DATABASE RESOURCES PRICING ABOUT US

{"id": "ELSA-2015-3022", "type": "oraclelinux", "bulletinFamily": "unix", "title": "openssl-fips security update", "description": "[1.0.1m-2.0.1]\n- update to upstream 1.0.1m\n- update to fips canister 2.0.9\n- regenerated below patches\n openssl-1.0.1-beta2-rpmbuild.patch\n openssl-1.0.1m-rhcompat.patch\n openssl-1.0.1m-ecc-suiteb.patch\n openssl-1.0.1m-fips-mode.patch\n openssl-1.0.1m-version.patch\n openssl-1.0.1m-evp-devel.patch\n[1.0.1j-2.0.4]\n- [Orabug 20182267] The openssl-fips-devel package should Provide:\n openssl-devel and openssl-devel(x86-64) like the standard -devel\n package\n- The openssl-fips-devel package should include fips.h and fips_rand.h\n for apps that want to build against FIPS* APIs\n[1.0.1j-2.0.3]\n- [Orabug 20086847] reintroduce patch openssl-1.0.1e-ecc-suiteb.patch,\n update ec_curve.c which gets copied into build tree to match the patch\n (ie only have curves which are advertised). The change items from the\n orignal patch are as follows:\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1j-2.0.2]\n- update README.FIPS with step-by-step install instructions\n[1.0.1j-2.0.1]\n- update to upstream 1.0.1j\n- change name to openssl-fips\n- change Obsoletes: openssl to Conflicts: openssl\n- add Provides: openssl\n[1.0.1i-2.0.3.fips]\n- update to fips canister 2.0.8 to remove Dual EC DRBG\n- run gcc -v so the gcc build version is captured in the build log\n[1.0.1i-2.0.2.fips]\n- flip EVP_CIPH_* flag bits for compatibility with original RH patched pkg\n[1.0.1i-2.0.1.fips]\n- build against upstream 1.0.1i\n- build against fips validated canister 2.0.7\n- add patch to support fips=1\n- rename pkg to openssl-fips and Obsolete openssl\n[1.0.1e-16.14]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-16.7]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-16.4]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-16.3]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-16.2]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-16.1]\n- add back some no-op symbols that were inadvertently dropped\n[1.0.1e-16]\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1e-15]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n[1.0.1e-14]\n- installation of dracut-fips marks that the FIPS module is installed\n[1.0.1e-13]\n- avoid dlopening libssl.so from libcrypto\n[1.0.1e-12]\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-11]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n[1.0.1e-9]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-8]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-7]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-6]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-5]\n- use _prefix macro\n[1.0.1e-4]\n- add relro linking flag\n[1.0.1e-2]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-1]\n- rebase to the 1.0.1e upstream version\n[1.0.0-28]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)\n[1.0.0-27]\n- fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645)\n- drop superfluous lib64 fixup in pkgconfig .pc files (#770872)\n- force BIO_accept_new(*:\n) to listen on IPv4\n[1.0.0-26]\n- use PKCS#8 when writing private keys in FIPS mode as the old\n PEM encryption mode is not FIPS compatible (#812348)\n[1.0.0-25]\n- fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n- properly initialize tkeylen in the CVE-2012-0884 fix\n[1.0.0-24]\n- fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)\n[1.0.0-23]\n- fix problem with the SGC restart patch that might terminate handshake\n incorrectly\n- fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n- fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n[1.0.0-22]\n- fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes\n[1.0.0-21]\n- fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery\n vulnerability and additional DTLS fixes (#771770)\n- fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n- fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778)\n- fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n[1.0.0-20]\n- fix x86cpuid.pl - patch by Paolo Bonzini\n[1.0.0-19]\n- add known answer test for SHA2 algorithms\n[1.0.0-18]\n- fix missing initialization of a variable in the CHIL engine (#740188)\n[1.0.0-17]\n- initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207\n (#736087)\n[1.0.0-16]\n- merge the optimizations for AES-NI, SHA1, and RC4 from the intelx\n engine to the internal implementations\n[1.0.0-15]\n- better documentation of the available digests in apps (#693858)\n- backported CHIL engine fixes (#693863)\n- allow testing build without downstream patches (#708511)\n- enable partial RELRO when linking (#723994)\n- add intelx engine with improved performance on new Intel CPUs\n- add OPENSSL_DISABLE_AES_NI environment variable which disables\n the AES-NI support (does not affect the intelx engine)\n[1.0.0-14]\n- use the AES-NI engine in the FIPS mode\n[1.0.0-11]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document\n[1.0.0-8]\n- add -x931 parameter to openssl genrsa command to use the ANSI X9.31\n key generation method\n- use FIPS-186-3 method for DSA parameter generation\n- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable\n to allow using MD5 when the system is in the maintenance state\n even if the /proc fips flag is on\n- make openssl pkcs12 command work by default in the FIPS mode\n[1.0.0-7]\n- listen on ipv6 wildcard in s_server so we accept connections\n from both ipv4 and ipv6 (#601612)\n- fix openssl speed command so it can be used in the FIPS mode\n with FIPS allowed ciphers (#619762)\n[1.0.0-6]\n- disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864\n (#649304)\n[1.0.0-5]\n- fix race in extension parsing code - CVE-2010-3864 (#649304)\n[1.0.0-4]\n- openssl man page fix (#609484)\n[1.0.0-3]\n- fix wrong ASN.1 definition of OriginatorInfo - CVE-2010-0742 (#598738)\n- fix information leak in rsa_verify_recover - CVE-2010-1633 (#598732)\n[1.0.0-2]\n- make CA dir readable - the private keys are in private subdir (#584810)\n- a few fixes from upstream CVS\n- make X509_NAME_hash_old work in FIPS mode (#568395)\n[1.0.0-1]\n- update to final 1.0.0 upstream release\n[1.0.0-0.22.beta5]\n- make TLS work in the FIPS mode\n[1.0.0-0.21.beta5]\n- gracefully handle zero length in assembler implementations of\n OPENSSL_cleanse (#564029)\n- do not fail in s_server if client hostname not resolvable (#561260)\n[1.0.0-0.20.beta5]\n- new upstream release\n[1.0.0-0.19.beta4]\n- fix CVE-2009-4355 - leak in applications incorrectly calling\n CRYPTO_free_all_ex_data() before application exit (#546707)\n- upstream fix for future TLS protocol version handling\n[1.0.0-0.18.beta4]\n- add support for Intel AES-NI\n[1.0.0-0.17.beta4]\n- upstream fix compression handling on session resumption\n- various null checks and other small fixes from upstream\n- upstream changes for the renegotiation info according to the latest draft\n[1.0.0-0.16.beta4]\n- fix non-fips mingw build (patch by Kalev Lember)\n- add IPV6 fix for DTLS\n[1.0.0-0.15.beta4]\n- add better error reporting for the unsafe renegotiation\n[1.0.0-0.14.beta4]\n- fix build on s390x\n[1.0.0-0.13.beta4]\n- disable enforcement of the renegotiation extension on the client (#537962)\n- add fixes from the current upstream snapshot\n[1.0.0-0.12.beta4]\n- keep the beta status in version number at 3 so we do not have to rebuild\n openssh and possibly other dependencies with too strict version check\n[1.0.0-0.11.beta4]\n- update to new upstream version, no soname bump needed\n- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used\n so the compatibility with unfixed clients is not broken. The\n protocol extension is also not final.\n[1.0.0-0.10.beta3]\n- fix use of freed memory if SSL_CTX_free() is called before\n SSL_free() (#521342)\n[1.0.0-0.9.beta3]\n- fix typo in DTLS1 code (#527015)\n- fix leak in error handling of d2i_SSL_SESSION()\n[1.0.0-0.8.beta3]\n- fix RSA and DSA FIPS selftests\n- reenable fixed x86_64 camellia assembler code (#521127)\n[1.0.0-0.7.beta3]\n- temporarily disable x86_64 camellia assembler code (#521127)\n[1.0.0-0.6.beta3]\n- fix openssl dgst -dss1 (#520152)\n[1.0.0-0.5.beta3]\n- drop the compat symlink hacks\n[1.0.0-0.4.beta3]\n- constify SSL_CIPHER_description()\n[1.0.0-0.3.beta3]\n- fix WWW:Curl:Easy reference in tsget\n[1.0.0-0.2.beta3]\n- enable MD-2\n[1.0.0-0.1.beta3]\n- update to new major upstream release\n[0.9.8k-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Wed Jul 22 2009 Bill Nottingham \n- do not build special 'optimized' versions for i686, as that's the base\n arch in Fedora now\n[0.9.8k-6]\n- abort if selftests failed and random number generator is polled\n- mention EVP_aes and EVP_sha2xx routines in the manpages\n- add README.FIPS\n- make CA dir absolute path (#445344)\n- change default length for RSA key generation to 2048 (#484101)\n[0.9.8k-5]\n- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n (DTLS DoS problems) (#501253, #501254, #501572)\n[0.9.8k-4]\n- support compatibility DTLS mode for CISCO AnyConnect (#464629)\n[0.9.8k-3]\n- correct the SHLIB_VERSION define\n[0.9.8k-2]\n- add support for multiple CRLs with same subject\n- load only dynamic engine support in FIPS mode\n[0.9.8k-1]\n- update to new upstream release (minor bug fixes, security\n fixes and machine code optimizations only)\n[0.9.8j-10]\n- move libraries to /usr/lib (#239375)\n[0.9.8j-9]\n- add a static subpackage\n[0.9.8j-8]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\n[0.9.8j-7]\n- must also verify checksum of libssl.so in the FIPS mode\n- obtain the seed for FIPS rng directly from the kernel device\n- drop the temporary symlinks\n[0.9.8j-6]\n- drop the temporary triggerpostun and symlinking in post\n- fix the pkgconfig files and drop the unnecessary buildrequires\n on pkgconfig as it is a rpmbuild dependency (#481419)\n[0.9.8j-5]\n- add temporary triggerpostun to reinstate the symlinks\n[0.9.8j-4]\n- no pairwise key tests in non-fips mode (#479817)\n[0.9.8j-3]\n- even more robust test for the temporary symlinks\n[0.9.8j-2]\n- try to ensure the temporary symlinks exist\n[0.9.8j-1]\n- new upstream version with necessary soname bump (#455753)\n- temporarily provide symlink to old soname to make it possible to rebuild\n the dependent packages in rawhide\n- add eap-fast support (#428181)\n- add possibility to disable zlib by setting\n- add fips mode support for testing purposes\n- do not null dereference on some invalid smime files\n- add buildrequires pkgconfig (#479493)\n[0.9.8g-11]\n- do not add tls extensions to server hello for SSLv3 either\n[0.9.8g-10]\n- move root CA bundle to ca-certificates package\n[0.9.8g-9]\n- fix CVE-2008-0891 - server name extension crash (#448492)\n- fix CVE-2008-1672 - server key exchange message omit crash (#448495)\n[0.9.8g-8]\n- super-H arch support\n- drop workaround for bug 199604 as it should be fixed in gcc-4.3\n[0.9.8g-7]\n- sparc handling\n[0.9.8g-6]\n- update to new root CA bundle from mozilla.org (r1.45)\n[0.9.8g-5]\n- Autorebuild for GCC 4.3\n[0.9.8g-4]\n- merge review fixes (#226220)\n- adjust the SHLIB_VERSION_NUMBER to reflect library name (#429846)\n[0.9.8g-3]\n- set default paths when no explicit paths are set (#418771)\n- do not add tls extensions to client hello for SSLv3 (#422081)\n[0.9.8g-2]\n- enable some new crypto algorithms and features\n- add some more important bug fixes from openssl CVS\n[0.9.8g-1]\n- update to latest upstream release, SONAME bumped to 7\n[0.9.8b-17]\n- update to new CA bundle from mozilla.org\n[0.9.8b-16]\n- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309801)\n- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321191)\n- add alpha sub-archs (#296031)\n[0.9.8b-15]\n- rebuild\n[0.9.8b-14]\n- use localhost in testsuite, hopefully fixes slow build in koji\n- CVE-2007-3108 - fix side channel attack on private keys (#250577)\n- make ssl session cache id matching strict (#233599)\n[0.9.8b-13]\n- allow building on ARM architectures (#245417)\n- use reference timestamps to prevent multilib conflicts (#218064)\n- -devel package must require pkgconfig (#241031)\n[0.9.8b-12]\n- detect duplicates in add_dir properly (#206346)\n[0.9.8b-11]\n- the previous change still didn't make X509_NAME_cmp transitive\n[0.9.8b-10]\n- make X509_NAME_cmp transitive otherwise certificate lookup\n is broken (#216050)\n[0.9.8b-9]\n- aliasing bug in engine loading, patch by IBM (#213216)\n[0.9.8b-8]\n- CVE-2006-2940 fix was incorrect (#208744)\n[0.9.8b-7]\n- fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n- fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n- fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n- fix CVE-2006-4343 - sslv2 client DoS (#206940)\n[0.9.8b-6]\n- fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n[0.9.8b-5]\n- set buffering to none on stdio/stdout FILE when bufsize is set (#200580)\n patch by IBM\n[0.9.8b-4.1]\n- rebuild with new binutils (#200330)\n[0.9.8b-4]\n- add a temporary workaround for sha512 test failure on s390 (#199604)\n* Thu Jul 20 2006 Tomas Mraz \n- add ipv6 support to s_client and s_server (by Jan Pazdziora) (#198737)\n- add patches for BN threadsafety, AES cache collision attack hazard fix and\n pkcs7 code memleak fix from upstream CVS\n[0.9.8b-3.1]\n- rebuild\n[0.9.8b-3]\n- dropped libica and ica engine from build\n* Wed Jun 21 2006 Joe Orton \n- update to new CA bundle from mozilla.org; adds CA certificates\n from netlock.hu and startcom.org\n[0.9.8b-2]\n- fixed a few rpmlint warnings\n- better fix for #173399 from upstream\n- upstream fix for pkcs12\n[0.9.8b-1]\n- upgrade to new version, stays ABI compatible\n- there is no more linux/config.h (it was empty anyway)\n[0.9.8a-6]\n- fix stale open handles in libica (#177155)\n- fix build if 'rand' or 'passwd' in buildroot path (#178782)\n- initialize VIA Padlock engine (#186857)\n[0.9.8a-5.2]\n- bump again for double-long bug on ppc(64)\n[0.9.8a-5.1]\n- rebuilt for new gcc4.1 snapshot and glibc changes\n[0.9.8a-5]\n- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\n in SSL_OP_ALL (#175779)\n* Fri Dec 09 2005 Jesse Keating \n- rebuilt\n[0.9.8a-4]\n- fix build (-lcrypto was erroneusly dropped) of the updated libica\n- updated ICA engine to 1.3.6-rc3\n[0.9.8a-3]\n- disable builtin compression methods for now until they work\n properly (#173399)\n[0.9.8a-2]\n- don't set -rpath for openssl binary\n[0.9.8a-1]\n- new upstream version\n- patches partially renumbered\n[0.9.7f-11]\n- updated IBM ICA engine library and patch to latest upstream version\n[0.9.7f-10]\n- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which\n disables the countermeasure against man in the middle attack in SSLv2\n (#169863)\n- use sha1 as default for CA and cert requests - CAN-2005-2946 (#169803)\n[0.9.7f-9]\n- add *.so.soversion as symlinks in /lib (#165264)\n- remove unpackaged symlinks (#159595)\n- fixes from upstream (constant time fixes for DSA,\n bn assembler div on ppc arch, initialize memory on realloc)\n[0.9.7f-8]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7f-7]\n- fix CAN-2005-0109 - use constant time/memory access mod_exp\n so bits of private key aren't leaked by cache eviction (#157631)\n- a few more fixes from upstream 0.9.7g\n[0.9.7f-6]\n- use poll instead of select in rand (#128285)\n- fix Makefile.certificate to point to /etc/pki/tls\n- change the default string mask in ASN1 to PrintableString+UTF8String\n[0.9.7f-5]\n- update to revision 1.37 of Mozilla CA bundle\n[0.9.7f-4]\n- move certificates to _sysconfdir/pki/tls (#143392)\n- move CA directories to _sysconfdir/pki/CA\n- patch the CA script and the default config so it points to the\n CA directories\n[0.9.7f-3]\n- uninitialized variable mustn't be used as input in inline\n assembly\n- reenable the x86_64 assembly again\n[0.9.7f-2]\n- add back RC4_CHAR on ia64 and x86_64 so the ABI isn't broken\n- disable broken bignum assembly on x86_64\n[0.9.7f-1]\n- reenable optimizations on ppc64 and assembly code on ia64\n- upgrade to new upstream version (no soname bump needed)\n- disable thread test - it was testing the backport of the\n RSA blinding - no longer needed\n- added support for changing serial number to\n Makefile.certificate (#151188)\n- make ca-bundle.crt a config file (#118903)\n[0.9.7e-3]\n- libcrypto shouldn't depend on libkrb5 (#135961)\n[0.9.7e-2]\n- rebuild\n[0.9.7e-1]\n- new upstream source, updated patches\n- added patch so we are hopefully ABI compatible with upcoming\n 0.9.7f\n* Thu Feb 10 2005 Tomas Mraz \n- Support UTF-8 charset in the Makefile.certificate (#134944)\n- Added cmp to BuildPrereq\n[0.9.7a-46]\n- generate new ca-bundle.crt from Mozilla certdata.txt (revision 1.32)\n[0.9.7a-45]\n- Fixed and updated libica-1.3.4-urandom.patch patch (#122967)\n[0.9.7a-44]\n- rebuild\n[0.9.7a-43]\n- rebuild\n[0.9.7a-42]\n- rebuild\n[0.9.7a-41]\n- remove der_chop, as upstream cvs has done (CAN-2004-0975, #140040)\n[0.9.7a-40]\n- Include latest libica version with important bugfixes\n* Tue Jun 15 2004 Elliot Lee \n- rebuilt\n[0.9.7a-38]\n- Updated ICA engine IBM patch to latest upstream version.\n[0.9.7a-37]\n- build for linux-alpha-gcc instead of alpha-gcc on alpha (Jeff Garzik)\n[0.9.7a-36]\n- handle %{_arch}=i486/i586/i686/athlon cases in the intermediate\n header (#124303)\n[0.9.7a-35]\n- add security fixes for CAN-2004-0079, CAN-2004-0112\n* Tue Mar 16 2004 Phil Knirsch \n- Fixed libica filespec.\n[0.9.7a-34]\n- ppc/ppc64 define __powerpc__/__powerpc64__, not __ppc__/__ppc64__, fix\n the intermediate header\n[0.9.7a-33]\n- add an intermediate \n which points to the right\n arch-specific opensslconf.h on multilib arches\n* Tue Mar 02 2004 Elliot Lee \n- rebuilt\n[0.9.7a-32]\n- Updated libica to latest upstream version 1.3.5.\n[0.9.7a-31]\n- Update ICA crypto engine patch from IBM to latest version.\n* Fri Feb 13 2004 Elliot Lee \n- rebuilt\n[0.9.7a-29]\n- rebuilt\n[0.9.7a-28]\n- Fixed libica build.\n* Wed Feb 04 2004 Nalin Dahyabhai \n- add '-ldl' to link flags added for Linux-on-ARM (#99313)\n[0.9.7a-27]\n- updated ca-bundle.crt: removed expired GeoTrust roots, added\n freessl.com root, removed trustcenter.de Class 0 root\n[0.9.7a-26]\n- Fix link line for libssl (bug #111154).\n[0.9.7a-25]\n- add dependency on zlib-devel for the -devel package, which depends on zlib\n symbols because we enable zlib for libssl (#102962)\n[0.9.7a-24]\n- Use /dev/urandom instead of PRNG for libica.\n- Apply libica-1.3.5 fix for /dev/urandom in icalinux.c\n- Use latest ICA engine patch from IBM.\n[0.9.7a-22.1]\n- rebuild\n[0.9.7a-22]\n- rebuild (22 wasn't actually built, fun eh?)\n[0.9.7a-23]\n- re-disable optimizations on ppc64\n* Tue Sep 30 2003 Joe Orton \n- add a_mbstr.c fix for 64-bit platforms from CVS\n[0.9.7a-22]\n- add -Wa,--noexecstack to RPM_OPT_FLAGS so that assembled modules get tagged\n as not needing executable stacks\n[0.9.7a-21]\n- rebuild\n* Thu Sep 25 2003 Nalin Dahyabhai \n- re-enable optimizations on ppc64\n* Thu Sep 25 2003 Nalin Dahyabhai \n- remove exclusivearch\n[0.9.7a-20]\n- only parse a client cert if one was requested\n- temporarily exclusivearch for %{ix86}\n* Tue Sep 23 2003 Nalin Dahyabhai \n- add security fixes for protocol parsing bugs (CAN-2003-0543, CAN-2003-0544)\n and heap corruption (CAN-2003-0545)\n- update RHNS-CA-CERT files\n- ease back on the number of threads used in the threading test\n[0.9.7a-19]\n- rebuild to fix gzipped file md5sums (#91211)\n[0.9.7a-18]\n- Updated libica to version 1.3.4.\n[0.9.7a-17]\n- rebuild\n[0.9.7a-10.9]\n- free the kssl_ctx structure when we free an SSL structure (#99066)\n[0.9.7a-16]\n- rebuild\n[0.9.7a-15]\n- lower thread test count on s390x\n[0.9.7a-14]\n- rebuild\n[0.9.7a-13]\n- disable assembly on arches where it seems to conflict with threading\n[0.9.7a-12]\n- Updated libica to latest upstream version 1.3.0\n[0.9.7a-9.9]\n- rebuild\n[0.9.7a-11]\n- rebuild\n[0.9.7a-10]\n- ubsec: don't stomp on output data which might also be input data\n[0.9.7a-9]\n- temporarily disable optimizations on ppc64\n* Mon Jun 09 2003 Nalin Dahyabhai \n- backport fix for engine-used-for-everything from 0.9.7b\n- backport fix for prng not being seeded causing problems, also from 0.9.7b\n- add a check at build-time to ensure that RSA is thread-safe\n- keep perlpath from stomping on the libica configure scripts\n* Fri Jun 06 2003 Nalin Dahyabhai \n- thread-safety fix for RSA blinding\n[0.9.7a-8]\n- rebuilt\n[0.9.7a-7]\n- Added libica-1.2 to openssl (featurerequest).\n[0.9.7a-6]\n- fix building with incorrect flags on ppc64\n[0.9.7a-5]\n- add patch to harden against Klima-Pokorny-Rosa extension of Bleichenbacher's\n attack (CAN-2003-0131)\n[ 0.9.7a-4]\n- add patch to enable RSA blinding by default, closing a timing attack\n (CAN-2003-0147)\n[0.9.7a-3]\n- disable use of BN assembly module on x86_64, but continue to allow inline\n assembly (#83403)\n[0.9.7a-2]\n- disable EC algorithms\n[0.9.7a-1]\n- update to 0.9.7a\n[0.9.7-8]\n- add fix to guard against attempts to allocate negative amounts of memory\n- add patch for CAN-2003-0078, fixing a timing attack\n[0.9.7-7]\n- Add openssl-ppc64.patch\n[0.9.7-6]\n- EVP_DecryptInit should call EVP_CipherInit() instead of EVP_CipherInit_ex(),\n to get the right behavior when passed uninitialized context structures\n (#83766)\n- build with -mcpu=ev5 on alpha family (#83828)\n* Wed Jan 22 2003 Tim Powers \n- rebuilt\n[0.9.7-4]\n- Added IBM hw crypto support patch.\n* Wed Jan 15 2003 Nalin Dahyabhai \n- add missing builddep on sed\n[0.9.7-3]\n- debloat\n- fix broken manpage symlinks\n[0.9.7-2]\n- fix double-free in 'openssl ca'\n[0.9.7-1]\n- update to 0.9.7 final\n[0.9.7-0]\n- update to 0.9.7 beta6 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n* Wed Dec 11 2002 Nalin Dahyabhai \n- update to 0.9.7 beta5 (DO NOT USE UNTIL UPDATED TO FINAL 0.9.7)\n[0.9.6b-30]\n- add configuration stanza for x86_64 and use it on x86_64\n- build for linux-ppc on ppc\n- start running the self-tests again\n[0.9.6b-29hammer.3]\n- Merge fixes from previous hammer packages, including general x86-64 and\n multilib\n[0.9.6b-29]\n- rebuild\n[0.9.6b-28]\n- update asn patch to fix accidental reversal of a logic check\n[0.9.6b-27]\n- update asn patch to reduce chance that compiler optimization will remove\n one of the added tests\n[0.9.6b-26]\n- rebuild\n[0.9.6b-25]\n- add patch to fix ASN.1 vulnerabilities\n[0.9.6b-24]\n- add backport of Ben Laurie's patches for OpenSSL 0.9.6d\n[0.9.6b-23]\n- own {_datadir}/ssl/misc\n* Fri Jun 21 2002 Tim Powers \n- automated rebuild\n* Sun May 26 2002 Tim Powers \n- automated rebuild\n[0.9.6b-20]\n- free ride through the build system (whee!)\n[0.9.6b-19]\n- rebuild in new environment\n[0.9.6b-17, 0.9.6b-18]\n- merge RHL-specific bits into stronghold package, rename\n[stronghold-0.9.6c-2]\n- add support for Chrysalis Luna token\n* Tue Mar 26 2002 Gary Benson \n- disable AEP random number generation, other AEP fixes\n[0.9.6b-15]\n- only build subpackages on primary arches\n[0.9.6b-13]\n- on ia32, only disable use of assembler on i386\n- enable assembly on ia64\n[0.9.6b-11]\n- fix sparcv9 entry\n[stronghold-0.9.6c-1]\n- upgrade to 0.9.6c\n- bump BuildArch to i686 and enable assembler on all platforms\n- synchronise with shrimpy and rawhide\n- bump soversion to 3\n* Wed Oct 10 2001 Florian La Roche \n- delete BN_LLONG for s390x, patch from Oliver Paukstadt\n[0.9.6b-9]\n- update AEP driver patch\n* Mon Sep 10 2001 Nalin Dahyabhai \n- adjust RNG disabling patch to match version of patch from Broadcom\n[0.9.6b-8]\n- disable the RNG in the ubsec engine driver\n[0.9.6b-7]\n- tweaks to the ubsec engine driver\n[0.9.6b-6]\n- tweaks to the ubsec engine driver\n[0.9.6b-5]\n- update ubsec engine driver from Broadcom\n[0.9.6b-4]\n- move man pages back to %{_mandir}/man?/foo.?ssl from\n %{_mandir}/man?ssl/foo.?\n- add an [ engine ] section to the default configuration file\n* Thu Aug 09 2001 Nalin Dahyabhai \n- add a patch for selecting a default engine in SSL_library_init()\n[0.9.6b-3]\n- add patches for AEP hardware support\n- add patch to keep trying when we fail to load a cert from a file and\n there are more in the file\n- add missing prototype for ENGINE_ubsec() in engine_int.h\n[0.9.6b-2]\n- actually add hw_ubsec to the engine list\n* Tue Jul 17 2001 Nalin Dahyabhai \n- add in the hw_ubsec driver from CVS\n[0.9.6b-1]\n- update to 0.9.6b\n* Thu Jul 05 2001 Nalin Dahyabhai \n- move .so symlinks back to %{_libdir}\n* Tue Jul 03 2001 Nalin Dahyabhai \n- move shared libraries to /lib (#38410)\n* Mon Jun 25 2001 Nalin Dahyabhai \n- switch to engine code base\n* Mon Jun 18 2001 Nalin Dahyabhai \n- add a script for creating dummy certificates\n- move man pages from %{_mandir}/man?/foo.?ssl to %{_mandir}/man?ssl/foo.?\n* Thu Jun 07 2001 Florian La Roche \n- add s390x support\n* Fri Jun 01 2001 Nalin Dahyabhai \n- change two memcpy() calls to memmove()\n- don't define L_ENDIAN on alpha\n[stronghold-0.9.6a-1]\n- Add 'stronghold-' prefix to package names.\n- Obsolete standard openssl packages.\n* Wed May 16 2001 Joe Orton \n- Add BuildArch: i586 as per Nalin's advice.\n* Tue May 15 2001 Joe Orton \n- Enable assembler on ix86 (using new .tar.bz2 which does\n include the asm directories).\n* Tue May 15 2001 Nalin Dahyabhai \n- make subpackages depend on the main package\n* Tue May 01 2001 Nalin Dahyabhai \n- adjust the hobble script to not disturb symlinks in include/ (fix from\n Joe Orton)\n* Fri Apr 27 2001 Nalin Dahyabhai \n- drop the m2crypo patch we weren't using\n* Tue Apr 24 2001 Nalin Dahyabhai \n- configure using 'shared' as well\n* Sun Apr 08 2001 Nalin Dahyabhai \n- update to 0.9.6a\n- use the build-shared target to build shared libraries\n- bump the soversion to 2 because we're no longer compatible with\n our 0.9.5a packages or our 0.9.6 packages\n- drop the patch for making rsatest a no-op when rsa null support is used\n- put all man pages into \nssl instead of \n- break the m2crypto modules into a separate package\n* Tue Mar 13 2001 Nalin Dahyabhai \n- use BN_LLONG on s390\n* Mon Mar 12 2001 Nalin Dahyabhai \n- fix the s390 changes for 0.9.6 (isn't supposed to be marked as 64-bit)\n* Sat Mar 03 2001 Nalin Dahyabhai \n- move c_rehash to the perl subpackage, because it's a perl script now\n* Fri Mar 02 2001 Nalin Dahyabhai \n- update to 0.9.6\n- enable MD2\n- use the libcrypto.so and libssl.so targets to build shared libs with\n- bump the soversion to 1 because we're no longer compatible with any of\n the various 0.9.5a packages circulating around, which provide lib*.so.0\n* Wed Feb 28 2001 Florian La Roche \n- change hobble-openssl for disabling MD2 again\n* Tue Feb 27 2001 Nalin Dahyabhai \n- re-disable MD2 -- the EVP_MD_CTX structure would grow from 100 to 152\n bytes or so, causing EVP_DigestInit() to zero out stack variables in\n apps built against a version of the library without it\n* Mon Feb 26 2001 Nalin Dahyabhai \n- disable some inline assembly, which on x86 is Pentium-specific\n- re-enable MD2 (see http://www.ietf.org/ietf/IPR/RSA-MD-all)\n* Thu Feb 08 2001 Florian La Roche \n- fix s390 patch\n* Fri Dec 08 2000 Than Ngo \n- added support s390\n* Mon Nov 20 2000 Nalin Dahyabhai \n- remove -Wa,* and -m* compiler flags from the default Configure file (#20656)\n- add the CA.pl man page to the perl subpackage\n* Thu Nov 02 2000 Nalin Dahyabhai \n- always build with -mcpu=ev5 on alpha\n* Tue Oct 31 2000 Nalin Dahyabhai \n- add a symlink from cert.pem to ca-bundle.crt\n* Wed Oct 25 2000 Nalin Dahyabhai \n- add a ca-bundle file for packages like Samba to reference for CA certificates\n* Tue Oct 24 2000 Nalin Dahyabhai \n- remove libcrypto's crypt(), which doesn't handle md5crypt (#19295)\n* Mon Oct 02 2000 Nalin Dahyabhai \n- add unzip as a buildprereq (#17662)\n- update m2crypto to 0.05-snap4\n* Tue Sep 26 2000 Bill Nottingham \n- fix some issues in building when it's not installed\n* Wed Sep 06 2000 Nalin Dahyabhai \n- make sure the headers we include are the ones we built with (aaaaarrgh!)\n* Fri Sep 01 2000 Nalin Dahyabhai \n- add Richard Henderson's patch for BN on ia64\n- clean up the changelog\n* Tue Aug 29 2000 Nalin Dahyabhai \n- fix the building of python modules without openssl-devel already installed\n* Wed Aug 23 2000 Nalin Dahyabhai \n- byte-compile python extensions without the build-root\n- adjust the makefile to not remove temporary files (like .key files when\n building .csr files) by marking them as .PRECIOUS\n* Sat Aug 19 2000 Nalin Dahyabhai \n- break out python extensions into a subpackage\n* Mon Jul 17 2000 Nalin Dahyabhai \n- tweak the makefile some more\n* Tue Jul 11 2000 Nalin Dahyabhai \n- disable MD2 support\n* Thu Jul 06 2000 Nalin Dahyabhai \n- disable MDC2 support\n* Sun Jul 02 2000 Nalin Dahyabhai \n- tweak the disabling of RC5, IDEA support\n- tweak the makefile\n* Thu Jun 29 2000 Nalin Dahyabhai \n- strip binaries and libraries\n- rework certificate makefile to have the right parts for Apache\n* Wed Jun 28 2000 Nalin Dahyabhai \n- use %{_perl} instead of /usr/bin/perl\n- disable alpha until it passes its own test suite\n* Fri Jun 09 2000 Nalin Dahyabhai \n- move the passwd.1 man page out of the passwd package's way\n* Fri Jun 02 2000 Nalin Dahyabhai \n- update to 0.9.5a, modified for U.S.