Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:13614125623114202405581HistoryFeb 21, 2024 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2024:0558-1)
2024-02-2100:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
8
suse
libssh2_org
kex pseudo-methods
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
6.6 Medium
AI Score
Confidence
High
0.963 High
EPSS
Percentile
99.5%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2024.0558.1");
script_cve_id("CVE-2023-48795");
script_tag(name:"creation_date", value:"2024-02-21 04:23:53 +0000 (Wed, 21 Feb 2024)");
script_version("2024-02-21T05:06:26+0000");
script_tag(name:"last_modification", value:"2024-02-21 05:06:26 +0000 (Wed, 21 Feb 2024)");
script_tag(name:"cvss_base", value:"5.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:N/I:C/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-12-28 18:26:44 +0000 (Thu, 28 Dec 2023)");
script_name("SUSE: Security Advisory (SUSE-SU-2024:0558-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES15\.0SP2|SLES15\.0SP3|SLES15\.0SP4)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2024:0558-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2024/suse-su-20240558-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'libssh2_org' package(s) announced via the SUSE-SU-2024:0558-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for libssh2_org fixes the following issues:
Always add the KEX pseudo-methods 'ext-info-c' and '[email protected]'
when configuring custom method list. [bsc#1218971, CVE-2023-48795]
The strict-kex extension is announced in the list of available
KEX methods. However, when the default KEX method list is modified
or replaced, the extension is not added back automatically.");
script_tag(name:"affected", value:"'libssh2_org' package(s) on SUSE Enterprise Storage 7.1, SUSE Linux Enterprise Desktop 15-SP4, SUSE Linux Enterprise High Performance Computing 15-SP2, SUSE Linux Enterprise High Performance Computing 15-SP3, SUSE Linux Enterprise High Performance Computing 15-SP4, SUSE Linux Enterprise Micro 5.1, SUSE Linux Enterprise Micro 5.2, SUSE Linux Enterprise Micro 5.3, SUSE Linux Enterprise Micro 5.4, SUSE Linux Enterprise Micro 5.5, SUSE Linux Enterprise Micro for Rancher 5.2, SUSE Linux Enterprise Micro for Rancher 5.3, SUSE Linux Enterprise Micro for Rancher 5.4, SUSE Linux Enterprise Server 15-SP2, SUSE Linux Enterprise Server 15-SP3, SUSE Linux Enterprise Server 15-SP4, SUSE Linux Enterprise Server for SAP Applications 15-SP2, SUSE Linux Enterprise Server for SAP Applications 15-SP3, SUSE Linux Enterprise Server for SAP Applications 15-SP4, SUSE Manager Proxy 4.3, SUSE Manager Retail Branch Server 4.3, SUSE Manager Server 4.3.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES15.0SP2") {
if(!isnull(res = isrpmvuln(pkg:"libssh2-1", rpm:"libssh2-1~1.11.0~150000.4.25.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2-1-32bit", rpm:"libssh2-1-32bit~1.11.0~150000.4.25.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2-1-32bit-debuginfo", rpm:"libssh2-1-32bit-debuginfo~1.11.0~150000.4.25.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2-1-debuginfo", rpm:"libssh2-1-debuginfo~1.11.0~150000.4.25.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2-devel", rpm:"libssh2-devel~1.11.0~150000.4.25.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2_org-debugsource", rpm:"libssh2_org-debugsource~1.11.0~150000.4.25.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES15.0SP3") {
if(!isnull(res = isrpmvuln(pkg:"libssh2-1", rpm:"libssh2-1~1.11.0~150000.4.25.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2-1-debuginfo", rpm:"libssh2-1-debuginfo~1.11.0~150000.4.25.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2-devel", rpm:"libssh2-devel~1.11.0~150000.4.25.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2_org-debugsource", rpm:"libssh2_org-debugsource~1.11.0~150000.4.25.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES15.0SP4") {
