Lucene search

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1074)

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1074) The 'shim' package in Huawei EulerOS V2.0SP10 is affected by CVE-2023-5678, allowing remote attackers to cause a denial of service

Reporter	Title	Published	Views	Family All 199
Tenable Nessus	EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2024-1695)	17 May 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1098)	16 Jan 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2023:4520-1)	22 Nov 202300:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2023:4593-1)	29 Nov 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.0 : openssl (EulerOS-SA-2024-1476)	21 Mar 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : shim-signed (EulerOS-SA-2024-1165)	8 Feb 202400:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.0 : shim (EulerOS-SA-2024-1392)	14 Mar 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2023:4919-1)	21 Dec 202300:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-1_1 (SUSE-SU-2023:4524-1)	22 Nov 202300:00	–	nessus
Tenable Nessus	F5 Networks BIG-IP : OpenSSL vulnerability (K000138242)	17 Jan 202400:00	–	nessus

Source	Link
developer	www.developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html

# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.2.2024.1074");
  script_cve_id("CVE-2023-5678");
  script_tag(name:"creation_date", value:"2024-01-09 04:20:32 +0000 (Tue, 09 Jan 2024)");
  script_version("2024-02-05T14:36:57+0000");
  script_tag(name:"last_modification", value:"2024-02-05 14:36:57 +0000 (Mon, 05 Feb 2024)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2023-11-21 16:54:10 +0000 (Tue, 21 Nov 2023)");

  script_name("Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1074)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2024 Greenbone AG");
  script_family("Huawei EulerOS Local Security Checks");
  script_dependencies("gb_huawei_euleros_consolidation.nasl");
  script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS\-2\.0SP10");

  script_xref(name:"Advisory-ID", value:"EulerOS-SA-2024-1074");
  script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2024-1074");

  script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'shim' package(s) announced via the EulerOS-SA-2024-1074 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the '-pubcheck' option, as well as the OpenSSL genpkey command line application. (CVE-2023-5678)");

  script_tag(name:"affected", value:"'shim' package(s) on Huawei EulerOS V2.0SP10.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "EULEROS-2.0SP10") {

  if(!isnull(res = isrpmvuln(pkg:"shim", rpm:"shim~15~20.h15.eulerosv2r10", rls:"EULEROS-2.0SP10"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"shim-aa64-storage", rpm:"shim-aa64-storage~15~20.h15.eulerosv2r10", rls:"EULEROS-2.0SP10"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Jan 2024 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS35.3

EPSS0.00263