\n- add perl as a build-time requirement\n- move certificate makefile to another package\n- disable RC5, IDEA, RSA support\n- remove optimizations for now\n* Wed Mar 01 2000 Florian La Roche \n- Bero told me to move the Makefile into this package\n* Wed Mar 01 2000 Florian La Roche \n- add lib*.so symlinks to link dynamically against shared libs\n* Tue Feb 29 2000 Florian La Roche \n- update to 0.9.5\n- run ldconfig directly in post/postun\n- add FAQ\n* Sat Dec 18 1999 Bernhard Rosenkrdnzer \n- Fix build on non-x86 platforms\n* Fri Nov 12 1999 Bernhard Rosenkrdnzer \n- move /usr/share/ssl/* from -devel to main package\n* Tue Oct 26 1999 Bernhard Rosenkrdnzer \n- inital packaging\n- changes from base:\n - Move /usr/local/ssl to /usr/share/ssl for FHS compliance\n - handle RPM_OPT_FLAGS\nopenssl-1.0.1-beta2-rpmbuild.patch\nopenssl-0.9.8a-no-rpath.patch", "published": "2015-04-02T00:00:00", "modified": "2015-04-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://linux.oracle.com/errata/ELSA-2015-3022.html", "reporter": "OracleLinux", "references": [], "cvelist": ["CVE-2003-0078", "CVE-2003-0131", "CVE-2003-0147", "CVE-2003-0543", "CVE-2003-0544", "CVE-2003-0545", "CVE-2004-0079", "CVE-2004-0112", "CVE-2004-0975", "CVE-2005-0109", "CVE-2005-2946", "CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-5298", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2333", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "immutableFields": [], "lastseen": "2021-05-13T09:23:28", "viewCount": 238, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSH_ADVISORY2.ASC", "OPENSSL_ADVISORY13.ASC", "OPENSSL_ADVISORY3.ASC", "OPENSSL_ADVISORY4.ASC", "OPENSSL_ADVISORY5.ASC", "OPENSSL_ADVISORY6.ASC", "OPENSSL_ADVISORY8.ASC", "OPENSSL_ADVISORY9.ASC"]}, {"type": "altlinux", "idList": ["06B10784464339E3251E4C3544A48D19", "1AE3F028B45AFBA1000C345913245540", "758E6D870DDEA68E74011E577E986457", "E210B5D4B7259AFCE092F9D1D5E8FDD0"]}, {"type": "amazon", "idList": ["ALAS-2011-004", "ALAS-2012-038", "ALAS-2012-062", "ALAS-2012-072", "ALAS-2012-073", "ALAS-2012-085", "ALAS-2013-162", "ALAS-2013-163", "ALAS-2013-171", "ALAS-2014-273", "ALAS-2014-320", "ALAS-2014-349", "ALAS-2014-350", "ALAS-2014-351", "ALAS-2015-498", "ALAS-2016-682"]}, {"type": "archlinux", "idList": ["ASA-201503-16", "ASA-201503-17", "ASA-201605-3", "ASA-201605-4"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRACLOUD-38927", "ATLASSIAN:JRASERVER-38927"]}, {"type": "attackerkb", "idList": ["AKB:38A528B1-7F68-45C8-911E-1D3F8DC5EDB4", "AKB:7E88FA13-5594-41E0-B57C-734E78ACDD62", "AKB:D165638B-97C5-4C99-BFA0-70576DB52324"]}, {"type": "avleonov", "idList": ["AVLEONOV:A9AB661A53F0E9B8923DE780E6F05F48", "AVLEONOV:B5CA8049524C96A911991EE8ADF24F64"]}, {"type": "centos", "idList": ["CESA-2005:476", "CESA-2005:476-01", "CESA-2005:800", "CESA-2005:800-01", "CESA-2005:829-00", "CESA-2006:0661", "CESA-2006:0661-01", "CESA-2006:0695", "CESA-2006:0695-01", "CESA-2007:0813", "CESA-2007:0813-01", "CESA-2007:0964", "CESA-2007:1003", "CESA-2009:1335", "CESA-2009:1579", "CESA-2009:1580", "CESA-2010:0054", "CESA-2010:0162", "CESA-2010:0163", "CESA-2010:0164", "CESA-2010:0165", "CESA-2010:0166", "CESA-2010:0167", "CESA-2010:0339", "CESA-2010:0768", "CESA-2012:0059", "CESA-2012:0060", "CESA-2012:0086", "CESA-2012:0426", "CESA-2012:0518", "CESA-2012:0699", "CESA-2013:0273", "CESA-2013:0274", "CESA-2013:0275", "CESA-2013:0587", "CESA-2014:0015", "CESA-2014:0376", "CESA-2014:0624", "CESA-2014:0625", "CESA-2014:0626", "CESA-2014:1053", "CESA-2015:0715", "CESA-2015:0716", "CESA-2015:0800", "CESA-2016:0372"]}, {"type": "cert", "idList": ["VU:104280", "VU:120541", "VU:247744", "VU:255484", "VU:288574", "VU:298233", "VU:380864", "VU:386964", "VU:423396", "VU:465542", "VU:484726", "VU:520586", "VU:547300", "VU:661475", "VU:720951", "VU:724968", "VU:737740", "VU:845620", "VU:888801", "VU:911878", "VU:935264", "VU:978508", "VU:987798", "VU:997481"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2006-123", "CPAI-2008-014", "CPAI-2009-0308", "CPAI-2010-020", "CPAI-2010-354", "CPAI-2014-1066", "CPAI-2014-1083", "CPAI-2014-1170", "CPAI-2014-1173", "CPAI-2014-1336", "CPAI-2014-1346", "CPAI-2014-1550", "CPAI-2014-1592", "CPAI-2014-1616", "CPAI-2014-1617", "CPAI-2014-1625", "CPAI-2014-1927", "CPAI-2014-2415", "CPAI-2015-0494", "SBP-2009-23"]}, {"type": "checkpoint_security", "idList": ["CPS:SK100173", "CPS:SK101186", "CPS:SK32088", "CPS:SK32188", "CPS:SK32230", "CPS:SK33695", "CPS:SK33701", "CPS:SK33702", "CPS:SK33771", "CPS:SK35708", "CPS:SK71821", "CPS:SK76360", "CPS:SK86443"]}, {"type": "chrome", "idList": ["GCSA-4830242147321115275"]}, {"type": "cisco", "idList": ["CISCO-SA-20030930-SSL", "CISCO-SA-20040317-OPENSSL", "CISCO-SA-20051012-CVE-2005-2969", "CISCO-SA-20060905-CVE-2007-5810", "CISCO-SA-20091105-CVE-2009-3555", "CISCO-SA-20091109-TLS", "CISCO-SA-20140408-CVE-2014-0160", "CISCO-SA-20140409-ASA", "CISCO-SA-20140409-HEARTBLEED", "CISCO-SA-20140430-MXP", "CISCO-SA-20140430-TCTE", "CISCO-SA-20140605-OPENSSL", "CISCO-SA-20150320-OPENSSL"]}, {"type": "citrix", "idList": ["CTX140605", "CTX140876", "CTX216642"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:2612C84317452E216670EAF7C553C9D4", "CFOUNDRY:51A1D2F1D196381CC46CAE44EB5F5940"]}, {"type": "cve", "idList": ["CVE-2003-0078", "CVE-2003-0131", "CVE-2003-0147", "CVE-2003-0543", "CVE-2003-0544", "CVE-2003-0545", "CVE-2004-0079", "CVE-2004-0112", "CVE-2004-0975", "CVE-2004-2682", "CVE-2005-0109", "CVE-2005-1730", "CVE-2005-2946", "CVE-2005-2969", "CVE-2006-2937", "CVE-2006-2938", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4340", "CVE-2006-4343", "CVE-2006-4408", "CVE-2006-4790", "CVE-2006-5179", "CVE-2006-5484", "CVE-2006-7140", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-3936", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-5298", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0390", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2131", "CVE-2012-2191", "CVE-2012-2333", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-1618", "CVE-2013-1619", "CVE-2013-1620", "CVE-2013-1621", "CVE-2013-1623", "CVE-2013-1624", "CVE-2013-2116", "CVE-2013-3587", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-0346", "CVE-2014-0964", "CVE-2014-2601", "CVE-2014-3470", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-0537", "CVE-2016-2107", "CVE-2018-0497"]}, {"type": "debian", "idList": ["DEBIAN:390904FFE148E120DF4B08FAFECE0584:DD9E5", "DEBIAN:9DE5BE8B4A3901853E275481E780A803:00C17", "DEBIAN:BSA-060:0BDFE", "DEBIAN:DLA-1518-1:A6705", "DEBIAN:DLA-1518-1:EF500", "DEBIAN:DLA-177-1:BC085", "DEBIAN:DLA-400-1:76CCE", "DEBIAN:DSA-1173-1:8498F", "DEBIAN:DSA-1174-1:77B2E", "DEBIAN:DSA-1185-1:2C57C", "DEBIAN:DSA-1185-2:4AF37", "DEBIAN:DSA-1195-1:12A42", "DEBIAN:DSA-1195-1:C6A33", "DEBIAN:DSA-1379-1:9887D", "DEBIAN:DSA-1379-1:DC268", "DEBIAN:DSA-1379-2:1563C", "DEBIAN:DSA-1379-2:61285", "DEBIAN:DSA-1571-1:611C4", "DEBIAN:DSA-1888-1:9C570", "DEBIAN:DSA-1934-1:46132", "DEBIAN:DSA-1934-1:699DB", "DEBIAN:DSA-1970-1:9C793", "DEBIAN:DSA-1970-1:F15BE", "DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2125-1:4BD9E", "DEBIAN:DSA-2141-1:1F9CB", "DEBIAN:DSA-2141-1:49345", "DEBIAN:DSA-2141-1:4DDA2", "DEBIAN:DSA-2141-1:7D2D7", "DEBIAN:DSA-2141-2:2C2CF", "DEBIAN:DSA-2141-2:D493B", "DEBIAN:DSA-2141-4:01EC7", "DEBIAN:DSA-2141-4:2215A", "DEBIAN:DSA-2161-2:41E9C", "DEBIAN:DSA-2162-1:98AFD", "DEBIAN:DSA-2390-1:7F77A", "DEBIAN:DSA-2392-1:5DB15", "DEBIAN:DSA-2454-1:93836", "DEBIAN:DSA-2454-2:7B396", "DEBIAN:DSA-2475-1:7CF3B", "DEBIAN:DSA-253-1:CEE72", "DEBIAN:DSA-253-1:FA5F0", "DEBIAN:DSA-2579-1:8CFD9", "DEBIAN:DSA-2579-1:FB7C4", "DEBIAN:DSA-2621-1:52BC0", "DEBIAN:DSA-2622-1:EE504", "DEBIAN:DSA-2626-1:B9AE9", "DEBIAN:DSA-2627-1:E508D", "DEBIAN:DSA-2833-1:2F675", "DEBIAN:DSA-2837-1:B2C11", "DEBIAN:DSA-288-1:57975", "DEBIAN:DSA-288-1:5A654", "DEBIAN:DSA-2896-1:7AEC1", "DEBIAN:DSA-2896-1:B52FE", "DEBIAN:DSA-2896-2:26053", "DEBIAN:DSA-2896-2:FEB91", "DEBIAN:DSA-2908-1:D0E09", "DEBIAN:DSA-2931-1:4EA47", "DEBIAN:DSA-2950-1:15DF5", "DEBIAN:DSA-2950-2:DC295", "DEBIAN:DSA-3197-1:88E12", "DEBIAN:DSA-3197-1:95CA8", "DEBIAN:DSA-3197-2:1B781", "DEBIAN:DSA-3197-2:E7D2C", "DEBIAN:DSA-3253-1:0C444", "DEBIAN:DSA-393-1:6D39D", "DEBIAN:DSA-394-1:84FAE", "DEBIAN:DSA-394-1:9FB3C", "DEBIAN:DSA-465-1:89280", "DEBIAN:DSA-603-1:7E226", "DEBIAN:DSA-603-1:8E749", "DEBIAN:DSA-875-1:180DB", "DEBIAN:DSA-875-1:7BDE0", "DEBIAN:DSA-881-1:74299", "DEBIAN:DSA-881-1:DF86E", "DEBIAN:DSA-882-1:351B9", "DEBIAN:DSA-882-1:E2C87", "DEBIAN:DSA-888-1:1BAB0", "DEBIAN:DSA-888-1:F9951", "DEBIAN:SSL-:00C17", "DEBIAN:SSL-:DD9E5"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2003-0078", "DEBIANCVE:CVE-2003-0131", "DEBIANCVE:CVE-2003-0147", "DEBIANCVE:CVE-2003-0543", "DEBIANCVE:CVE-2003-0544", "DEBIANCVE:CVE-2003-0545", "DEBIANCVE:CVE-2004-0079", "DEBIANCVE:CVE-2004-0112", "DEBIANCVE:CVE-2004-0975", "DEBIANCVE:CVE-2005-2946", "DEBIANCVE:CVE-2005-2969", "DEBIANCVE:CVE-2006-2937", "DEBIANCVE:CVE-2006-2940", "DEBIANCVE:CVE-2006-3738", "DEBIANCVE:CVE-2006-4339", "DEBIANCVE:CVE-2006-4340", "DEBIANCVE:CVE-2006-4343", "DEBIANCVE:CVE-2007-3108", "DEBIANCVE:CVE-2007-4995", "DEBIANCVE:CVE-2007-5135", "DEBIANCVE:CVE-2008-0891", "DEBIANCVE:CVE-2008-1672", "DEBIANCVE:CVE-2009-1377", "DEBIANCVE:CVE-2009-1378", "DEBIANCVE:CVE-2009-1379", "DEBIANCVE:CVE-2009-3555", "DEBIANCVE:CVE-2009-4355", "DEBIANCVE:CVE-2010-0742", "DEBIANCVE:CVE-2010-1633", "DEBIANCVE:CVE-2010-3864", "DEBIANCVE:CVE-2010-5298", "DEBIANCVE:CVE-2011-0014", "DEBIANCVE:CVE-2011-3207", "DEBIANCVE:CVE-2011-4108", "DEBIANCVE:CVE-2011-4576", "DEBIANCVE:CVE-2011-4577", "DEBIANCVE:CVE-2011-4619", "DEBIANCVE:CVE-2012-0050", "DEBIANCVE:CVE-2012-0390", "DEBIANCVE:CVE-2012-0884", "DEBIANCVE:CVE-2012-1165", "DEBIANCVE:CVE-2012-2110", "DEBIANCVE:CVE-2012-2131", "DEBIANCVE:CVE-2012-2333", "DEBIANCVE:CVE-2012-4929", "DEBIANCVE:CVE-2013-0166", "DEBIANCVE:CVE-2013-0169", "DEBIANCVE:CVE-2013-1619", "DEBIANCVE:CVE-2013-1620", "DEBIANCVE:CVE-2013-1624", "DEBIANCVE:CVE-2013-4353", "DEBIANCVE:CVE-2013-6449", "DEBIANCVE:CVE-2013-6450", "DEBIANCVE:CVE-2014-0160", "DEBIANCVE:CVE-2014-0195", "DEBIANCVE:CVE-2014-0198", "DEBIANCVE:CVE-2014-0221", "DEBIANCVE:CVE-2014-0224", "DEBIANCVE:CVE-2014-3470", "DEBIANCVE:CVE-2015-0209", "DEBIANCVE:CVE-2015-0286", "DEBIANCVE:CVE-2015-0287", "DEBIANCVE:CVE-2015-0288", "DEBIANCVE:CVE-2015-0289", "DEBIANCVE:CVE-2015-0292", "DEBIANCVE:CVE-2015-0293", "DEBIANCVE:CVE-2016-2107", "DEBIANCVE:CVE-2018-0497"]}, {"type": "exploitdb", "idList": ["EDB-ID:10579", "EDB-ID:18756", "EDB-ID:28726", "EDB-ID:32745", "EDB-ID:32764", "EDB-ID:32791", "EDB-ID:32998", "EDB-ID:4773", "EDB-ID:8720", "EDB-ID:8873"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:034D322B9C4D058098E22E5788CDA9A0", "EXPLOITPACK:1020403320036D688D074B47660E9F50", "EXPLOITPACK:2D0FC1C1F2F124951BBCC7BB430D23D1", "EXPLOITPACK:596E856FF8E5B47CBB4EE985B0B99685", "EXPLOITPACK:7E23ECB6ACB9195DA6326D4A18279A6B", "EXPLOITPACK:85DFC07A21CE638C0F80271A05CBC86C", "EXPLOITPACK:8B4E7E8DAE5A13C8250C6C33307CD66C", "EXPLOITPACK:B68BB9381148CAC1A9824EB84CA5D160", "EXPLOITPACK:BBA53240047E43646B744C9628FA5EFD", "EXPLOITPACK:E5ADFE523AF247AA238C3E63EF7B0A8F"]}, {"type": "f5", "idList": ["F5:K10534046", "F5:K10737", "F5:K12566", "F5:K13597", "F5:K13598", "F5:K14054", "F5:K14059", "F5:K14190", "F5:K14261", "F5:K15020041", "F5:K15158", "F5:K15159", "F5:K15305", "F5:K15314", "F5:K15318", "F5:K15325", "F5:K15328", "F5:K15329", "F5:K15342", "F5:K15356", "F5:K15359", "F5:K15622", "F5:K15630", "F5:K15637", "F5:K16302", "F5:K16317", "F5:K16319", "F5:K16320", "F5:K16321", "F5:K16323", "F5:K17248", "F5:K17454", "F5:K2319", "F5:K2355", "F5:K2379", "F5:K3082", "F5:K6623", "F5:K6734", "F5:K8106", "F5:K8108", "F5:K8837", "F5:K93600123", "F5:K93959105", "SOL10737", "SOL12566", "SOL13597", "SOL13598", "SOL14054", "SOL14059", "SOL14190", "SOL14261", "SOL15147", "SOL15158", "SOL15159", "SOL15180", "SOL15305", "SOL15314", "SOL15318", "SOL15325", "SOL15328", "SOL15329", "SOL15342", "SOL15343", "SOL15350", "SOL15355", "SOL15356", "SOL15359", "SOL15366", "SOL15388", "SOL15389", "SOL15401", "SOL15405", "SOL15417", "SOL15461", "SOL15630", "SOL15637", "SOL15721", "SOL16285", "SOL16302", "SOL16317", "SOL16318", "SOL16319", "SOL16320", "SOL16321", "SOL16323", "SOL17248", "SOL17454", "SOL2319", "SOL2355", "SOL2379", "SOL5533", "SOL6623", "SOL6734", "SOL8106", "SOL8108", "SOL8837", "SOL93600123"]}, {"type": "fedora", "idList": ["FEDORA:051C71116F9", "FEDORA:071841106DB", "FEDORA:0890F224F5", "FEDORA:09491110673", "FEDORA:09F5C6091601", "FEDORA:0C0C510F85F", "FEDORA:0C15321D97", "FEDORA:0FD0F10F8DA", "FEDORA:113372305B", "FEDORA:13A9D6049716", "FEDORA:13B146087AAB", "FEDORA:144BA1104EC", "FEDORA:176C3219DB", "FEDORA:1B80628EDC8", "FEDORA:2098021F25", "FEDORA:2A08D6087C06", "FEDORA:340B120DED", "FEDORA:37F8D10F892", "FEDORA:381402161C", "FEDORA:38DF511115F", "FEDORA:391F521A28", "FEDORA:3BA3010F892", "FEDORA:40D44605DFE4", "FEDORA:4227660CA765", "FEDORA:4329260E587A", "FEDORA:4853B37D0F", "FEDORA:4C4E710F878", "FEDORA:4C502110FE5", "FEDORA:4F615218BE", "FEDORA:5429A1108EB", "FEDORA:5502F10F89D", "FEDORA:564D5110A27", "FEDORA:58E1828ED7E", "FEDORA:59B0310F861", "FEDORA:5CD8320BD3", "FEDORA:5F614206D5", "FEDORA:611D110F917", "FEDORA:61A8C10FC13", "FEDORA:679F221C24", "FEDORA:6A214110D58", "FEDORA:6B3FC110D28", "FEDORA:6CE3D20E51", "FEDORA:6DE61110C21", "FEDORA:6EB0220FFA", "FEDORA:706B621DA0", "FEDORA:776A61D72B0", "FEDORA:7B6536093B4C", "FEDORA:7C53320C61", "FEDORA:7DB7E10F8B0", "FEDORA:7EA761108D8", "FEDORA:811AA20A83", "FEDORA:817C710F8A2", "FEDORA:8385C29043", "FEDORA:8559B21FC8", "FEDORA:89AF1217C1", "FEDORA:8A43D110815", "FEDORA:8D2D811080B", "FEDORA:8ED3020FF6", "FEDORA:90F2B2192D", "FEDORA:9278321934", "FEDORA:92F6E2172E