if(!isnull(res = isrpmvuln(pkg:"libssh2-1", rpm:"libssh2-1~1.11.0~150000.4.25.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2-1-debuginfo", rpm:"libssh2-1-debuginfo~1.11.0~150000.4.25.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2-devel", rpm:"libssh2-devel~1.11.0~150000.4.25.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libssh2_org-debugsource", rpm:"libssh2_org-debugsource~1.11.0~150000.4.25.1", rls:"SLES15.0SP4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
atlassian
atlassian
CVE-2023-48795 vulnerability on SSH
2024-01-04 17:19:13
oraclelinux
oraclelinux
buildah security update
2024-03-07 00:00:00
openssh security update
2024-03-18 00:00:00
openssh security update
2024-03-19 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: putty-0.80-1.fc39
2024-01-11 01:17:14
[SECURITY] Fedora 38 Update: podman-tui-0.15.0-1.fc38
2023-12-29 01:05:34
[SECURITY] Fedora 39 Update: prometheus-podman-exporter-1.7.0-1.fc39
2024-01-29 06:26:11
ubuntu
ubuntu
libssh2 vulnerability
2024-01-15 00:00:00
LXD vulnerability
2024-04-22 00:00:00
FileZilla vulnerability
2024-01-18 00:00:00
mageia
mageia
Updated erlang packages fix a security vulnerability (Terrapin Attack)
2024-01-20 01:43:32
Updated putty package fixes a security vulnerability (Terrapin attack)
2024-01-08 13:12:44
Updated dropbear package fixes a security vulnerability
2024-01-08 22:01:05
cbl_mariner
cbl_mariner
CVE-2023-48795 affecting package moby-cli for versions less than 20.10.27-2
2024-01-19 03:54:24
CVE-2023-48795 affecting package kubernetes for versions less than 1.30.1-1
2024-06-21 09:32:44
debian
debian
[SECURITY] [DSA 5600-1] php-phpseclib security update
2024-01-12 07:13:37
[SECURITY] [DLA 3718-1] php-phpseclib security update
2024-01-25 02:26:07
[SECURITY] [DSA 5599-1] phpseclib security update
2024-01-12 07:13:27
openvas
openvas
Fedora: Security Advisory for podman (FEDORA-2024-06ebb70bdd)
2024-01-20 00:00:00
Fedora: Security Advisory for golang-x-crypto (FEDORA-2024-7b08207cdb)
2024-01-18 00:00:00
Fedora: Security Advisory for golang-x-crypto (FEDORA-2024-2705241461)
2024-01-18 00:00:00
cloudfoundry
cloudfoundry
USN-6561-1: libssh vulnerability | Cloud Foundry
2024-04-04 00:00:00
freebsd
freebsd
jenkins -- Terrapin SSH vulnerability in Jenkins CLI client
2024-04-17 00:00:00
putty -- add protocol extension against 'Terrapin attack'
2023-10-16 00:00:00
osv
osv
php-phpseclib3 - security update
2024-01-12 00:00:00
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
2023-12-18 19:22:09
phpseclib - security update
2024-01-12 00:00:00
ibm
ibm
alpinelinux
alpinelinux
CVE-2023-48795
2023-12-18 16:15:10
redhat
redhat
(RHSA-2024:0625) Moderate: libssh security update
2024-01-31 08:08:23
(RHSA-2024:1196) Moderate: Red Hat JBoss Enterprise Application Platform 7.4 security update
2024-03-06 17:50:02
(RHSA-2024:1150) Moderate: buildah security update
2024-03-05 15:32:31
nessus
nessus
EulerOS Virtualization 2.11.1 : python-paramiko (EulerOS-SA-2024-1616)
2024-05-15 00:00:00
Fedora 38 : python-paramiko (2024-39a8c72ea9)
2024-01-10 00:00:00
Debian dla-3730 : python-asyncssh-doc - security update
2024-02-01 00:00:00
redos
redos
ROS-20240408-15
2024-04-08 00:00:00
ROS-20240409-04
2024-04-09 00:00:00
amazon
amazon
Medium: openssh
2023-12-18 09:20:00
almalinux
almalinux
Moderate: libssh security update
2024-01-31 00:00:00
github
github
ubuntucve
ubuntucve
CVE-2023-48795
2023-12-18 00:00:00
prion
prion
Design/Logic Flaw
2023-12-18 16:15:00
cvelist
cvelist
CVE-2023-48795
2023-12-18 00:00:00
veracode
veracode
Rogue Session Attack (Terrapin)
2023-12-19 06:46:15
Prefix Truncation Attack (Terrapin Attack)
2023-12-19 09:12:16
paloalto
paloalto
Impact of Terrapin SSH Attack
2024-01-09 01:30:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2382
2024-03-26 11:47:18
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:19.openssh
2023-12-19 00:00:00
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
6.6 Medium
AI Score
Confidence
High
0.963 High
EPSS
Percentile
99.5%
Related for OPENVAS:13614125623114202405581