardware support\n- add patch to keep trying when we fail to load a cert from a file and\n there are more in the file\n- add missing prototype for ENGINE_ubsec() in engine_int.h\n[0.9.6b-2]\n- actually add hw_ubsec to the engine list\n* Tue Jul 17 2001 Nalin Dahyabhai \n- add in the hw_ubsec driver from CVS\n[0.9.6b-1]\n- update to 0.9.6b\n* Thu Jul 05 2001 Nalin Dahyabhai \n- move .so symlinks back to %{_libdir}\n* Tue Jul 03 2001 Nalin Dahyabhai \n- move shared libraries to /lib (#38410)\n* Mon Jun 25 2001 Nalin Dahyabhai \n- switch to engine code base\n* Mon Jun 18 2001 Nalin Dahyabhai \n- add a script for creating dummy certificates\n- move man pages from %{_mandir}/man?/foo.?ssl to %{_mandir}/man?ssl/foo.?\n* Thu Jun 07 2001 Florian La Roche \n- add s390x support\n* Fri Jun 01 2001 Nalin Dahyabhai \n- change two memcpy() calls to memmove()\n- don't define L_ENDIAN on alpha\n[stronghold-0.9.6a-1]\n- Add 'stronghold-' prefix to package names.\n- Obsolete standard openssl packages.\n* Wed May 16 2001 Joe Orton \n- Add BuildArch: i586 as per Nalin's advice.\n* Tue May 15 2001 Joe Orton \n- Enable assembler on ix86 (using new .tar.bz2 which does\n include the asm directories).\n* Tue May 15 2001 Nalin Dahyabhai \n- make subpackages depend on the main package\n* Tue May 01 2001 Nalin Dahyabhai \n- adjust the hobble script to not disturb symlinks in include/ (fix from\n Joe Orton)\n* Fri Apr 27 2001 Nalin Dahyabhai \n- drop the m2crypo patch we weren't using\n* Tue Apr 24 2001 Nalin Dahyabhai \n- configure using 'shared' as well\n* Sun Apr 08 2001 Nalin Dahyabhai \n- update to 0.9.6a\n- use the build-shared target to build shared libraries\n- bump the soversion to 2 because we're no longer compatible with\n our 0.9.5a packages or our 0.9.6 packages\n- drop the patch for making rsatest a no-op when rsa null support is used\n- put all man pages into \nssl instead of \n- break the m2crypto modules into a separate package\n* Tue Mar 13 2001 Nalin Dahyabhai \n- use BN_LLONG on s390\n* Mon Mar 12 2001 Nalin Dahyabhai \n- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)\n* Sat Mar 03 2001 Nalin Dahyabhai \n- move c_rehash to the perl subpackage, because it's a perl script now\n* Fri Mar 02 2001 Nalin Dahyabhai \n- update to 0.9.6\n- enable MD2\n- use the libcrypto.so and libssl.so targets to build shared libs with\n- bump the soversion to 1 because we're no longer compatible with any of\n the various 0.9.5a packages circulating around, which provide lib*.so.0\n* Wed Feb 28 2001 Florian La Roche \n- change hobble-openssl for disabling MD2 again\n* Tue Feb 27 2001 Nalin Dahyabhai \n- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152\n bytes or so, causing EVP_DigestInit() to zero out stack variables in\n apps built against a version of the library without it\n* Mon Feb 26 2001 Nalin Dahyabhai \n- disable some inline assembly, which on x86 is Pentium-specific\n- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)\n* Thu Feb 08 2001 Florian La Roche \n- fix s390 patch\n* Fri Dec 08 2000 Than Ngo \n- added support s390\n* Mon Nov 20 2000 Nalin Dahyabhai \n- remove -Wa,* and -m* compiler flags from the default Configure file (#20656)\n- add the CA.pl man page to the perl subpackage\n* Thu Nov 02 2000 Nalin Dahyabhai \n- always build with -mcpu=ev5 on alpha\n* Tue Oct 31 2000 Nalin Dahyabhai \n- add a symlink from cert.pem to ca-bundle.crt\n* Wed Oct 25 2000 Nalin Dahyabhai \n- add a ca-bundle file for packages like Samba to reference for CA certificates\n* Tue Oct 24 2000 Nalin Dahyabhai \n- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)\n* Mon Oct 02 2000 Nalin Dahyabhai \n- add unzip as a buildprereq (#17662)\n- update m2crypto to 0.05-snap4\n* Tue Sep 26 2000 Bill Nottingham \n- fix some issues in building when it's not installed\n* Wed Sep 06 2000 Nalin Dahyabhai \n- make sure the headers we include are the ones we built with (aaaaarrgh!)\n* Fri Sep 01 2000 Nalin Dahyabhai \n- add Richard Henderson's patch for BN on ia64\n- clean up the changelog\n* Tue Aug 29 2000 Nalin Dahyabhai \n- fix the building of python modules without openssl-devel already installed\n* Wed Aug 23 2000 Nalin Dahyabhai \n- byte-compile python extensions without the build-root\n- adjust the makefile to not remove temporary files (like .key files when\n building .csr files) by marking them as .PRECIOUS\n* Sat Aug 19 2000 Nalin Dahyabhai \n- break out python extensions into a subpackage\n* Mon Jul 17 2000 Nalin Dahyabhai \n- tweak the makefile some more\n* Tue Jul 11 2000 Nalin Dahyabhai \n- disable MD2 support\n* Thu Jul 06 2000 Nalin Dahyabhai \n- disable MDC2 support\n* Sun Jul 02 2000 Nalin Dahyabhai \n- tweak the disabling of RC5, IDEA support\n- tweak the makefile\n* Thu Jun 29 2000 Nalin Dahyabhai \n- strip binaries and libraries\n- rework certificate makefile to have the right parts for Apache\n* Wed Jun 28 2000 Nalin Dahyabhai \n- use %{_perl} instead of /usr/bin/perl\n- disable alpha until it passes its own test suite\n* Fri Jun 09 2000 Nalin Dahyabhai \n- move the passwd.1 man page out of the passwd package's way\n* Fri Jun 02 2000 Nalin Dahyabhai \n- update to 0.9.5a, modified for U.S.\n- add perl as a build-time requirement\n- move certificate makefile to another package\n- disable RC5, IDEA, RSA support\n- remove optimizations for now\n* Wed Mar 01 2000 Florian La Roche \n- Bero told me to move the Makefile into this package\n* Wed Mar 01 2000 Florian La Roche \n- add lib*.so symlinks to link dynamically against shared libs\n* Tue Feb 29 2000 Florian La Roche \n- update to 0.9.5\n- run ldconfig directly in post/postun\n- add FAQ\n* Sat Dec 18 1999 Bernhard Rosenkrdnzer \n- Fix build on non-x86 platforms\n* Fri Nov 12 1999 Bernhard Rosenkrdnzer \n- move /usr/share/ssl/* from -devel to main package\n* Tue Oct 26 1999 Bernhard Rosenkrdnzer \n- inital packaging\n- changes from base:\n - Move /usr/local/ssl to /usr/share/
Fedora Update for openssl FEDORA-2010-17847