", "FEDORA:997B660D68A4", "FEDORA:9DFF1E720F", "FEDORA:A271421BA0", "FEDORA:A4305225F0", "FEDORA:A69386143D9F", "FEDORA:A89A021670", "FEDORA:AA6CF2159C", "FEDORA:AD9B611063F", "FEDORA:B31D6110781", "FEDORA:BA663110F8E", "FEDORA:BA848210A3", "FEDORA:BA97628855", "FEDORA:BBBCA110998", "FEDORA:BEF4320C89", "FEDORA:C01F021E98", "FEDORA:C041720764", "FEDORA:C277D20308", "FEDORA:C411B20546", "FEDORA:C42A8110D0A", "FEDORA:C6E3221DBD", "FEDORA:C7B0010F8AD", "FEDORA:C8F7F110906", "FEDORA:C9F3119737F", "FEDORA:CA1A06087CE1", "FEDORA:CA803208421", "FEDORA:CA868607A1CD", "FEDORA:CBD0920588", "FEDORA:D331C6087C6A", "FEDORA:D3A711119A1", "FEDORA:D404110F950", "FEDORA:D560A20FC7", "FEDORA:D9C0A2139E", "FEDORA:DB226111816", "FEDORA:DBB0F21109", "FEDORA:DDD696087CE5", "FEDORA:E042E10F89C", "FEDORA:E36CC10FA25", "FEDORA:E3F6C10FD89", "FEDORA:E67696087B8D", "FEDORA:E880C1107B8", "FEDORA:EABE2110DCF", "FEDORA:EDD1B2141A", "FEDORA:F1AD728EDBF", "FEDORA:F38FB60CBEE0", "FEDORA:L76HVKWG014544", "FEDORA:L7DLNCJX011059", "FEDORA:L9FK5UIB022989", "FEDORA:L9I2PTVZ007013", "FEDORA:M4V2DWYQ023924"]}, {"type": "fortinet", "idList": ["FG-IR-14-011", "FG-IR-14-018", "FG-IR-15-008", "FG-IR-17-137"]}, {"type": "freebsd", "idList": ["00B0D8CD-7097-11E2-98D9-003067C2616F", "077C2DCA-8F9A-11DB-AB33-000E0C2E438A", "0B8D7194-CA88-11E3-9D8D-C80AA9043978", "0F37D765-C5D4-11DB-9F82-000E0C2E438A", "180E9A38-060F-4C16-A6B7-49F3505FF22A", "1959E847-D4F0-11E3-84B0-0018FE623F2B", "1FE734BF-4A06-11DB-B48D-00508D6A62DF", "2AE114DE-C064-11E1-B5E0-000C299B62E1", "2ECB7B20-D97E-11E0-B2E2-00215C6A37BB", "3042C33A-F237-11DF-9D02-0018FE623F2B", "5631AE98-BE9E-11E3-B5E3-C80AA9043978", "5AAA257E-772D-11E3-A65A-3C970E169BC2", "5AC53801-EC2E-11E3-9CF3-3C970E169BC2", "5C5F19CE-43AF-11E1-89B4-001EC9578670", "60E26A40-3B25-11DA-9484-00123FFE8333", "60EB344E-6EB1-11E1-8AD7-00E0815B8DA8", "68233CBA-7774-11D8-89ED-0020ED76EF5A", "69BFC852-9BD0-11E2-A7BE-8C705AF55518", "7184F92E-8BB8-11E1-8D7B-003067B2972C", "78CC8A46-3E56-11E1-89B4-001EC9578670", "82B55DF8-4D5A-11DE-8811-0030843D3802", "9CCFEE39-3C3B-11DF-9EDC-000F20797EDE", "9D15355B-CE7C-11E4-9DB0-D050992ECDE8", "C97D7A37-2233-11DF-96DD-001B2134EF46", "DBA5D1C9-9F29-11E1-B511-003067C2616F"]}, {"type": "gentoo", "idList": ["GLSA-200403-03", "GLSA-200411-15", "GLSA-200510-11", "GLSA-200609-05", "GLSA-200610-06", "GLSA-200610-11", "GLSA-200612-11", "GLSA-200710-06", "GLSA-200710-30", "GLSA-200806-08", "GLSA-200912-01", "GLSA-201006-18", "GLSA-201110-01", "GLSA-201110-05", "GLSA-201203-12", "GLSA-201203-22", "GLSA-201206-18", "GLSA-201301-01", "GLSA-201309-12", "GLSA-201309-15", "GLSA-201310-10", "GLSA-201311-13", "GLSA-201312-03", "GLSA-201401-30", "GLSA-201402-25", "GLSA-201404-07", "GLSA-201406-32", "GLSA-201407-05", "GLSA-201408-19", "GLSA-201412-11", "GLSA-201412-39", "GLSA-201503-11"]}, {"type": "github", "idList": ["GHSA-8353-FGCR-XFHX"]}, {"type": "githubexploit", "idList": ["ECC3E825-EE29-59D3-BE28-1B30DB15940E"]}, {"type": "hackerone", "idList": ["H1:44294", "H1:49139", "H1:50885", "H1:5617", "H1:6626", "H1:73236"]}, {"type": "hp", "idList": ["HP:C04262495", "HP:C04262670", "HP:C04272043", "HP:C04451722"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20140417-HEARTBLEED", "HUAWEI-SA-20140613-OPENSSL"]}, {"type": "ibm", "idList": ["045DF1202D179679EADDD7C7D4DC1332D8A557CA511775BC45FC7FCC4AD803E8", "065C6267E33F60E263D9B7F689F432B3413883F6EF7A0BE4EDF4BB598847FCFA", "094C676690DD74F0A877C604DAE40B5DBAAF1713090F5D65D95FB5F47C419C9C", "0CA57BDC2A5B29D7A05B000C9F4660CECD108471C93FE144B5B5B7B541E5DB80", "0D459600B092B85E783E0A6371C3E1BFEDCD18BC648ACAA512F5FB9EF050A910", "0F73246124CA58D05064BB5D07082DCA6F2A1D48630CAAC82BCFFB4A71F45CA7", "129E5B62D60732128A0EC19397E58D4329EE7F4D46AC1C97DF6F8DFCAEB8C3C7", "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "17F2DE1F272EBF8E1F0E16B3A3D0C121D7F53002360A33B2E318E8910C665E9D", "19FAFF710B3E3738F8567DADBCF7C6BE9748A2C12CD349CA0B858BA9A26AB606", "1BF3F83E9C70EE854C61B8530F6C49C87B34D98B653CF9884D471690F1C364D6", "1DC0A9C6D3EFE4EEA571DAAA9286B8F974D5ECF8F3BAAA188781D697B6DC2546", "1E8933569F7AACD6AB5F73196F8930386DBFB5F49E264DAFEB5AC02CAFAFCCD1", "1F28273F958E55F6FE1789A83C92EDED4F2AAA3B9D872DA2CEAA127470C88CCE", "2244436F502BD4ED1C081FDC68E7A71143D7F9B0E35067F1C1C77FB61470EC9B", "236329FBB4C57928A51AF5989855EBBE8AEFC2496ED2345E1CE8C703B7EA9BD5", "27B62FE6F75F2FDC77F417B2E4F70DB2ACC8E40CF9E9E25340B88A272207CE07", "2A5E5140226F7DD38A791DE1E8EE7913E3512D8FCB1A86411DA5AFF49D8E6F4A", "2CCCFECF7034A5A1D355B5AC5A6B9921B110FA2AC9C433FE292E8D3F30B1DBB1", "30CD66983833C710FEBDBB86E620F78B1353E7BF41B44CC7EBCBE9581842BA01", "31C0AFB718E47F2565BB2125DFEA05544B924823108F7C7BE892843715FA5571", "3258D879016CCEB97F8F543943D502B2C423771C5D452641CB88919F035248B5", "388EFD8B007684B48001D31307078170D5DBF01AEACBC98F2CB6247B827493F8", "38C10729B52D66D506D73699F25550ED954F6FBB1D4528C0F73FB29711CC7852", "3B57923CAB505EF521BBA172A4E2D8A03F9751E11D84F9D7571E2F66E3F439C9", "3CC341F512B972FA400DC2567F88C930644A1B4BA4DC7920EA85D111D730075C", "3F34D8EA25B1CFED1F77BE0A29D70083D293CF0532267E430A4F453410CE1576", "3F620340060D88E0720BA249D5F4ACA92F27A7CB779A70DE86567AF5830BFFEE", "3FECBC639ADFEB79371F9900171834D9C0E821EFFB9AE772387931314E921F6F", "42CDE43C2F08FD3C2E311B9F3BB48950BDFCDDA3BF0F895A9FF7750A3690B573", "467A4726E3E7AEF66C203B003944DA9B03EEFBD2B1D75CD15AF1455C2AF4B2E8", "53CE956F3CE348727C882EA932D60E2D4C329F872D27271C7562AA5A6027B697", "583215B42F049307CBBCA8930CB40F87016DA7B011EFC8B5B01AB18DCA1B1F3E", "58E3C1C2679E08843B1DDFB050BD05651CBE0B5711398A1A5BB83E98D5839C8A", "6234195C7E31959F34FEEB3A01B3AE191F8EB55B62E74A9D49559D08BB9DC38C", "63D38F71582A2FD4A2EB4EEBBD8E93ECFB4B3FA1A98D545F9F3D9A6E747E0174", "650A9A77211F69137BAC17D5E4298C2133FCCDC13927C805DB7059805C98DEEA", "69F32F166EB30A983D321FEF01D6359F9C720CB30502BC0DC1A0C7C9E4BECE5F", "6A9D776A5DCA8DC833373833D988E134B60F05259FF378B7B8590B9714CF2ECE", "6D2739CB5EEAA7A3A1C71DE6B8DA41787C1350B34294A49002DC1ACAF827BCB8", "715F6FCB6F0439BFFCBB62E35AA259E82714E1A115B2957FFCD8F27BEB0EDCA6", "76ED8A969B89E917406E6428B20653B4CA4683B94EF0C818185ED8F868517B34", "777F0F4D068445CD2731DBBEDCB91CDA67C414E34826465D084D57BB6B054DF3", "78A64C39F176939E6FD5A7908A5E672F4858F0C8227A3F04047AC1A3364EDC0B", "7B8C92E9AC4C0844C5F46693E5D64A4DA51AE8805503D286BACEE2AB0D71C389", "7C26356586DAA6B4E139C967C18B932D1A22571BB403D6733844A6FF84BCFD1B", "7D0E5A7E08D2A1C445DDBAF53CAC0637D270176243B7EF28DE13FA0114E07937", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7EAF5CB207E5D468583094D39BFEB783DDAF939EF5BB4632C3FB6CBE7F70A7E3", "8343792166570C1EFFDE17C0CE71E2BFA9FAFD2B634FE6633BDB666B9BB31F52", "8600D4FE1C84EFD70C8C1A94E48F4DDFC42B18B82D5F8C7EE6D12E22048B63B3", "896307A4DE5A8A307511C17A3D7E04F8D4CB2D14EA0FBA42C535CB5B4F0A58D5", "8A850F68BD149B3067B0797B42467FB57DD5C63D8F82368476874FEE25B2084C", "8DF4CCE6D3B3BD6718CF128480B98B065BFD992080DFAD9ADB995CF2532B7EDF", "8FB0EF2BC912FEF8086EDA6A85F6EADBA8F6FD58431B3D97965CB05312955112", "915F25F9D4BBEE1CAACAA6F5FD6ACC3E18033BE658B9A06B8B13ACD613C9B6FD", "9565FEEA0E13F1CACE459E1DD36D5E9CAB4712E2148193C52D850073C5948478", "98DF90031B7BA31AA32E8B46921FD9F2DC1C82F868B4E85A245FC2D6CE4B1B9C", "9B0ACFF452374706F764D4FEC5E66F5BE1222C2B9DE832C586470B864A90F392", "9CFE387228EDF2444E256198F05B5F01FFC949159C2A45DBC145447CA2120FC2", "9ED43BB4CDEE5996AFFBB8BE301CBD62289B8BB9EA59070D1212F4A49D97E29F", "9F83ED7D961B69342BBB0C4157AF6D1AD1EF3528F0C8EC1218A10D5B884F6B87", "A13CD0434706AFE250A0195612E2504B6A23E6C6A50F2939677B3EA7AE5AFBFA", "A42ABE22F0128678735B56257D9DE3402E0C42653ADA27B207D1047F571D15F1", "A8AFB71992370CD8AF9340FB766CB133288126FDA64D60A67D3B25CD154F2C52", "AD24DE9115423BB2CB3853497E4C1DA1D8E55916F0CE3AEE3253F8DF8FFFE439", "AD3DEE6A50AC4F6651955CE510E56DC0170683854BF573E9389CCA2769B638B1", "B0AEB074FFA0854656EFE3CAF612805ED0F2B662B12263D2B3084481427FAB2B", "B2A692687E0D397416E3549B4377E5B3319BF086A451607250B307F6DEECCF53", "BB06E8BD028B2DF581C4E507E45CF66921EDD872018812A67B8FFD9CD3141ABF", "BC14F6832E7A855373319126E5CF0A69CAAC1369B245AE25C03158E47AD57D0A", "BC57AC1056A61CC76843C47F735B452A5A5F844C70175A7728D7F6370F0B6261", "BF213EBF65AF92778246EF4D81BE5B1C231E52C3E877DD795B29DD878DDC4E68", "C2E1B6F103D16592590804EC21CC266225CDAA4E931E62E62D9FD5256D6D1B8D", "C359E298B12358DC12E6A45A12F75C3BB2B1939DCD44D41BC06D12AB4EFD80F8", "C44E07EA5086C9BEBD0E896839F7E52E6DE1B379F604FBD6F4A29FB1A0D32827", "C5F0A3013333B48D4C08CB3D13549994F17CDBB3EA06E50A46D8068D5A06FCAC", "C62E2592B0FCAE9D52C20B9C7B33E6431777A77035FEB591505DA1F783B680C2", "C886374FAD3679EE6A5BD963F389F833A405B75137FC01C5D8C98D9F3D152423", "C99D1694993A63B13B3DCDE59C9A05AD82DBBD904140AE1DFD691BB96CB5D0D2", "CBF5B58619D36ED312FC4688C097EBB0F7663A8786B134805154837BCA67ED12", "CEA8562241BE5A645E85774FF42FC74D03D022DC3900B1FAA02C44BE43266A35", "D05CCE78047F8DFA45B21DFE0E7EB2FF33240CC3C29D657E0AFDDBDB1AD579FB", "D09ABF92F9241537F2411A406C8EBC7E6385C510450FCBD8E4BEA2A58ED1A1F8", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D4D42F15E592E98F112EFA53B5158D86EA79E4A7294251AB7991615DF7CA6494", "DB1D092F7A9003CE3422469DC672EF5AA2F47316275AF699D295717C3F15DF23", "DBE2C597A340BB7900131FBD56B9725ABD555479F4A26F00BC0341CBA4E926B2", "DD6D1ADB4E0823703EC8B875E430BC4DA6EC03FE4D9BEBF09A0A0BA75C5488A1", "DD74A94DCFD49E41C76C5DDF42C914B945842C457C59BD3AA077859815577B84", "DEC8B1857975B965D873A8BB6F56B19058C4EFA0C242EB808E499279F11EE7B2", "DEE9AFF0B712A89D4448E22F7E754C2582FE9F4F5ECD4927D6EFFA568D528127", "E05BB8F45DC047A2895F7AC85F4B8A9F55D22D985F0D4F65E95F3141873851DC", "E0B94384680B705B44FF092CCD406D3C21502CF270D0853EFD258F97DB74E953", "E59ACF3695AD2CD789F134AAEEB562DA1F3666F9F39B6C6075E68D3EB0B3D646", "E7C680A93C62F0B55F2401C00071445427D43012DF7D06E7DC5A5AB3EC669708", "E87EAFF9A690EF73173B8906D395F6E156410F444E128481E2FF5995C827F5C8", "E968D5EDF80FD5A67D3FB4F777F2CF43CB076659D0CBC8ED4BEF3BDE224F50B9", "F3CCE399EBF8E0219B3D30EEF7F522C3290C31BEBAFE8248755CFA8EE7793280", "F3D0670515A02D7CDDE09BF21416666DF78E27F0D06E2A9072A83D9BCBAABEBC", "F481795A6FFE2977136F114C95687BE8F335EE9CADA223D9A249BC76B5EC8D5F", "F5B4855A2BDF3424779D9A7DEEC69330CBD0503AFAA4BF2D919922C8B5B9AAE7", "F6AFA8ACEF585CD43E06DE7164EBB8240A1255197762E88CB2BA50823C840FA9", "F7B18297158774ACB53730B0EDA1769CE1870FC3ACD164CDD833ED2C0723B090", "FB0E745575ABD33F44D9E76B74AC2CFBE84B2A1963AEE86E3AB5E79959011318", "FB3709EBFC8A5FAB2E4236B7D00B54901E29184F499A4CDC2801BEC9E4905342", "FCEEB61FFF0AA043526B3AD29A5AA38A5A5E8F0EBFEBFB7196BA2301B080971B", "FD7351ECB85A42C62F9023BAC5EEEAF6CF37D6FC6389D561479E0D751AD3BA8F", "FE3BD282967A6B7E515961E80162D820AFB7A6484790830E840CF40337EF3235", "FE752375F93FC92B2A9739798BAB02AD01A97863DA8F24EEBD0ACD3ABB213574", "FE7B997F67C37DFC6E3439F0BA52314A66B42B21A8011BE962695F0F97CCBF03", "FFCC3373408F02CC542763623853BD92D404CF7A56813566A2A692A6EC5C572D"]}, {"type": "ics", "idList": ["ICSA-14-105-02A", "ICSA-14-105-03B", "ICSA-14-114-01", "ICSA-14-126-01A", "ICSA-14-128-01", "ICSA-14-135-02", "ICSA-14-135-04", "ICSA-14-135-05", "ICSA-14-198-03G", "ICSA-15-344-01", "ICSA-17-094-04", "ICSA-19-192-04", "ICSA-22-097-01", "ICSA-22-160-01"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00037", "INTEL:INTEL-SA-00039"]}, {"type": "jvn", "idList": ["JVN:23632449", "JVN:51615542", "JVN:61247051", "JVN:65273415"]}, {"type": "kaspersky", "idList": ["KLA10266", "KLA10382", "KLA10479", "KLA10630"]}, {"type": "kitploit", "idList": ["KITPLOIT:6228086289371789135", "KITPLOIT:6372579284509577146", "KITPLOIT:7013881512724945934", "KITPLOIT:7553690576096019209", "KITPLOIT:7835941952769002973", "KITPLOIT:7942195329946074809", "KITPLOIT:8024306166267359540", "KITPLOIT:8150556845533626750", "KITPLOIT:8661324951126484733", "KITPLOIT:8672599587089685905", "KITPLOIT:8800200070735873517"]}, {"type": "lenovo", "idList": ["LENOVO:PS500190-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2013-0290", "MGASA-2014-0008", "MGASA-2014-0012", "MGASA-2014-0165", "MGASA-2014-0187", "MGASA-2014-0204", "MGASA-2014-0255", "MGASA-2014-0256", "MGASA-2015-0111"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:AC8C8799BB0970C229AB0C432EECB10A"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY-DOS-SSL-DTLS_FRAGMENT_OVERFLOW-", "MSF:AUXILIARY-GATHER-SSLLABS_SCAN-", "MSF:AUXILIARY-SCANNER-SSL-OPENSSL_CCS-"]}, {"type": "mozilla", "idList": ["MFSA2006-60", "MFSA2010-22"]}, {"type": "mskb", "idList": ["KB980436"]}, {"type": "myhack58", "idList": ["MYHACK58:62201444409"]}, {"type": "n0where", "idList": ["N0WHERE:76566"]}, {"type": "nessus", "idList": ["1515.PRM", "2183.PRM", "3042.PRM", "3112.PRM", "3308.PRM", "3755.PRM", "4221.PRM", "4521.PRM", "4632.PRM", "5339.PRM", "5349.PRM", "5356.PRM", "5358.PRM", "5494.PRM", "5495.PRM", "5496.PRM", "5556.PRM", "5559.PRM", "5564.PRM", "5667.PRM", "5782.PRM", "5924.PRM", "5968.PRM", "6022.PRM", "6129.PRM", "6288.PRM", "6400.PRM", "6699.PRM", "6857.PRM", "6868.PRM", "7108.PASL", "800554.PRM", "800790.PRM", "8008.PRM", "800857.PRM", "801016.PRM", "801052.PRM", "801053.PRM", "801054.PRM", "801057.PRM", "801059.PRM", "801061.PRM", "801065.PRM", "801067.PRM", "801276.PRM", "801278.PRM", "801619.PRM", "801937.PRM", "801938.PRM", "8064.PRM", "8194.PRM", "8253.PRM", "8386.PRM", "8394.PRM", "8661.PRM", "8662.PRM", "8801.PRM", "8979.PRM", "8982.PRM", "ADOBE_FMS_4_0_2.NASL", "AIX_OPENSSL_ADVISORY13.NASL", "AIX_OPENSSL_ADVISORY2.NASL", "AIX_OPENSSL_ADVISORY3.NASL", "AIX_OPENSSL_ADVISORY4.NASL", "AIX_OPENSSL_ADVISORY5.NASL", "AIX_OPENSSL_ADVISORY6.NASL", "AIX_OPENSSL_ADVISORY7.NASL", "AIX_OPENSSL_ADVISORY8.NASL", "AIX_OPENSSL_ADVISORY9.NASL", "AIX_SSL_ADVISORY.NASL", "ALA_ALAS-2011-04.NASL", "ALA_ALAS-2011-4.NASL", "ALA_ALAS-2012-38.NASL", "ALA_ALAS-2012-62.NASL", "ALA_ALAS-2012-72.NASL", "ALA_ALAS-2012-73.NASL", "ALA_ALAS-2012-85.NASL", "ALA_ALAS-2013-162.NASL", "ALA_ALAS-2013-163.NASL", "ALA_ALAS-2013-171.NASL", "ALA_ALAS-2014-273.NASL", "ALA_ALAS-2014-320.NASL", "ALA_ALAS-2014-349.NASL", "ALA_ALAS-2014-350.NASL", "ALA_ALAS-2014-351.NASL", "ALA_ALAS-2015-498.NASL", "ALA_ALAS-2016-682.NASL", "APACHE_2_0_64.NASL", "APACHE_2_2_15.NASL", "APPLE_IOS_90_CHECK.NBIN", "ATTACHMATE_REFLECTION_70_SP1.NASL", "ATTACHMATE_REFLECTION_HEARTBLEED.NASL", "ATTACHMATE_REFLECTION_SECURE_IT_FOR_WIN_CLIENT_HEARTBLEED.NASL", "ATTACHMATE_REFLECTION_X_HEARTBLEED.NASL", "BLACKBERRY_ES_UDS_KB35882.NASL", "BLUECOAT_PROXY_AV_3_5_1_9.NASL", "BLUECOAT_PROXY_SG_4_X_OPENSSL.NASL", "BLUECOAT_PROXY_SG_6_2_15_6.NASL", "BLUECOAT_PROXY_SG_6_4_6_4.NASL", "BLUECOAT_PROXY_SG_6_5_3_6.NASL", "BLUECOAT_PROXY_SG_6_5_4_4.NASL", "BLUECOAT_PROXY_SG_6_5_7_5.NASL", "CENTOS_RHSA-2005-476.NASL", "CENTOS_RHSA-2005-800.NASL", "CENTOS_RHSA-2005-830.NASL", "CENTOS_RHSA-2006-0661.NASL", "CENTOS_RHSA-2006-0695.NASL", "CENTOS_RHSA-2007-0813.NASL", "CENTOS_RHSA-2007-0964.NASL", "CENTOS_RHSA-2007-1003.NASL", "CENTOS_RHSA-2009-1335.NASL", "CENTOS_RHSA-2009-1579.NASL", "CENTOS_RHSA-2009-1580.NASL", "CENTOS_RHSA-2010-0054.NASL", "CENTOS_RHSA-2010-0162.NASL", "CENTOS_RHSA-2010-0163.NASL", "CENTOS_RHSA-2010-0164.NASL", "CENTOS_RHSA-2010-0165.NASL", "CENTOS_RHSA-2010-0166.NASL", "CENTOS_RHSA-2010-0167.NASL", "CENTOS_RHSA-2010-0333.NASL", "CENTOS_RHSA-2010-0339.NASL", "CENTOS_RHSA-2010-0768.NASL", "CENTOS_RHSA-2012-0059.NASL", "CENTOS_RHSA-2012-0060.NASL", "CENTOS_RHSA-2012-0086.NASL", "CENTOS_RHSA-2012-0426.NASL", "CENTOS_RHSA-2012-0518.NASL", "CENTOS_RHSA-2012-0699.NASL", "CENTOS_RHSA-2013-0273.NASL", "CENTOS_RHSA-2013-0274.NASL", "CENTOS_RHSA-2013-0275.NASL", "CENTOS_RHSA-2013-0587.NASL", "CENTOS_RHSA-2014-0015.NASL", "CENTOS_RHSA-2014-0376.NASL", "CENTOS_RHSA-2014-0624.NASL", "CENTOS_RHSA-2014-0625.NASL", "CENTOS_RHSA-2014-0626.NASL", "CENTOS_RHSA-2014-1053.NASL", "CENTOS_RHSA-2015-0715.NASL", "CENTOS_RHSA-2015-0716.NASL", "CENTOS_RHSA-2015-0800.NASL", "CENTOS_RHSA-2016-0372.NASL", "CERBERUS_FTP_7_0_0_3.NASL", "CISCO-CSCUP22544-ACE.NASL", "CISCO-SA-20140605-OPENSSL-IOS.NASL", "CISCO-SA-20140605-OPENSSL-IOSXE.NASL", "CISCO-SA-20140605-OPENSSL-IOSXR.NASL", "CISCO-SA-20140605-OPENSSL-NXOS.NASL", "CISCO-SA-20150320-OPENSSL-IOS.NASL", "CISCO-SA-20150320-OPENSSL-IOSXE.NASL", "CISCO-VCS-CSCUO16472.NASL", "CISCO_ANYCONNECT_3_1_5170.NASL", "CISCO_ASA_CSCUP22532.NASL", "CISCO_JABBER_CLIENT_CSCUP23913.NASL", "CISCO_ONS_CSCUP24077.NASL", "CISCO_TELEPRESENCE_MCU_CSCUP23994.NASL", "CISCO_TELEPRESENCE_SUPERVISOR_8050_MSE_CSCUP22635.NASL", "DB2_101FP3A.NASL", "DB2_95FP6.NASL", "DB2_97FP2.NASL", "DB2_97FP9.NASL", "DB2_9FP9.NASL", "DEBIAN_DLA-1518.NASL", "DEBIAN_DLA-177.NASL", "DEBIAN_DLA-400.NASL", "DEBIAN_DSA-1173.NASL", "DEBIAN_DSA-1174.NASL", "DEBIAN_DSA-1185.NASL", "DEBIAN_DSA-1195.NASL", "DEBIAN_DSA-1379.NASL", "DEBIAN_DSA-1571.NASL", "DEBIAN_DSA-1888.NASL", "DEBIAN_DSA-1934.NASL", "DEBIAN_DSA-1970.NASL", "DEBIAN_DSA-2125.NASL", "DEBIAN_DSA-2141.NASL", "DEBIAN_DSA-2162.NASL", "DEBIAN_DSA-2390.NASL", "DEBIAN_DSA-2392.NASL", "DEBIAN_DSA-2454.NASL", "DEBIAN_DSA-2475.NASL", "DEBIAN_DSA-253.NASL", "DEBIAN_DSA-2579.NASL", "DEBIAN_DSA-2621.NASL", "DEBIAN_DSA-2622.NASL", "DEBIAN_DSA-2626.NASL", "DEBIAN_DSA-2627.NASL", "DEBIAN_DSA-2833.NASL", "DEBIAN_DSA-2837.NASL", "DEBIAN_DSA-288.NASL", "DEBIAN_DSA-2896.NASL", "DEBIAN_DSA-2908.NASL", "DEBIAN_DSA-2931.NASL", "DEBIAN_DSA-2950.NASL", "DEBIAN_DSA-3197.NASL", "DEBIAN_DSA-3253.NASL", "DEBIAN_DSA-393.NASL", "DEBIAN_DSA-394.NASL", "DEBIAN_DSA-465.NASL", "DEBIAN_DSA-603.NASL", "DEBIAN_DSA-875.NASL", "DEBIAN_DSA-881.NASL", "DEBIAN_DSA-882.NASL", "DEBIAN_DSA-888.NASL", "EMC_DOCUMENTUM_CONTENT_SERVER_ESA-2014-079.NASL", "EULEROS_SA-2019-1546.NASL", "EULEROS_SA-2019-1547.NASL", "EULEROS_SA-2019-1548.NASL", "EULEROS_SA-2019-1861.NASL", "EULEROS_SA-2019-1980.NASL", "EULEROS_SA-2019-2509.NASL", "EULEROS_SA-2020-1121.NASL", "EULEROS_SA-2020-1637.NASL", "EULEROS_SA-2020-1774.NASL", "EULEROS_SA-2020-2076.NASL", "F5_BIGIP_SOL10737.NASL", "F5_BIGIP_SOL14054.NASL", "F5_BIGIP_SOL14190.NASL", "F5_BIGIP_SOL14261.NASL", "F5_BIGIP_SOL15147.NASL", "F5_BIGIP_SOL15158.NASL", "F5_BIGIP_SOL15159.NASL", "F5_BIGIP_SOL15325.NASL", "F5_BIGIP_SOL15328.NASL", "F5_BIGIP_SOL15329.NASL", "F5_BIGIP_SOL15343.NASL", "F5_BIGIP_SOL15356.NASL", "F5_BIGIP_SOL15388.NASL", "F5_BIGIP_SOL15401.NASL", "F5_BIGIP_SOL15461.NASL", "F5_BIGIP_SOL15630.NASL", "F5_BIGIP_SOL15637.NASL", "F5_BIGIP_SOL16285.NASL", "F5_BIGIP_SOL16302.NASL", "F5_BIGIP_SOL16317.NASL", "F5_BIGIP_SOL16321.NASL", "F5_BIGIP_SOL16323.NASL", "F5_BIGIP_SOL17248.NASL", "F5_BIGIP_SOL5533.NASL", "F5_BIGIP_SOL6623.NASL", "F5_BIGIP_SOL6734.NASL", "F5_BIGIP_SOL8106.NASL", "F5_BIGIP_SOL8108.NASL", "F5_BIGIP_SOL93600123.NASL", "FEDORA_2004-095.NASL", "FEDORA_2005-1042.NASL", "FEDORA_2005-985.NASL", "FEDORA_2005-986.NASL", "FEDORA_2006-1004.NASL", "FEDORA_2006-953.NASL", "FEDORA_2007-1444.NASL", "FEDORA_2007-2530.NASL", "FEDORA_2007-661.NASL", "FEDORA_2007-725.NASL", "FEDORA_2008-4723.NASL", "FEDORA_2009-12229.NASL", "FEDORA_2009-12305.NASL", "FEDORA_2009-12604.NASL", "FEDORA_2009-12606.NASL", "FEDORA_2009-12747.NASL", "FEDORA_2009-12750.NASL", "FEDORA_2009-12775.NASL", "FEDORA_2009-12782.NASL", "FEDORA_2009-12968.NASL", "FEDORA_2009-13236.NASL", "FEDORA_2009-13250.NASL", "FEDORA_2009-5412.NASL", "FEDORA_2009-5423.NASL", "FEDORA_2009-5452.NASL", "FEDORA_2010-1127.NASL", "FEDORA_2010-16240.NASL", "FEDORA_2010-16294.NASL", "FEDORA_2010-16312.NASL", "FEDORA_2010-17826.NASL", "FEDORA_2010-17827.NASL", "FEDORA_2010-17847.NASL", "FEDORA_2010-3905.NASL", "FEDORA_2010-3929.NASL", "FEDORA_2010-3956.NASL", "FEDORA_2010-5357.NASL", "FEDORA_2010-5744.NASL", "FEDORA_2010-5942.NASL", "FEDORA_2010-6025.NASL", "FEDORA_2010-6039.NASL", "FEDORA_2010-6131.NASL", "FEDORA_2010-6279.NASL", "FEDORA_2010-8742.NASL", "FEDORA_2010-9421.NASL", "FEDORA_2010-9487.NASL", "FEDORA_2010-9518.NASL", "FEDORA_2010-9574.NASL", "FEDORA_2010-9639.NASL", "FEDORA_2011-12233.NASL", "FEDORA_2011-12281.NASL", "FEDORA_2011-1255.NASL", "FEDORA_2011-1273.NASL", "FEDORA_2011-5865.NASL", "FEDORA_2011-5876.NASL", "FEDORA_2011-5878.NASL", "FEDORA_2012-0232.NASL", "FEDORA_2012-0250.NASL", "FEDORA_2012-0702.NASL", "FEDORA_2012-0708.NASL", "FEDORA_2012-18035.NASL", "FEDORA_2012-4630.NASL", "FEDORA_2012-4659.NASL", "FEDORA_2012-4665.NASL", "FEDORA_2012-6343.NASL", "FEDORA_2012-6395.NASL", "FEDORA_2012-6403.NASL", "FEDORA_2012-7939.NASL", "FEDORA_2012-8014.NASL", "FEDORA_2012-8024.NASL", "FEDORA_2013-23768.NASL", "FEDORA_2013-23788.NASL", "FEDORA_2013-23794.NASL", "FEDORA_2013-2793.NASL", "FEDORA_2013-2834.NASL", "FEDORA_2013-4403.NASL", "FEDORA_2014-0456.NASL", "FEDORA_2014-0474.NASL", "FEDORA_2014-0476.NASL", "FEDORA_2014-13764.NASL", "FEDORA_2014-13777.NASL", "FEDORA_2014-1560.NASL", "FEDORA_2014-1567.NASL", "FEDORA_2014-17576.NASL", "FEDORA_2014-17587.NASL", "FEDORA_2014-4879.NASL", "FEDORA_2014-4910.NASL", "FEDORA_2014-4982.NASL", "FEDORA_2014-4999.NASL", "FEDORA_2014-5321.NASL", "FEDORA_2014-5337.NASL", "FEDORA_2014-7101.NASL", "FEDORA_2014-7102.NASL", "FEDORA_2014-9301.NASL", "FEDORA_2014-9308.NASL", "FEDORA_2015-4300.NASL", "FEDORA_2015-4303.NASL", "FEDORA_2015-4320.NASL", "FEDORA_2015-6855.NASL", "FEDORA_2015-6951.NASL", "FILEZILLA_SERVER_0944.NASL", "FIREEYE_OS_SB001.NASL", "FORTICLIENT_5_0_10.NASL", "FORTINET_FG-IR-14-011.NASL", "FORTINET_FG-IR-14-018.NASL", "FORTIOS_FG-IR-17-137.NASL", "FREEBSD_OPENSSL_CHANGECIPHERSPEC.NASL", "FREEBSD_PKG_00B0D8CD709711E298D9003067C2616F.NASL", "FREEBSD_PKG_077C2DCA8F9A11DBAB33000E0C2E438A.NASL", "FREEBSD_PKG_0B8D7194CA8811E39D8DC80AA9043978.NASL", "FREEBSD_PKG_0F37D765C5D411DB9F82000E0C2E438A.NASL", "FREEBSD_PKG_1959E847D4F011E384B00018FE623F2B.NASL", "FREEBSD_PKG_1FE734BF4A0611DBB48D00508D6A62DF.NASL", "FREEBSD_PKG_2AE114DEC06411E1B5E0000C299B62E1.NASL", "FREEBSD_PKG_2ECB7B20D97E11E0B2E200215C6A37BB.NASL", "FREEBSD_PKG_3042C33AF23711DF9D020018FE623F2B.NASL", "FREEBSD_PKG_5631AE98BE9E11E3B5E3C80AA9043978.NASL", "FREEBSD_PKG_5AAA257E772D11E3A65A3C970E169BC2.NASL", "FREEBSD_PKG_5AC53801EC2E11E39CF33C970E169BC2.NASL", "FREEBSD_PKG_5C5F19CE43AF11E189B4001EC9578670.NASL", "FREEBSD_PKG_60E26A403B2511DA948400123FFE8333.NASL", "FREEBSD_PKG_60EB344E6EB111E18AD700E0815B8DA8.NASL", "FREEBSD_PKG_68233CBA777411D889ED0020ED76EF5A.NASL", "FREEBSD_PKG_69BFC8529BD011E2A7BE8C705AF55518.NASL", "FREEBSD_PKG_7184F92E8BB811E18D7B003067B2972C.NASL", "FREEBSD_PKG_78CC8A463E5611E189B4001EC9578670.NASL", "FREEBSD_PKG_82B55DF84D5A11DE88110030843D3802.NASL", "FREEBSD_PKG_9CCFEE393C3B11DF9EDC000F20797EDE.NASL", "FREEBSD_PKG_9D15355BCE7C11E49DB0D050992ECDE8.NASL", "FREEBSD_PKG_C97D7A37223311DF96DD001B2134EF46.NASL", "FREEBSD_PKG_DBA5D1C99F2911E1B511003067C2616F.NASL", "GENTOO_GLSA-200403-03.NASL", "GENTOO_GLSA-200411-15.NASL", "GENTOO_GLSA-200510-11.NASL", "GENTOO_GLSA-200609-05.NASL", "GENTOO_GLSA-200610-06.NASL", "GENTOO_GLSA-200610-11.NASL", "GENTOO_GLSA-200612-11.NASL", "GENTOO_GLSA-200710-06.NASL", "GENTOO_GLSA-200710-30.NASL", "GENTOO_GLSA-200806-08.NASL", "GENTOO_GLSA-200912-01.NASL", "GENTOO_GLSA-201006-18.NASL", "GENTOO_GLSA-201110-01.NASL", "GENTOO_GLSA-201110-05.NASL", "GENTOO_GLSA-201203-12.NASL", "GENTOO_GLSA-201203-22.NASL", "GENTOO_GLSA-201206-18.NASL", "GENTOO_GLSA-201301-01.NASL", "GENTOO_GLSA-201309-12.NASL", "GENTOO_GLSA-201309-15.NASL", "GENTOO_GLSA-201310-10.NASL", "GENTOO_GLSA-201311-13.NASL", "GENTOO_GLSA-201312-03.NASL", "GENTOO_GLSA-201401-30.NASL", "GENTOO_GLSA-201402-25.NASL", "GENTOO_GLSA-201404-07.NASL", "GENTOO_GLSA-201406-32.NASL", "GENTOO_GLSA-201407-05.NASL", "GENTOO_GLSA-201408-19.NASL", "GENTOO_GLSA-201412-11.NASL", "GENTOO_GLSA-201412-39.NASL", "GENTOO_GLSA-201503-11.NASL", "HPSMH_6_0_0_95.NASL", "HPSMH_6_1_0_102.NASL", "HPSMH_6_2_0_12.NASL", "HPSMH_7_0_0_24.NASL", "HPSMH_7_1_1_1.NASL", "HPSMH_7_2_1_0.NASL", "HPSMH_7_2_6.NASL", "HPSMH_7_3_2.NASL", "HPSMH_7_3_3_1.NASL", "HPSMH_7_5.NASL", "HPUX_PHNE_31726.NASL", "HPUX_PHNE_35920.NASL", "HPUX_PHSS_28685.NASL", "HPUX_PHSS_28686.NASL", "HPUX_PHSS_29690.NASL", "HPUX_PHSS_29691.NASL", "HPUX_PHSS_29891.NASL", "HPUX_PHSS_29892.NASL", "HPUX_PHSS_29893.NASL", "HPUX_PHSS_29894.NASL", "HPUX_PHSS_30055.NASL", "HPUX_PHSS_30056.NASL", "HPUX_PHSS_30057.NASL", "HPUX_PHSS_30058.NASL", "HPUX_PHSS_30639.NASL", "HPUX_PHSS_30640.NASL", "HPUX_PHSS_30641.NASL", "HPUX_PHSS_30642.NASL", "HPUX_PHSS_30643.NASL", "HPUX_PHSS_30644.NASL", "HPUX_PHSS_30645.NASL", "HPUX_PHSS_30646.NASL", "HPUX_PHSS_30647.NASL", "HPUX_PHSS_30648.NASL", "HPUX_PHSS_30649.NASL", "HPUX_PHSS_30650.NASL", "HPUX_PHSS_35110.NASL", "HPUX_PHSS_35111.NASL", "HPUX_PHSS_35436.NASL", "HPUX_PHSS_35437.NASL", "HPUX_PHSS_35458.NASL", "HPUX_PHSS_35459.NASL", "HPUX_PHSS_35460.NASL", "HPUX_PHSS_35461.NASL", "HPUX_PHSS_35462.NASL", "HPUX_PHSS_35463.NASL", "HPUX_PHSS_35480.NASL", "HPUX_PHSS_35481.NASL", "HP_INSIGHT_CONTROL_SERVER_MIGRATION_7_3_2.NASL", "HP_LASERJETPRO_HPSBPI03014.NBIN", "HP_LASERJET_HPSBPI03107.NASL", "HP_LOADRUNNER_12_00_1.NASL", "HP_OFFICEJET_HPSBPI03107.NASL", "HP_OFFICEJET_PRO_HEARTBLEED.NASL", "HP_ONBOARD_ADMIN_4_22.NASL", "HP_ONBOARD_ADMIN_HEARTBLEED_VERSIONS.NASL", "HP_ONEVIEW_1_10.NASL", "HP_SUM_6_4_1.NASL", "HP_SYSTEMS_INSIGHT_MANAGER_700_MULTIPLE_VULNS.NASL", "HP_SYSTEMS_INSIGHT_MANAGER_73_HOTFIX_34.NASL", "HP_VCA_SSRT101531-RHEL.NASL", "HP_VCA_SSRT101531-SLES.NASL", "HP_VCA_SSRT101531.NASL", "HP_VCA_SSRT101614-RHEL.NASL", "HP_VCA_SSRT101614-SLES.NASL", "HP_VCA_SSRT101614.NASL", "HP_VCRM_SSRT101531.NASL", "HP_VERSION_CONTROL_REPO_MANAGER_HPSBMU03056.NASL", "IBM_GPFS_ISG3T1020683.NASL", "IBM_GPFS_ISG3T1020948_WINDOWS.NASL", "IBM_GSKIT_SWG21638270.NASL", "IBM_HTTP_SERVER_491407.NASL", "IBM_RATIONAL_CLEARQUEST_8_0_1_3_01.NASL", "IBM_TEM_8_2_1372.NASL", "IBM_TEM_9_1_1117_0.NASL", "IBM_TSM_SERVER_5_5_X.NASL", "IBM_TSM_SERVER_6_1_X.NASL", "IBM_TSM_SERVER_6_2_6_0.NASL", "IBM_TSM_SERVER_6_3_4_200.NASL", "IIS_7_PCI.NASL", "IPSWITCH_IMAIL_12_3.NASL", "IPSWITCH_IMAIL_12_4_1_15.NASL", "JUNIPER_JSA10575.NASL", "JUNIPER_JSA10623.NASL", "JUNIPER_JSA10629.NASL", "JUNIPER_NSM_JSA10642.NASL", "JUNIPER_PSN-2012-07-645.NASL", "JUNIPER_SBR_MULTIPLE.NASL", "JUNIPER_SPACE_JSA10659.NASL", "JUNOS_PULSE_JSA10591.NASL", "JUNOS_PULSE_JSA10623.NASL", "JUNOS_PULSE_JSA10629.NASL", "KASPERSKY_INTERNET_SECURITY_HEARTBLEED.NASL", "KERIO_CONNECT_824.NASL", "LIBREOFFICE_423.NASL", "MACOSX_10_10_4.NASL", "MACOSX_10_11.NASL", "MACOSX_10_6_8.NASL", "MACOSX_10_8_4.NASL", "MACOSX_10_8_5.NASL", "MACOSX_10_9_5.NASL", "MACOSX_CISCO_ANYCONNECT_3_1_5170.NASL", "MACOSX_FUSION_6_0_3.NASL", "MACOSX_FUSION_6_0_4.NASL", "MACOSX_JAVA_10_5_UPDATE7.NASL", "MACOSX_JAVA_10_5_UPDATE8.NASL", "MACOSX_JAVA_10_6_UPDATE2.NASL", "MACOSX_JAVA_10_6_UPDATE3.NASL", "MACOSX_JAVA_REL6.NASL", "MACOSX_LIBREOFFICE_423.NASL", "MACOSX_SECUPD20040503.NASL", "MACOSX_SECUPD2005-007.NASL", "MACOSX_SECUPD2005-009.NASL", "MACOSX_SECUPD2008-005.NASL", "MACOSX_SECUPD2010-001.NASL", "MACOSX_SECUPD2013-002.NASL", "MACOSX_SECUPD2013-004.NASL", "MACOSX_SECUPD2014-004.NASL", "MACOSX_SECUPD2015-005.NASL", "MACOSX_VERSION.NASL", "MACOSX_VMWARE_HORIZON_VIEW_CLIENT_VMSA_2014_0006.NASL", "MACOSX_VMWARE_OVFTOOL_VMSA_2014_0006.NASL", "MANDRAKE_MDKSA-2003-020.NASL", "MANDRAKE_MDKSA-2003-035.NASL", "MANDRAKE_MDKSA-2003-098.NASL", "MANDRAKE_MDKSA-2004-023.NASL", "MANDRAKE_MDKSA-2004-147.NASL", "MANDRAKE_MDKSA-2005-096.NASL", "MANDRAKE_MDKSA-2005-110.NASL", "MANDRAKE_MDKSA-2005-111.NASL", "MANDRAKE_MDKSA-2005-179.NASL", "MANDRAKE_MDKSA-2006-161.NASL", "MANDRAKE_MDKSA-2006-166.NASL", "MANDRAKE_MDKSA-2006-172.NASL", "MANDRAKE_MDKSA-2006-177.NASL", "MANDRAKE_MDKSA-2006-178.NASL", "MANDRAKE_MDKSA-2006-207.NASL", "MANDRAKE_MDKSA-2007-193.NASL", "MANDRAKE_MDKSA-2007-237.NASL", "MANDRIVA_MDVSA-2008-107.NASL", "MANDRIVA_MDVSA-2009-120.NASL", "MANDRIVA_MDVSA-2009-238.NASL", "MANDRIVA_MDVSA-2009-239.NASL", "MANDRIVA_MDVSA-2009-295.NASL", "MANDRIVA_MDVSA-2009-310.NASL", "MANDRIVA_MDVSA-2009-323.NASL", "MANDRIVA_MDVSA-2009-337.NASL", "MANDRIVA_MDVSA-2010-022.NASL", "MANDRIVA_MDVSA-2010-069.NASL", "MANDRIVA_MDVSA-2010-070.NASL", "MANDRIVA_MDVSA-2010-076.NASL", "MANDRIVA_MDVSA-2010-084.NASL", "MANDRIVA_MDVSA-2010-238.NASL", "MANDRIVA_MDVSA-2011-028.NASL", "MANDRIVA_MDVSA-2011-137.NASL", "MANDRIVA_MDVSA-2012-006.NASL", "MANDRIVA_MDVSA-2012-007.NASL", "MANDRIVA_MDVSA-2012-011.NASL", "MANDRIVA_MDVSA-2012-038.NASL", "MANDRIVA_MDVSA-2012-060.NASL", "MANDRIVA_MDVSA-2012-064.NASL", "MANDRIVA_MDVSA-2012-073.NASL", "MANDRIVA_MDVSA-2013-014.NASL", "MANDRIVA_MDVSA-2013-050.NASL", "MANDRIVA_MDVSA-2013-052.NASL", "MANDRIVA_MDVSA-2013-095.NASL", "MANDRIVA_MDVSA-2014-007.NASL", "MANDRIVA_MDVSA-2014-080.NASL", "MANDRIVA_MDVSA-2014-090.NASL", "MANDRIVA_MDVSA-2014-106.NASL", "MANDRIVA_MDVSA-2014-123.NASL", "MANDRIVA_MDVSA-2015-062.NASL", "MANDRIVA_MDVSA-2015-063.NASL", "MARIADB_10_0_13.NASL", "MCAFEE_EMAIL_GATEWAY_SB10071.NASL", "MCAFEE_EMAIL_GATEWAY_SB10075.NASL", "MCAFEE_EPO_SB10071.NASL", "MCAFEE_EPO_SB10075.NASL", "MCAFEE_FIREWALL_ENTERPRISE_SB10071.NASL", "MCAFEE_NGFW_SB10071.NASL", "MCAFEE_VSEL_SB10071.NASL", "MCAFEE_VSEL_SB10075.NASL", "MCAFEE_WEB_GATEWAY_SB10071.NASL", "MCAFEE_WEB_GATEWAY_SB10075.NASL", "MOZILLA_FIREFOX_359.NASL", "MOZILLA_FIREFOX_362.NASL", "MOZILLA_THUNDERBIRD_304.NASL", "MYSQL_5_6_20.NASL", "MYSQL_ENTERPRISE_MONITOR_3_0_23.NASL", "NEWSTART_CGSL_NS-SA-2019-0020_OPENSSL098E.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0118_HTTPD.NASL", "NGINX_0_7_64.NASL", "OPENOFFICE_32.NASL", "OPENOFFICE_321.NASL", "OPENSSL_0_9_6K.NASL", "OPENSSL_0_9_6M_0_9_7D.NASL", "OPENSSL_0_9_7C.NASL", "OPENSSL_0_9_7F.NASL", "OPENSSL_0_9_7H_0_9_8A.NASL", "OPENSSL_0_9_7K_0_9_8C.NASL", "OPENSSL_0_9_7L_0_9_8D.NASL", "OPENSSL_0_9_7M_0_9_8E.NASL", "OPENSSL_0_9_8.NASL", "OPENSSL_0_9_8F.NASL", "OPENSSL_0_9_8H.NASL", "OPENSSL_0_9_8L.NASL", "OPENSSL_0_9_8M.NASL", "OPENSSL_0_9_8P_1_0_0B.NASL", "OPENSSL_0_9_8S.NASL", "OPENSSL_0_9_8T.NASL", "OPENSSL_0_9_8U.NASL", "OPENSSL_0_9_8V.NASL", "OPENSSL_0_9_8X.NASL", "OPENSSL_0_9_8Y.NASL", "OPENSSL_0_9_8ZA.NASL", "OPENSSL_0_9_8ZF.NASL", "OPENSSL_1_0_0.NASL", "OPENSSL_1_0_0A.NASL", "OPENSSL_1_0_0D.NASL", "OPENSSL_1_0_0E.NASL", "OPENSSL_1_0_0F.NASL", "OPENSSL_1_0_0G.NASL", "OPENSSL_1_0_0H.NASL", "OPENSSL_1_0_0I.NASL", "OPENSSL_1_0_0J.NASL", "OPENSSL_1_0_0K.NASL", "OPENSSL_1_0_0L.NASL", "OPENSSL_1_0_0M.NASL", "OPENSSL_1_0_0R.NASL", "OPENSSL_1_0_1A.NASL", "OPENSSL_1_0_1C.NASL", "OPENSSL_1_0_1D.NASL", "OPENSSL_1_0_1E.NASL", "OPENSSL_1_0_1F.NASL", "OPENSSL_1_0_1G.NASL", "OPENSSL_1_0_1H.NASL", "OPENSSL_1_0_1M.NASL", "OPENSSL_1_0_2A.NASL", "OPENSSL_CCS.NASL", "OPENSSL_CCS_1_0_1.NASL", "OPENSSL_DENIAL.NASL", "OPENSSL_HEARTBLEED.NASL", "OPENSSL_PASSWORD_INTERCEPTION.NASL", "OPENSUSE-2012-210.NASL", "OPENSUSE-2012-242.NASL", "OPENSUSE-2012-308.NASL", "OPENSUSE-2012-52.NASL", "OPENSUSE-2012-751.NASL", "OPENSUSE-2012-99.NASL", "OPENSUSE-2013-10.NASL", "OPENSUSE-2013-153.NASL", "OPENSUSE-2013-154.NASL", "OPENSUSE-2013-164.NASL", "OPENSUSE-2013-818.NASL", "OPENSUSE-2014-10.NASL", "OPENSUSE-2014-11.NASL", "OPENSUSE-2014-27.NASL", "OPENSUSE-2014-277.NASL", "OPENSUSE-2014-318.NASL", "OPENSUSE-2014-325.NASL", "OPENSUSE-2014-359.NASL", "OPENSUSE-2014-360.NASL", "OPENSUSE-2014-398.NASL", "OPENSUSE-2014-4.NASL", "OPENSUSE-2014-410.NASL", "OPENSUSE-2014-60.NASL", "OPENSUSE-2014-62.NASL", "OPENSUSE-2014-63.NASL", "OPENSUSE-2015-116.NASL", "OPENSUSE-2015-247.NASL", "OPENSUSE-2015-507.NASL", "OPENSUSE-2015-889.NASL", "OPENSUSE-2016-289.NASL", "OPENSUSE-2016-292.NASL", "OPENSUSE-2016-294.NASL", "OPENSUSE-2016-327.NASL", "OPENVPN_2_3_3_0.NASL", "OPENVPN_HEARTBLEED.NASL", "OPERA_1050.NASL", "ORACLELINUX_ELSA-2006-0661.NASL", "ORACLELINUX_ELSA-2006-0695.NASL", "ORACLELINUX_ELSA-2007-0813.NASL", "ORACLELINUX_ELSA-2007-0964.NASL", "ORACLELINUX_ELSA-2009-1579.NASL", "ORACLELINUX_ELSA-2009-1580.NASL", "ORACLELINUX_ELSA-2010-0054.NASL", "ORACLELINUX_ELSA-2010-0162.NASL", "ORACLELINUX_ELSA-2010-0163.NASL", "ORACLELINUX_ELSA-2010-0164.NASL", "ORACLELINUX_ELSA-2010-0165.NASL", "ORACLELINUX_ELSA-2010-0166.NASL", "ORACLELINUX_ELSA-2010-0167.NASL", "ORACLELINUX_ELSA-2010-0333.NASL", "ORACLELINUX_ELSA-2010-0339.NASL", "ORACLELINUX_ELSA-2010-0768.NASL", "ORACLELINUX_ELSA-2011-1409.NASL", "ORACLELINUX_ELSA-2012-0059.NASL", "ORACLELINUX_ELSA-2012-0060.NASL", "ORACLELINUX_ELSA-2012-0086.NASL", "ORACLELINUX_ELSA-2012-0426.NASL", "ORACLELINUX_ELSA-2012-0518.NASL", "ORACLELINUX_ELSA-2012-0699.NASL", "ORACLELINUX_ELSA-2012-2011.NASL", "ORACLELINUX_ELSA-2013-0273.NASL", "ORACLELINUX_ELSA-2013-0274.NASL", "ORACLELINUX_ELSA-2013-0275.NASL", "ORACLELINUX_ELSA-2013-0587.NASL", "ORACLELINUX_ELSA-2014-0015.NASL", "ORACLELINUX_ELSA-2014-0376.NASL", "ORACLELINUX_ELSA-2014-0624.NASL", "ORACLELINUX_ELSA-2014-0625.NASL", "ORACLELINUX_ELSA-2014-0626.NASL", "ORACLELINUX_ELSA-2014-0679.NASL", "ORACLELINUX_ELSA-2014-0680.NASL", "ORACLELINUX_ELSA-2014-1053.NASL", "ORACLELINUX_ELSA-2014-3040.NASL", "ORACLELINUX_ELSA-2015-0715.NASL", "ORACLELINUX_ELSA-2015-0716.NASL", "ORACLELINUX_ELSA-2015-0800.NASL", "ORACLELINUX_ELSA-2016-0372.NASL", "ORACLEVM_OVMSA-2014-0007.NASL", "ORACLEVM_OVMSA-2014-0008.NASL", "ORACLEVM_OVMSA-2014-0032.NASL", "ORACLEVM_OVMSA-2014-0039.NASL", "ORACLEVM_OVMSA-2014-0040.NASL", "ORACLEVM_OVMSA-2015-0039.NASL", "ORACLEVM_OVMSA-2015-0070.NASL", "ORACLE_E-BUSINESS_CPU_JUL_2014.NASL", "ORACLE_EIDS_CPU_OCT_2014.NASL", "ORACLE_JAVA_CPU_FEB_2013_1.NASL", "ORACLE_JAVA_CPU_FEB_2013_1_UNIX.NASL", "ORACLE_JAVA_CPU_MAR_2010.NASL", "ORACLE_JAVA_CPU_MAR_2010_UNIX.NASL", "ORACLE_JAVA_CPU_OCT_2010.NASL", "ORACLE_JAVA_CPU_OCT_2010_UNIX.NASL", "ORACLE_RDBMS_CPU_APR_2011.NASL", "ORACLE_RDBMS_CPU_OCT_2013.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2014_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2015_CPU.NASL", "ORACLE_VIRTUALBOX_JAN_2015_CPU.NASL", "OT_500424.NASL", "OT_500473.NASL", "PALO_ALTO_PAN-SA-2014-0003.NASL", "PFSENSE_SA-14_03.NASL", "PFSENSE_SA-14_07.NASL", "PIVOTAL_WEBSERVER_5_4_1.NASL", "PUPPET_ENTERPRISE_312.NASL", "PUPPET_ENTERPRISE_330.NASL", "PUPPET_ENTERPRISE_380.NASL", "REDHAT-RHSA-2003-063.NASL", "REDHAT-RHSA-2003-102.NASL", "REDHAT-RHSA-2003-293.NASL", "REDHAT-RHSA-2004-120.NASL", "REDHAT-RHSA-2005-476.NASL", "REDHAT-RHSA-2005-762.NASL", "REDHAT-RHSA-2005-800.NASL", "REDHAT-RHSA-2005-829.NASL", "REDHAT-RHSA-2005-830.NASL", "REDHAT-RHSA-2006-0661.NASL", "REDHAT-RHSA-2006-0695.NASL", "REDHAT-RHSA-2007-0062.NASL", "REDHAT-RHSA-2007-0072.NASL", "REDHAT-RHSA-2007-0073.NASL", "REDHAT-RHSA-2007-0813.NASL", "REDHAT-RHSA-2007-0964.NASL", "REDHAT-RHSA-2007-1003.NASL", "REDHAT-RHSA-2008-0264.NASL", "REDHAT-RHSA-2008-0525.NASL", "REDHAT-RHSA-2008-0629.NASL", "REDHAT-RHSA-2009-1335.NASL", "REDHAT-RHSA-2009-1579.NASL", "REDHAT-RHSA-2009-1580.NASL", "REDHAT-RHSA-2009-1694.NASL", "REDHAT-RHSA-2010-0054.NASL", "REDHAT-RHSA-2010-0130.NASL", "REDHAT-RHSA-2010-0155.NASL", "REDHAT-RHSA-2010-0162.NASL", "REDHAT-RHSA-2010-0163.NASL", "REDHAT-RHSA-2010-0164.NASL", "REDHAT-RHSA-2010-0165.NASL", "REDHAT-RHSA-2010-0166.NASL", "REDHAT-RHSA-2010-0167.NASL", "REDHAT-RHSA-2010-0333.NASL", "REDHAT-RHSA-2010-0337.NASL", "REDHAT-RHSA-2010-0338.NASL", "REDHAT-RHSA-2010-0339.NASL", "REDHAT-RHSA-2010-0768.NASL", "REDHAT-RHSA-2010-0770.NASL", "REDHAT-RHSA-2010-0786.NASL", "REDHAT-RHSA-2010-0807.NASL", "REDHAT-RHSA-2010-0865.NASL", "REDHAT-RHSA-2010-0888.NASL", "REDHAT-RHSA-2010-0987.NASL", "REDHAT-RHSA-2011-0677.NASL", "REDHAT-RHSA-2011-0880.NASL", "REDHAT-RHSA-2011-1409.NASL", "REDHAT-RHSA-2012-0059.NASL", "REDHAT-RHSA-2012-0060.NASL", "REDHAT-RHSA-2012-0086.NASL", "REDHAT-RHSA-2012-0109.NASL", "REDHAT-RHSA-2012-0168.NASL", "REDHAT-RHSA-2012-0426.NASL", "REDHAT-RHSA-2012-0488.NASL", "REDHAT-RHSA-2012-0518.NASL", "REDHAT-RHSA-2012-0522.NASL", "REDHAT-RHSA-2012-0531.NASL", "REDHAT-RHSA-2012-0699.NASL", "REDHAT-RHSA-2013-0273.NASL", "REDHAT-RHSA-2013-0274.NASL", "REDHAT-RHSA-2013-0275.NASL", "REDHAT-RHSA-2013-0531.NASL", "REDHAT-RHSA-2013-0532.NASL", "REDHAT-RHSA-2013-0587.NASL", "REDHAT-RHSA-2013-0636.NASL", "REDHAT-RHSA-2013-0822.NASL", "REDHAT-RHSA-2013-0823.NASL", "REDHAT-RHSA-2013-0833.NASL", "REDHAT-RHSA-2013-0855.NASL", "REDHAT-RHSA-2013-1455.NASL", "REDHAT-RHSA-2013-1456.NASL", "REDHAT-RHSA-2014-0015.NASL", "REDHAT-RHSA-2014-0041.NASL", "REDHAT-RHSA-2014-0376.NASL", "REDHAT-RHSA-2014-0377.NASL", "REDHAT-RHSA-2014-0378.NASL", "REDHAT-RHSA-2014-0396.NASL", "REDHAT-RHSA-2014-0416.NASL", "REDHAT-RHSA-2014-0624.NASL", "REDHAT-RHSA-2014-0625.NASL", "REDHAT-RHSA-2014-0626.NASL", "REDHAT-RHSA-2014-0627.NASL", "REDHAT-RHSA-2014-0628.NASL", "REDHAT-RHSA-2014-0629.NASL", "REDHAT-RHSA-2014-0679.NASL", "REDHAT-RHSA-2014-0680.NASL", "REDHAT-RHSA-2014-1053.NASL", "REDHAT-RHSA-2015-0715.NASL", "REDHAT-RHSA-2015-0716.NASL", "REDHAT-RHSA-2015-0752.NASL", "REDHAT-RHSA-2015-0800.NASL", "REDHAT-RHSA-2016-0303.NASL", "REDHAT-RHSA-2016-0304.NASL", "REDHAT-RHSA-2016-0372.NASL", "SCADA_TRIANGLE_GATEWAY_3_3_729.NBIN", "SEAMONKEY_204.NASL", "SLACKWARE_SSA_2004-077-01.NASL", "SLACKWARE_SSA_2005-286-01.NASL", "SLACKWARE_SSA_2006-257-02.NASL", "SLACKWARE_SSA_2006-272-01.NASL", "SLACKWARE_SSA_2006-310-01.NASL", "SLACKWARE_SSA_2008-210-08.NASL", "SLACKWARE_SSA_2009-320-01.NASL", "SLACKWARE_SSA_2010-060-02.NASL", "SLACKWARE_SSA_2010-067-01.NASL", "SLACKWARE_SSA_2010-326-01.NASL", "SLACKWARE_SSA_2011-041-04.NASL", "SLACKWARE_SSA_2013-040-01.NASL", "SLACKWARE_SSA_2014-013-02.NASL", "SLACKWARE_SSA_2014-098-01.NASL", "SLACKWARE_SSA_2014-156-03.NASL", "SLACKWARE_SSA_2015-111-09.NASL", "SL_20071012_OPENSSL_ON_SL5_X.NASL", "SL_20071022_OPENSSL_ON_SL3.NASL", "SL_20071115_OPENSSL_ON_SL4_X.NASL", "SL_20090902_OPENSSL_ON_SL5_X.NASL", "SL_20091111_HTTPD_ON_SL3_X.NASL", "SL_20100119_OPENSSL_ON_SL5_X.NASL", "SL_20100325_GNUTLS_ON_SL4_X.NASL", "SL_20100325_NSS_ON_SL4_X.NASL", "SL_20100325_OPENSSL097A_ON_SL5_X.NASL", "SL_20100325_OPENSSL_ON_SL3_X.NASL", "SL_20100325_OPENSSL_ON_SL5_X.NASL", "SL_20100331_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "SL_20100331_JAVA__JDK_1_6_0__ON_SL4_X.NASL", "SL_20101013_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "SL_20101014_JAVA__JDK_1_6_0__ON_SL4_X.NASL", "SL_20101110_JAVA_1_6_0_OPENJDK_ON_SL6_X.NASL", "SL_20101116_OPENSSL_ON_SL6_X.NASL", "SL_20110519_OPENSSL_ON_SL6_X.NASL", "SL_20111026_OPENSSL_ON_SL6_X.NASL", "SL_20120124_OPENSSL_ON_SL5_X.NASL", "SL_20120124_OPENSSL_ON_SL6_X.NASL", "SL_20120201_OPENSSL_ON_SL4_X.NASL", "SL_20120327_OPENSSL_ON_SL5_X.NASL", "SL_20120424_OPENSSL_ON_SL5_X.NASL", "SL_20120529_OPENSSL_ON_SL5_X.NASL", "SL_20130304_OPENSSL_ON_SL5_X.NASL", "SL_20140108_OPENSSL_ON_SL6_X.NASL", "SL_20140408_OPENSSL_ON_SL6_X.NASL", "SL_20140605_OPENSSL097A_AND_OPENSSL098E_ON_SL5_X.NASL", "SL_20140605_OPENSSL_ON_SL5_X.NASL", "SL_20140605_OPENSSL_ON_SL6_X.NASL", "SL_20140813_OPENSSL_ON_SL5_X.NASL", "SL_20150324_OPENSSL_ON_SL6_X.NASL", "SL_20150324_OPENSSL_ON_SL7_X.NASL", "SL_20150413_OPENSSL_ON_SL5_X.NASL", "SL_20160309_OPENSSL098E_ON_SL6_X.NASL", "SMB_KB2962393.NASL", "SMB_NT_MS10-049.NASL", "SOLARIS10_116648-25.NASL", "SOLARIS10_116648.NASL", "SOLARIS10_118371.NASL", "SOLARIS10_119213-27.NASL", "SOLARIS10_119213-30.NASL", "SOLARIS10_119213-31.NASL", "SOLARIS10_119213-32.NASL", "SOLARIS10_119213-33.NASL", "SOLARIS10_119213-36.NASL", "SOLARIS10_119213-37.NASL", "SOLARIS10_119213-38.NASL", "SOLARIS10_119213.NASL", "SOLARIS10_121229-02.NASL", "SOLARIS10_121229.NASL", "SOLARIS10_125437-22.NASL", "SOLARIS10_125437.NASL", "SOLARIS10_128640-30.NASL", "SOLARIS10_128640.NASL", "SOLARIS10_143140-04.NASL", "SOLARIS10_145102-01.NASL", "SOLARIS10_148071.NASL", "SOLARIS10_150383.NASL", "SOLARIS10_X86_116649-25.NASL", "SOLARIS10_X86_118372.NASL", "SOLARIS10_X86_119214-27.NASL", "SOLARIS10_X86_119214-30.NASL", "SOLARIS10_X86_119214-31.NASL", "SOLARIS10_X86_119214-32.NASL", "SOLARIS10_X86_119214-33.NASL", "SOLARIS10_X86_119214-36.NASL", "SOLARIS10_X86_119214-37.NASL", "SOLARIS10_X86_119214-38.NASL", "SOLARIS10_X86_119214.NASL", "SOLARIS10_X86_121230-02.NASL", "SOLARIS10_X86_121230.NASL", "SOLARIS10_X86_125438-22.NASL", "SOLARIS10_X86_125438.NASL", "SOLARIS10_X86_128641-30.NASL", "SOLARIS10_X86_128641.NASL", "SOLARIS10_X86_141525-10.NASL", "SOLARIS10_X86_148072.NASL", "SOLARIS11_GNUTLS_20130924.NASL", "SOLARIS11_NSS_20140809.NASL", "SOLARIS11_OPENSSL_20120404.NASL", "SOLARIS11_OPENSSL_20120523.NASL", "SOLARIS11_OPENSSL_20120626.NASL", "SOLARIS11_OPENSSL_20120814.NASL", "SOLARIS11_OPENSSL_20130716.NASL", "SOLARIS11_OPENSSL_20140623.NASL", "SOLARIS11_OPENSSL_20140731.NASL", "SOLARIS11_OPENSSL_20141014.NASL", "SOLARIS11_WANBOOT_20141014.NASL", "SOLARIS8_114045.NASL", "SOLARIS8_116648.NASL", "SOLARIS8_119209.NASL", "SOLARIS8_125437.NASL", "SOLARIS9_113451.NASL", "SOLARIS9_113713.NASL", "SOLARIS9_114049.NASL", "SOLARIS9_116648.NASL", "SOLARIS9_117123.NASL", "SOLARIS9_119211.NASL", "SOLARIS9_125437.NASL", "SOLARIS9_128640.NASL", "SOLARIS9_X86_114050.NASL", "SOLARIS9_X86_114435.NASL", "SOLARIS9_X86_114568.NASL", "SOLARIS9_X86_119212.NASL", "SOLARIS9_X86_122715.NASL", "SOLARIS9_X86_125438.NASL", "SOLARIS9_X86_128641.NASL", "SPLUNK_503.NASL", "SPLUNK_603.NASL", "SPLUNK_605.NASL", "SPLUNK_618.NASL", "SSLTEST.NASL", "SSL_CRIME.NASL", "SSL_RENEGOTIATION.NASL", "STUNNEL_4_55.NASL", "STUNNEL_5_01.NASL", "STUNNEL_5_02.NASL", "STUNNEL_5_12.NASL", "SUSE9_11843.NASL", "SUSE9_12550.NASL", "SUSE9_12606.NASL", "SUSE9_12621.NASL", "SUSE9_12623.NASL", "SUSE9_12658.NASL", "SUSE9_12659.NASL", "SUSE9_12705.NASL", "SUSE_11_0_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_0_FIREFOX35UPGRADE-100407.NASL", "SUSE_11_0_JAVA-1_6_0-OPENJDK-100428.NASL", "SUSE_11_0_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_0_LIBFREEBL3-100407.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-091112.NASL", "SUSE_11_0_MOZILLA-XULRUNNER190-100407.NASL", "SUSE_11_0_OPENSSL-CVE-2009-4355_PATCH-100115.NASL", "SUSE_11_1_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_1_FIREFOX35UPGRADE-100407.NASL", "SUSE_11_1_GNUTLS-101025.NASL", "SUSE_11_1_GNUTLS-101206.NASL", "SUSE_11_1_JAVA-1_6_0-OPENJDK-100428.NASL", "SUSE_11_1_JAVA-1_6_0-OPENJDK-101103.NASL", "SUSE_11_1_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_1_JAVA-1_6_0-SUN-101019.NASL", "SUSE_11_1_LIBFREEBL3-100407.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-091112.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-100331.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_1_MOZILLA-XULRUNNER190-100407.NASL", "SUSE_11_1_MOZILLAFIREFOX-BRANDING-OPENSUSE-100413.NASL", "SUSE_11_1_OPENSSL-CVE-2009-4355_PATCH-100120.NASL", "SUSE_11_2_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_2_GNUTLS-101025.NASL", "SUSE_11_2_GNUTLS-101206.NASL", "SUSE_11_2_JAVA-1_6_0-OPENJDK-100412.NASL", "SUSE_11_2_JAVA-1_6_0-OPENJDK-101103.NASL", "SUSE_11_2_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_2_JAVA-1_6_0-SUN-101019.NASL", "SUSE_11_2_LIBFREEBL3-100406.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-091113.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-100401.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_2_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_2_MOZILLAFIREFOX-100412.NASL", "SUSE_11_2_MOZILLATHUNDERBIRD-100406.NASL", "SUSE_11_2_OPENSSL-CVE-2009-4355_PATCH-100115.NASL", "SUSE_11_2_SEAMONKEY-100406.NASL", "SUSE_11_3_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_3_GNUTLS-101025.NASL", "SUSE_11_3_GNUTLS-101206.NASL", "SUSE_11_3_JAVA-1_6_0-OPENJDK-101103.NASL", "SUSE_11_3_JAVA-1_6_0-SUN-101019.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-110920.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_4_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-110920.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120206.NASL", "SUSE_11_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_COMPAT-OPENSSL097G-120830.NASL", "SUSE_11_COMPAT-OPENSSL097G-141202.NASL", "SUSE_11_COMPAT-OPENSSL097G-150317.NASL", "SUSE_11_GNUTLS-101206.NASL", "SUSE_11_JAVA-1_4_2-IBM-100510.NASL", "SUSE_11_JAVA-1_4_2-IBM-101112.NASL", "SUSE_11_JAVA-1_6_0-IBM-101220.NASL", "SUSE_11_JAVA-1_6_0-IBM-130416.NASL", "SUSE_11_JAVA-1_6_0-OPENJDK-130221.NASL", "SUSE_11_JAVA-1_6_0-SUN-100331.NASL", "SUSE_11_JAVA-1_6_0-SUN-101019.NASL", "SUSE_11_JAVA-1_7_0-IBM-130415.NASL", "SUSE_11_LIBFREEBL3-100406.NASL", "SUSE_11_LIBMYSQL55CLIENT18-150302.NASL", "SUSE_11_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_LIBOPENSSL-DEVEL-091112.NASL", "SUSE_11_LIBOPENSSL-DEVEL-100331.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-101116.NASL", "SUSE_11_LIBOPENSSL-DEVEL-110210.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120209.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120327.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120328.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120503.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120524.NASL", "SUSE_11_LIBOPENSSL-DEVEL-130325.NASL", "SUSE_11_LIBOPENSSL-DEVEL-140604.NASL", "SUSE_11_LIBOPENSSL-DEVEL-150317.NASL", "SUSE_11_LIBQTWEBKIT-DEVEL-121010.NASL", "SUSE_11_MOZILLA-XULRUNNER190-100406.NASL", "SUSE_11_MOZILLA-XULRUNNER190-100407.NASL", "SUSE_11_MOZILLAFIREFOX-100406.NASL", "SUSE_11_MOZILLAFIREFOX-100407.NASL", "SUSE_11_OPENSSL-CVE-2009-4355_PATCH-100115.NASL", "SUSE_BIND-2268.NASL", "SUSE_BIND-2269.NASL", "SUSE_COMPAT-OPENSSL097G-2163.NASL", "SUSE_COMPAT-OPENSSL097G-2171.NASL", "SUSE_COMPAT-OPENSSL097G-5054.NASL", "SUSE_COMPAT-OPENSSL097G-5055.NASL", "SUSE_COMPAT-OPENSSL097G-6656.NASL", "SUSE_COMPAT-OPENSSL097G-6657.NASL", "SUSE_COMPAT-OPENSSL097G-7644.NASL", "SUSE_COMPAT-OPENSSL097G-7645.NASL", "SUSE_COMPAT-OPENSSL097G-8262.NASL", "SUSE_GNUTLS-7299.NASL", "SUSE_JAVA-1_4_2-IBM-7036.NASL", "SUSE_JAVA-1_4_2-IBM-7231.NASL", "SUSE_JAVA-1_5_0-IBM-7077.NASL", "SUSE_JAVA-1_5_0-IBM-7205.NASL", "SUSE_JAVA-1_6_0-IBM-7312.NASL", "SUSE_JAVA-1_6_0-IBM-8544.NASL", "SUSE_JAVA-1_6_0-SUN-7204.NASL", "SUSE_LIBOPENSSL-DEVEL-4476.NASL", "SUSE_LIBOPENSSL-DEVEL-4560.NASL", "SUSE_LIBOPENSSL-DEVEL-6268.NASL", "SUSE_MOZILLA-NSPR-6977.NASL", "SUSE_MOZILLA-NSS-6978.NASL", "SUSE_MOZILLA-XULRUNNER190-6971.NASL", "SUSE_MOZILLA-XULRUNNER190-6976.NASL", "SUSE_MOZILLAFIREFOX-6970.NASL", "SUSE_MOZILLAFIREFOX-6979.NASL", "SUSE_OPENSSL-2069.NASL", "SUSE_OPENSSL-2082.NASL", "SUSE_OPENSSL-2140.NASL", "SUSE_OPENSSL-2141.NASL", "SUSE_OPENSSL-2162.NASL", "SUSE_OPENSSL-2175.NASL", "SUSE_OPENSSL-2349.NASL", "SUSE_OPENSSL-4477.NASL", "SUSE_OPENSSL-4559.NASL", "SUSE_OPENSSL-6267.NASL", "SUSE_OPENSSL-6654.NASL", "SUSE_OPENSSL-6655.NASL", "SUSE_OPENSSL-6943.NASL", "SUSE_OPENSSL-6944.NASL", "SUSE_OPENSSL-7923.NASL", "SUSE_OPENSSL-7961.NASL", "SUSE_OPENSSL-8034.NASL", "SUSE_OPENSSL-8112.NASL", "SUSE_OPENSSL-8143.NASL", "SUSE_OPENSSL-8517.NASL", "SUSE_OPENSSL-CVE-2009-4355.PATCH-6783.NASL", "SUSE_OPENSSL-CVE-2009-4355.PATCH-6784.NASL", "SUSE_OPERA-2181.NASL", "SUSE_SA_2003_011.NASL", "SUSE_SA_2003_043.NASL", "SUSE_SA_2004_007.NASL", "SUSE_SA_2005_061.NASL", "SUSE_SA_2006_055.NASL", "SUSE_SA_2006_058.NASL", "SUSE_SA_2006_061.NASL", "SUSE_SU-2015-0541-1.NASL", "SUSE_SU-2015-0553-1.NASL", "SUSE_SU-2015-0743-1.NASL", "SUSE_SU-2015-1410-1.NASL", "SUSE_SU-2015-2303-1.NASL", "SUSE_SU-2016-0617-1.NASL", "SUSE_SU-2016-0620-1.NASL", "SUSE_SU-2016-0624-1.NASL", "SUSE_SU-2016-0631-1.NASL", "SUSE_SU-2016-0641-1.NASL", "SUSE_SU-2016-0678-1.NASL", "SYMANTEC_ENDPOINT_PROT_MGR_12_1_RU4_MP1A.NASL", "TENABLE_OT_SIEMENS_CVE-2014-0160.NASL", "TENABLE_OT_SIEMENS_CVE-2014-0224.NASL", "TIVOLI_DIRECTORY_SVR_SWG21638270.NASL", "TOMCAT_6_0_43.NASL", "TOMCAT_6_0_44.NASL", "TOMCAT_7_0_55.NASL", "TOMCAT_7_0_60.NASL", "TOMCAT_8_0_11.NASL", "TOMCAT_8_0_21.NASL", "UBUNTU_USN-1010-1.NASL", "UBUNTU_USN-1018-1.NASL", "UBUNTU_USN-1064-1.NASL", "UBUNTU_USN-131-1.NASL", "UBUNTU_USN-1357-1.NASL", "UBUNTU_USN-1424-1.NASL", "UBUNTU_USN-1428-1.NASL", "UBUNTU_USN-1451-1.NASL", "UBUNTU_USN-1627-1.NASL", "UBUNTU_USN-1628-1.NASL", "UBUNTU_USN-1732-1.NASL", "UBUNTU_USN-1732-2.NASL", "UBUNTU_USN-1732-3.NASL", "UBUNTU_USN-1735-1.NASL", "UBUNTU_USN-179-1.NASL", "UBUNTU_USN-1898-1.NASL", "UBUNTU_USN-204-1.NASL", "UBUNTU_USN-2079-1.NASL", "UBUNTU_USN-2165-1.NASL", "UBUNTU_USN-2192-1.NASL", "UBUNTU_USN-2232-1.NASL", "UBUNTU_USN-2232-2.NASL", "UBUNTU_USN-2232-3.NASL", "UBUNTU_USN-2232-4.NASL", "UBUNTU_USN-24-1.NASL", "UBUNTU_USN-2537-1.NASL", "UBUNTU_USN-339-1.NASL", "UBUNTU_USN-353-1.NASL", "UBUNTU_USN-353-2.NASL", "UBUNTU_USN-522-1.NASL", "UBUNTU_USN-534-1.NASL", "UBUNTU_USN-620-1.NASL", "UBUNTU_USN-792-1.NASL", "UBUNTU_USN-860-1.NASL", "UBUNTU_USN-884-1.NASL", "UBUNTU_USN-923-1.NASL", "UBUNTU_USN-927-1.NASL", "UBUNTU_USN-927-4.NASL", "UBUNTU_USN-927-6.NASL", "UBUNTU_USN-990-1.NASL", "UBUNTU_USN-990-2.NASL", "VMWARE_ESXI_5_0_BUILD_1311177_REMOTE.NASL", "VMWARE_ESXI_5_0_BUILD_1918656_REMOTE.NASL", "VMWARE_ESXI_5_0_BUILD_912577_REMOTE.NASL", "VMWARE_ESXI_5_1_BUILD_1483097_REMOTE.NASL", "VMWARE_ESXI_5_1_BUILD_1900470_REMOTE.NASL", "VMWARE_ESXI_5_5_BUILD_1746974_REMOTE.NASL", "VMWARE_ESXI_5_5_BUILD_1881737_REMOTE.NASL", "VMWARE_ESX_VMSA-2013-0003_REMOTE.NASL", "VMWARE_ESX_VMSA-2013-0009_REMOTE.NASL", "VMWARE_HORIZON_VIEW_CLIENT_VMSA_2014_0006.NASL", "VMWARE_HORIZON_VIEW_VMSA-2014-0006.NASL", "VMWARE_HORIZON_WORKSPACE_VMSA2014-0004.NASL", "VMWARE_MULTIPLE_VMSA_2008_0005.NASL", "VMWARE_OVFTOOL_VMSA_2014-0006.NASL", "VMWARE_PLAYER_LINUX_6_0_2.NASL", "VMWARE_PLAYER_LINUX_6_0_3.NASL", "VMWARE_PLAYER_MULTIPLE_VMSA_2014-0004.NASL", "VMWARE_PLAYER_MULTIPLE_VMSA_2014-0006.NASL", "VMWARE_VCENTER_CHARGEBACK_MANAGER_2601.NASL", "VMWARE_VCENTER_CONVERTER_2014-0006.NASL", "VMWARE_VCENTER_OPERATIONS_MANAGER_VMSA_2014-0006.NASL", "VMWARE_VCENTER_SERVER_APPLIANCE_2014-0006.NASL", "VMWARE_VCENTER_SUPPORT_ASSISTANT_2014-0006.NASL", "VMWARE_VCENTER_UPDATE_MGR_VMSA-2014-0006.NASL", "VMWARE_VCENTER_VMSA-2014-0006.NASL", "VMWARE_VMSA-2008-0001.NASL", "VMWARE_VMSA-2008-0013.NASL", "VMWARE_VMSA-2010-0004.NASL", "VMWARE_VMSA-2010-0004_REMOTE.NASL", "VMWARE_VMSA-2010-0009.NASL", "VMWARE_VMSA-2010-0009_REMOTE.NASL", "VMWARE_VMSA-2010-0015.NASL", "VMWARE_VMSA-2010-0015_REMOTE.NASL", "VMWARE_VMSA-2010-0019.NASL", "VMWARE_VMSA-2010-0019_REMOTE.NASL", "VMWARE_VMSA-2011-0003.NASL", "VMWARE_VMSA-2011-0003_REMOTE.NASL", "VMWARE_VMSA-2012-0013.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL", "VMWARE_VMSA-2013-0003.NASL", "VMWARE_VMSA-2013-0009.NASL", "VMWARE_VMSA-2014-0004.NASL", "VMWARE_VMSA-2014-0004_REMOTE.NASL", "VMWARE_VMSA-2014-0006.NASL", "VMWARE_VMSA-2014-0006_REMOTE.NASL", "VMWARE_VSPHERE_REPLICATION_VMSA_2014_0006.NASL", "VMWARE_WORKSTATION_LINUX_10_0_2.NASL", "VMWARE_WORKSTATION_LINUX_10_0_3.NASL", "VMWARE_WORKSTATION_MULTIPLE_VMSA_2014_0004.NASL", "VMWARE_WORKSTATION_MULTIPLE_VMSA_2014_0006.NASL", "VSPHERE_CLIENT_VMSA_2014-0006.NASL", "WD_ARKEIA_10_1_19_VER_CHECK.NASL", "WEBSENSE_EMAIL_SECURITY_HEARTBLEED.NASL", "WEBSENSE_WEB_SECURITY_HEARTBLEED.NASL", "WEBSPHERE_6_1_0_47.NASL", "WEBSPHERE_7_0_0_29.NASL", "WEBSPHERE_8_0_0_6.NASL", "WEBSPHERE_8_0_0_7.NASL", "WEBSPHERE_8_5_0_2.NASL", "WEBSPHERE_8_5_5.NASL", "WINSCP_5_5_3.NASL", "WINSCP_5_5_4.NASL", "XEROX_XRX07_001.NASL", "XEROX_XRX15AO_COLORQUBE.NASL"]}, {"type": "nginx", "idList": ["NGINX:CVE-2009-3555"]}, {"type": "nmap", "idList": ["NMAP:SSL-CCS-INJECTION.NSE", "NMAP:SSL-HEARTBLEED.NSE"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2003-0078", "OPENSSL:CVE-2003-0131", "OPENSSL:CVE-2003-0147", "OPENSSL:CVE-2003-0543", "OPENSSL:CVE-2003-0544", "OPENSSL:CVE-2003-0545", "OPENSSL:CVE-2004-0079", "OPENSSL:CVE-2004-0112", "OPENSSL:CVE-2004-0975", "OPENSSL:CVE-2005-2969", "OPENSSL:CVE-2006-2937", "OPENSSL:CVE-2006-2940", "OPENSSL:CVE-2006-3738", "OPENSSL:CVE-2006-4339", "OPENSSL:CVE-2006-4343", "OPENSSL:CVE-2007-4995", "OPENSSL:CVE-2007-5135", "OPENSSL:CVE-2008-0891", "OPENSSL:CVE-2008-1672", "OPENSSL:CVE-2009-1377", "OPENSSL:CVE-2009-1378", "OPENSSL:CVE-2009-1379", "OPENSSL:CVE-2009-3555", "OPENSSL:CVE-2009-4355", "OPENSSL:CVE-2010-0742", "OPENSSL:CVE-2010-1633", "OPENSSL:CVE-2010-3864", "OPENSSL:CVE-2010-5298", "OPENSSL:CVE-2011-0014", "OPENSSL:CVE-2011-3207", "OPENSSL:CVE-2011-4108", "OPENSSL:CVE-2011-4576", "OPENSSL:CVE-2011-4577", "OPENSSL:CVE-2011-4619", "OPENSSL:CVE-2012-0050", "OPENSSL:CVE-2012-0884", "OPENSSL:CVE-2012-2110", "OPENSSL:CVE-2012-2131", "OPENSSL:CVE-2012-2333", "OPENSSL:CVE-2013-0166", "OPENSSL:CVE-2013-0169", "OPENSSL:CVE-2013-4353", "OPENSSL:CVE-2013-6449", "OPENSSL:CVE-2013-6450", "OPENSSL:CVE-2014-0160", "OPENSSL:CVE-2014-0195", "OPENSSL:CVE-2014-0198", "OPENSSL:CVE-2014-0221", "OPENSSL:CVE-2014-0224", "OPENSSL:CVE-2014-3470", "OPENSSL:CVE-2015-0209", "OPENSSL:CVE-2015-0286", "OPENSSL:CVE-2015-0287", "OPENSSL:CVE-2015-0288", "OPENSSL:CVE-2015-0289", "OPENSSL:CVE-2015-0292", "OPENSSL:CVE-2015-0293", "OPENSSL:CVE-2016-0703", "OPENSSL:CVE-2016-0704", "OPENSSL:CVE-2016-2107"]}, {"type": "openvas", "idList": ["OPENVAS:102020", "OPENVAS:102024", "OPENVAS:102045", "OPENVAS:102047", "OPENVAS:103454", "OPENVAS:103468", "OPENVAS:103558", "OPENVAS:103672", "OPENVAS:103749", "OPENVAS:103849", "OPENVAS:103872", "OPENVAS:105021", "OPENVAS:105022", "OPENVAS:1361412562310100668", "OPENVAS:1361412562310100751", "OPENVAS:1361412562310102020", "OPENVAS:1361412562310102024", "OPENVAS:1361412562310102045", "OPENVAS:1361412562310102047", "OPENVAS:1361412562310103394", "OPENVAS:1361412562310103454", "OPENVAS:1361412562310103468", "OPENVAS:1361412562310103558", "OPENVAS:1361412562310103672", "OPENVAS:1361412562310103749", "OPENVAS:1361412562310103849", "OPENVAS:1361412562310103872", "OPENVAS:1361412562310103936", "OPENVAS:1361412562310105010", "OPENVAS:1361412562310105021", "OPENVAS:1361412562310105022", "OPENVAS:1361412562310105040", "OPENVAS:1361412562310105042", "OPENVAS:1361412562310105043", "OPENVAS:1361412562310105044", "OPENVAS:1361412562310105045", "OPENVAS:1361412562310105056", "OPENVAS:1361412562310105057", "OPENVAS:1361412562310105129", "OPENVAS:1361412562310105130", "OPENVAS:1361412562310105158", "OPENVAS:1361412562310105202", "OPENVAS:1361412562310105203", "OPENVAS:1361412562310105209", "OPENVAS:1361412562310105249", "OPENVAS:1361412562310105396", "OPENVAS:1361412562310105397", "OPENVAS:1361412562310105413", "OPENVAS:1361412562310105722", "OPENVAS:1361412562310105946", "OPENVAS:1361412562310105947", "OPENVAS:1361412562310105948", "OPENVAS:1361412562310108094", "OPENVAS:1361412562310120130", "OPENVAS:1361412562310120151", "OPENVAS:1361412562310120152", "OPENVAS:1361412562310120164", "OPENVAS:1361412562310120204", "OPENVAS:1361412562310120209", "OPENVAS:1361412562310120310", "OPENVAS:1361412562310120311", "OPENVAS:1361412562310120390", "OPENVAS:1361412562310120391", "OPENVAS:1361412562310120468", "OPENVAS:1361412562310120514", "OPENVAS:1361412562310120555", "OPENVAS:1361412562310120573", "OPENVAS:1361412562310120584", "OPENVAS:1361412562310120672", "OPENVAS:1361412562310121000", "OPENVAS:1361412562310121026", "OPENVAS:1361412562310121029", "OPENVAS:1361412562310121048", "OPENVAS:1361412562310121072", "OPENVAS:1361412562310121084", "OPENVAS:1361412562310121127", "OPENVAS:1361412562310121156", "OPENVAS:1361412562310121175", "OPENVAS:1361412562310121235", "OPENVAS:1361412562310121244", "OPENVAS:1361412562310121263", "OPENVAS:1361412562310121297", "OPENVAS:1361412562310121325", "OPENVAS:1361412562310121365", "OPENVAS:1361412562310122003", "OPENVAS:1361412562310122006", "OPENVAS:1361412562310122063", "OPENVAS:1361412562310122167", "OPENVAS:1361412562310122262", "OPENVAS:1361412562310122310", "OPENVAS:1361412562310122367", "OPENVAS:1361412562310122380", "OPENVAS:1361412562310122381", "OPENVAS:1361412562310122382", "OPENVAS:1361412562310122383", "OPENVAS:1361412562310122398", "OPENVAS:1361412562310122420", "OPENVAS:1361412562310122445", "OPENVAS:1361412562310122652", "OPENVAS:1361412562310122898", "OPENVAS:1361412562310123135", "OPENVAS:1361412562310123140", "OPENVAS:1361412562310123153", "OPENVAS:1361412562310123154", "OPENVAS:1361412562310123278", "OPENVAS:1361412562310123332", "OPENVAS:1361412562310123365", "OPENVAS:1361412562310123368", "OPENVAS:1361412562310123401", "OPENVAS:1361412562310123402", "OPENVAS:1361412562310123403", "OPENVAS:1361412562310123430", "OPENVAS:1361412562310123486", "OPENVAS:1361412562310123684", "OPENVAS:1361412562310123719", "OPENVAS:1361412562310123720", "OPENVAS:1361412562310123721", "OPENVAS:1361412562310123915", "OPENVAS:1361412562310123929", "OPENVAS:1361412562310123948", "OPENVAS:136141256231053942", "OPENVAS:136141256231055636", "OPENVAS:136141256231057389", "OPENVAS:136141256231057491", "OPENVAS:136141256231057698", "OPENVAS:136141256231061470", "OPENVAS:136141256231063141", "OPENVAS:136141256231064118", "OPENVAS:136141256231064132", "OPENVAS:136141256231064196", "OPENVAS:136141256231064246", "OPENVAS:136141256231064247", "OPENVAS:136141256231064248", "OPENVAS:136141256231064799", "OPENVAS:136141256231064920", "OPENVAS:136141256231064935", "OPENVAS:136141256231064948", "OPENVAS:136141256231064949", "OPENVAS:136141256231065067", "OPENVAS:136141256231065145", "OPENVAS:136141256231065185", "OPENVAS:136141256231065349", "OPENVAS:136141256231065556", "OPENVAS:136141256231065603", "OPENVAS:136141256231065668", "OPENVAS:136141256231065793", "OPENVAS:136141256231065974", "OPENVAS:136141256231066240", "OPENVAS:136141256231066241", "OPENVAS:136141256231066270", "OPENVAS:136141256231066274", "OPENVAS:136141256231066275", "OPENVAS:136141256231066278", "OPENVAS:136141256231066279", "OPENVAS:136141256231066285", "OPENVAS:136141256231066302", "OPENVAS:136141256231066310", "OPENVAS:136141256231066353", "OPENVAS:136141256231066370", "OPENVAS:136141256231066414", "OPENVAS:136141256231066449", "OPENVAS:136141256231066450", "OPENVAS:136141256231066451", "OPENVAS:136141256231066497", "OPENVAS:136141256231066498", "OPENVAS:136141256231066517", "OPENVAS:136141256231066557", "OPENVAS:136141256231066562", "OPENVAS:136141256231066563", "OPENVAS:136141256231066583", "OPENVAS:136141256231066585", "OPENVAS:136141256231067042", "OPENVAS:136141256231067045", "OPENVAS:136141256231067053", "OPENVAS:136141256231067218", "OPENVAS:136141256231068673", "OPENVAS:136141256231068703", "OPENVAS:136141256231068704", "OPENVAS:136141256231068921", "OPENVAS:136141256231068997", "OPENVAS:136141256231068998", "OPENVAS:136141256231069021", "OPENVAS:136141256231070248", "OPENVAS:1361412562310702833", "OPENVAS:1361412562310702837", "OPENVAS:1361412562310702896", "OPENVAS:1361412562310702908", "OPENVAS:1361412562310702931", "OPENVAS:1361412562310702950", "OPENVAS:1361412562310703197", "OPENVAS:1361412562310703253", "OPENVAS:136141256231070708", "OPENVAS:136141256231070711", "OPENVAS:136141256231070750", "OPENVAS:136141256231070756", "OPENVAS:136141256231070764", "OPENVAS:136141256231070768", "OPENVAS:136141256231071196", "OPENVAS:136141256231071259", "OPENVAS:136141256231071261", "OPENVAS:136141256231071273", "OPENVAS:136141256231071296", "OPENVAS:136141256231071308", "OPENVAS:136141256231071353", "OPENVAS:136141256231071374", "OPENVAS:136141256231071533", "OPENVAS:136141256231071585", "OPENVAS:136141256231072626", "OPENVAS:1361412562310800466", "OPENVAS:1361412562310800499", "OPENVAS:1361412562310800500", "OPENVAS:1361412562310804061", "OPENVAS:1361412562310805676", "OPENVAS:1361412562310806730", "OPENVAS:1361412562310806731", "OPENVAS:1361412562310806733", "OPENVAS:1361412562310806734", "OPENVAS:1361412562310830049", "OPENVAS:1361412562310830210", "OPENVAS:1361412562310830697", "OPENVAS:1361412562310830842", "OPENVAS:1361412562310830893", "OPENVAS:1361412562310830906", "OPENVAS:1361412562310830920", "OPENVAS:1361412562310830934", "OPENVAS:1361412562310830970", "OPENVAS:1361412562310830981", "OPENVAS:1361412562310830984", "OPENVAS:1361412562310831003", "OPENVAS:1361412562310831006", "OPENVAS:1361412562310831014", "OPENVAS:1361412562310831251", "OPENVAS:1361412562310831330", "OPENVAS:1361412562310831454", "OPENVAS:1361412562310831527", "OPENVAS:1361412562310831533", "OPENVAS:1361412562310831568", "OPENVAS:1361412562310831586", "OPENVAS:1361412562310831608", "OPENVAS:1361412562310831657", "OPENVAS:1361412562310831679", "OPENVAS:1361412562310835007", "OPENVAS:1361412562310835022", "OPENVAS:1361412562310835034", "OPENVAS:1361412562310835044", "OPENVAS:1361412562310835055", "OPENVAS:1361412562310835078", "OPENVAS:1361412562310835108", "OPENVAS:1361412562310835119", "OPENVAS:1361412562310835123", "OPENVAS:1361412562310835158", "OPENVAS:1361412562310835229", "OPENVAS:1361412562310835234", "OPENVAS:1361412562310835245", "OPENVAS:1361412562310835246", "OPENVAS:1361412562310835251", "OPENVAS:1361412562310840365", "OPENVAS:1361412562310840411", "OPENVAS:1361412562310840416", "OPENVAS:1361412562310840453", "OPENVAS:1361412562310840455", "OPENVAS:1361412562310840468", "OPENVAS:1361412562310840504", "OPENVAS:1361412562310840505", "OPENVAS:1361412562310840527", "OPENVAS:1361412562310840540", "OPENVAS:1361412562310840589", "OPENVAS:1361412562310840887", "OPENVAS:1361412562310840985", "OPENVAS:1361412562310840987", "OPENVAS:1361412562310841013", "OPENVAS:1361412562310841209", "OPENVAS:1361412562310841211", "OPENVAS:1361412562310841323", "OPENVAS:1361412562310841327", "OPENVAS:1361412562310841348", "OPENVAS:1361412562310841378", "OPENVAS:1361412562310841494", "OPENVAS:1361412562310841683", "OPENVAS:1361412562310841774", "OPENVAS:1361412562310841821", "OPENVAS:1361412562310841843", "OPENVAS:1361412562310841854", "OPENVAS:1361412562310841867", "OPENVAS:1361412562310841933", "OPENVAS:1361412562310842136", "OPENVAS:1361412562310850123", "OPENVAS:1361412562310850131", "OPENVAS:1361412562310850181", "OPENVAS:1361412562310850410", "OPENVAS:1361412562310850412", "OPENVAS:1361412562310850582", "OPENVAS:1361412562310850590", "OPENVAS:1361412562310850591", "OPENVAS:1361412562310850607", "OPENVAS:1361412562310850678", "OPENVAS:1361412562310850751", "OPENVAS:1361412562310850760", "OPENVAS:1361412562310850844", "OPENVAS:1361412562310850905", "OPENVAS:1361412562310850960", "OPENVAS:1361412562310850981", "OPENVAS:1361412562310851141", "OPENVAS:1361412562310851219", "OPENVAS:1361412562310851221", "OPENVAS:1361412562310851222", "OPENVAS:1361412562310851223", "OPENVAS:1361412562310851224", "OPENVAS:1361412562310851228", "OPENVAS:1361412562310855008", "OPENVAS:1361412562310855018", "OPENVAS:1361412562310855023", "OPENVAS:1361412562310855030", "OPENVAS:1361412562310855170", "OPENVAS:1361412562310855192", "OPENVAS:1361412562310855300", "OPENVAS:1361412562310855322", "OPENVAS:1361412562310855346", "OPENVAS:1361412562310855366", "OPENVAS:1361412562310855369", "OPENVAS:1361412562310855376", "OPENVAS:1361412562310855516", "OPENVAS:1361412562310855612", "OPENVAS:1361412562310855640", "OPENVAS:1361412562310855702", "OPENVAS:1361412562310855735", "OPENVAS:1361412562310855742", "OPENVAS:1361412562310855768", "OPENVAS:1361412562310855771", "OPENVAS:1361412562310855780", "OPENVAS:1361412562310855835", "OPENVAS:1361412562310855853", "OPENVAS:1361412562310861695", "OPENVAS:1361412562310861746", "OPENVAS:1361412562310861798", "OPENVAS:1361412562310861861", "OPENVAS:1361412562310861862", "OPENVAS:1361412562310861878", "OPENVAS:1361412562310861929", "OPENVAS:1361412562310861956", "OPENVAS:1361412562310862126", "OPENVAS:1361412562310862152", "OPENVAS:1361412562310862158", "OPENVAS:1361412562310862163", "OPENVAS:1361412562310862184", "OPENVAS:1361412562310862207", "OPENVAS:1361412562310862464", "OPENVAS:1361412562310862470", "OPENVAS:1361412562310862519", "OPENVAS:1361412562310862546", "OPENVAS:1361412562310862566", "OPENVAS:1361412562310862568", "OPENVAS:1361412562310862628", "OPENVAS:1361412562310862631", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310862737", "OPENVAS:1361412562310862849", "OPENVAS:1361412562310862920", "OPENVAS:1361412562310863060", "OPENVAS:1361412562310863070", "OPENVAS:1361412562310863499", "OPENVAS:1361412562310863683", "OPENVAS:1361412562310863704", "OPENVAS:1361412562310863838", "OPENVAS:1361412562310863945", "OPENVAS:1361412562310864019", "OPENVAS:1361412562310864137", "OPENVAS:1361412562310864153", "OPENVAS:1361412562310864192", "OPENVAS:1361412562310864229", "OPENVAS:1361412562310864279", "OPENVAS:1361412562310864283", "OPENVAS:1361412562310864325", "OPENVAS:1361412562310864327", "OPENVAS:1361412562310864390", "OPENVAS:1361412562310865421", "OPENVAS:1361412562310865434", "OPENVAS:1361412562310865516", "OPENVAS:1361412562310866899", "OPENVAS:1361412562310866977", "OPENVAS:1361412562310867186", "OPENVAS:1361412562310867187", "OPENVAS:1361412562310867229", "OPENVAS:1361412562310867235", "OPENVAS:1361412562310867295", "OPENVAS:1361412562310867344", "OPENVAS:1361412562310867386", "OPENVAS:1361412562310867676", "OPENVAS:1361412562310867679", "OPENVAS:1361412562310867688", "OPENVAS:1361412562310867701", "OPENVAS:1361412562310867767", "OPENVAS:1361412562310867768", "OPENVAS:1361412562310867850", "OPENVAS:1361412562310867851", "OPENVAS:1361412562310868079", "OPENVAS:1361412562310868082", "OPENVAS:1361412562310868415", "OPENVAS:1361412562310868417", "OPENVAS:1361412562310868456", "OPENVAS:1361412562310868477", "OPENVAS:1361412562310868705", "OPENVAS:1361412562310868855", "OPENVAS:1361412562310868936", "OPENVAS:1361412562310869117", "OPENVAS:1361412562310869125", "OPENVAS:1361412562310869342", "OPENVAS:1361412562310869465", "OPENVAS:1361412562310869605", "OPENVAS:1361412562310869719", "OPENVAS:1361412562310869732", "OPENVAS:1361412562310869740", "OPENVAS:1361412562310869742", "OPENVAS:1361412562310870209", "OPENVAS:1361412562310870235", "OPENVAS:1361412562310870236", "OPENVAS:1361412562310870237", "OPENVAS:1361412562310870238", "OPENVAS:1361412562310870240", "OPENVAS:1361412562310870243", "OPENVAS:1361412562310870250", "OPENVAS:1361412562310870340", "OPENVAS:1361412562310870532", "OPENVAS:1361412562310870540", "OPENVAS:1361412562310870578", "OPENVAS:1361412562310870589", "OPENVAS:1361412562310870609", "OPENVAS:1361412562310870633", "OPENVAS:1361412562310870668", "OPENVAS:1361412562310870745", "OPENVAS:1361412562310870916", "OPENVAS:1361412562310870924", "OPENVAS:1361412562310870926", "OPENVAS:1361412562310870944", "OPENVAS:1361412562310871109", "OPENVAS:1361412562310871154", "OPENVAS:1361412562310871172", "OPENVAS:1361412562310871174", "OPENVAS:1361412562310871176", "OPENVAS:1361412562310871183", "OPENVAS:1361412562310871188", "OPENVAS:1361412562310871226", "OPENVAS:1361412562310871339", "OPENVAS:1361412562310871340", "OPENVAS:1361412562310871353", "OPENVAS:1361412562310871569", "OPENVAS:1361412562310880380", "OPENVAS:1361412562310880382", "OPENVAS:1361412562310880385", "OPENVAS:1361412562310880386", "OPENVAS:1361412562310880601", "OPENVAS:1361412562310880611", "OPENVAS:1361412562310880612", "OPENVAS:1361412562310880630", "OPENVAS:1361412562310880641", "OPENVAS:1361412562310880647", "OPENVAS:1361412562310880658", "OPENVAS:1361412562310880691", "OPENVAS:1361412562310880706", "OPENVAS:1361412562310880738", "OPENVAS:1361412562310880739", "OPENVAS:1361412562310881066", "OPENVAS:1361412562310881096", "OPENVAS:1361412562310881100", "OPENVAS:1361412562310881108", "OPENVAS:1361412562310881134", "OPENVAS:1361412562310881151", "OPENVAS:1361412562310881156", "OPENVAS:1361412562310881190", "OPENVAS:1361412562310881239", "OPENVAS:1361412562310881602", "OPENVAS:1361412562310881606", "OPENVAS:1361412562310881610", "OPENVAS:1361412562310881611", "OPENVAS:1361412562310881620", "OPENVAS:1361412562310881669", "OPENVAS:1361412562310881857", "OPENVAS:1361412562310881918", "OPENVAS:1361412562310881939", "OPENVAS:1361412562310881943", "OPENVAS:1361412562310881944", "OPENVAS:1361412562310881946", "OPENVAS:1361412562310881987", "OPENVAS:1361412562310882132", "OPENVAS:1361412562310882147", "OPENVAS:1361412562310882163", "OPENVAS:1361412562310882412", "OPENVAS:1361412562310882414", "OPENVAS:1361412562310891518", "OPENVAS:1361412562310892621", "OPENVAS:1361412562310892622", "OPENVAS:1361412562310892626", "OPENVAS:1361412562310892627", "OPENVAS:1361412562310900247", "OPENVAS:1361412562310900653", "OPENVAS:1361412562310900654", "OPENVAS:1361412562310902466", "OPENVAS:1361412562311220191546", "OPENVAS:1361412562311220191547", "OPENVAS:1361412562311220191548", "OPENVAS:1361412562311220191861", "OPENVAS:1361412562311220191980", "OPENVAS:1361412562311220192509", "OPENVAS:1361412562311220201121", "OPENVAS:1361412562311220201637", "OPENVAS:1361412562311220201774", "OPENVAS:52470", "OPENVAS:52647", "OPENVAS:52691", "OPENVAS:53162", "OPENVAS:53291", "OPENVAS:53329", "OPENVAS:53361", "OPENVAS:53375", "OPENVAS:53677", "OPENVAS:53942", "OPENVAS:54528", "OPENVAS:54736", "OPENVAS:55572", "OPENVAS:55588", "OPENVAS:55636", "OPENVAS:55640", "OPENVAS:55751", "OPENVAS:55794", "OPENVAS:55796", "OPENVAS:55813", "OPENVAS:57326", "OPENVAS:57359", "OPENVAS:57360", "OPENVAS:57389", "OPENVAS:57405", "OPENVAS:57475", "OPENVAS:57478", "OPENVAS:57481", "OPENVAS:57491", "OPENVAS:57511", "OPENVAS:57698", "OPENVAS:57728", "OPENVAS:57883", "OPENVAS:57896", "OPENVAS:57904", "OPENVAS:57909", "OPENVAS:57950", "OPENVAS:58053", "OPENVAS:58634", "OPENVAS:58639", "OPENVAS:58645", "OPENVAS:58654", "OPENVAS:58709", "OPENVAS:61027", "OPENVAS:61041", "OPENVAS:61182", "OPENVAS:61470", "OPENVAS:63141", "OPENVAS:64118", "OPENVAS:64132", "OPENVAS:64196", "OPENVAS:64246", "OPENVAS:64247", "OPENVAS:64248", "OPENVAS:64323", "OPENVAS:64799", "OPENVAS:64920", "OPENVAS:64935", "OPENVAS:64948", "OPENVAS:64949", "OPENVAS:65067", "OPENVAS:65145", "OPENVAS:65185", "OPENVAS:65349", "OPENVAS:65556", "OPENVAS:65603", "OPENVAS:65668", "OPENVAS:65793", "OPENVAS:65974", "OPENVAS:66240", "OPENVAS:66241", "OPENVAS:66270", "OPENVAS:66274", "OPENVAS:66275", "OPENVAS:66278", "OPENVAS:66279", "OPENVAS:66285", "OPENVAS:66302", "OPENVAS:66310", "OPENVAS:66353", "OPENVAS:66370", "OPENVAS:66414", "OPENVAS:66449", "OPENVAS:66450", "OPENVAS:66451", "OPENVAS:66497", "OPENVAS:66498", "OPENVAS:66517", "OPENVAS:66557", "OPENVAS:66562", "OPENVAS:66563", "OPENVAS:66583", "OPENVAS:66585", "OPENVAS:67042", "OPENVAS:67045", "OPENVAS:67053", "OPENVAS:67218", "OPENVAS:68673", "OPENVAS:68703", "OPENVAS:68704", "OPENVAS:68921", "OPENVAS:68997", "OPENVAS:68998", "OPENVAS:69021", "OPENVAS:70248", "OPENVAS:702833", "OPENVAS:702837", "OPENVAS:702896", "OPENVAS:702908", "OPENVAS:702931", "OPENVAS:702950", "OPENVAS:703197", "OPENVAS:703253", "OPENVAS:70708", "OPENVAS:70711", "OPENVAS:70750", "OPENVAS:70756", "OPENVAS:70764", "OPENVAS:70768", "OPENVAS:71196", "OPENVAS:71259", "OPENVAS:71261", "OPENVAS:71273", "OPENVAS:71296", "OPENVAS:71308", "OPENVAS:71353", "OPENVAS:71374", "OPENVAS:71533", "OPENVAS:71585", "OPENVAS:72626", "OPENVAS:800466", "OPENVAS:800499", "OPENVAS:830049", "OPENVAS:830210", "OPENVAS:830697", "OPENVAS:830842", "OPENVAS:830893", "OPENVAS:830906", "OPENVAS:830920", "OPENVAS:830934", "OPENVAS:830970", "OPENVAS:830981", "OPENVAS:830984", "OPENVAS:831003", "OPENVAS:831006", "OPENVAS:831014", "OPENVAS:831251", "OPENVAS:831330", "OPENVAS:831454", "OPENVAS:831527", "OPENVAS:831533", "OPENVAS:831568", "OPENVAS:831586", "OPENVAS:831608", "OPENVAS:831657", "OPENVAS:831679", "OPENVAS:835007", "OPENVAS:835022", "OPENVAS:835034", "OPENVAS:835044", "OPENVAS:835055", "OPENVAS:835078", "OPENVAS:835108", "OPENVAS:835119", "OPENVAS:835123", "OPENVAS:835158", "OPENVAS:835229", "OPENVAS:835234", "OPENVAS:835245", "OPENVAS:835246", "OPENVAS:835251", "OPENVAS:840078", "OPENVAS:840138", "OPENVAS:840205", "OPENVAS:840365", "OPENVAS:840411", "OPENVAS:840416", "OPENVAS:840453", "OPENVAS:840455", "OPENVAS:840468", "OPENVAS:840504", "OPENVAS:840505", "OPENVAS:840527", "OPENVAS:840540", "OPENVAS:840589", "OPENVAS:840887", "OPENVAS:840985", "OPENVAS:840987", "OPENVAS:841013", "OPENVAS:841209", "OPENVAS:841211", "OPENVAS:841323", "OPENVAS:841327", "OPENVAS:841348", "OPENVAS:841378", "OPENVAS:841494", "OPENVAS:841683", "OPENVAS:841774", "OPENVAS:841821", "OPENVAS:850066", "OPENVAS:850123", "OPENVAS:850131", "OPENVAS:850181", "OPENVAS:850410", "OPENVAS:850412", "OPENVAS:850582", "OPENVAS:855008", "OPENVAS:855018", "OPENVAS:855023", "OPENVAS:855030", "OPENVAS:855170", "OPENVAS:855192", "OPENVAS:855300", "OPENVAS:855322", "OPENVAS:855346", "OPENVAS:855366", "OPENVAS:855369", "OPENVAS:855376", "OPENVAS:855516", "OPENVAS:855612", "OPENVAS:855640", "OPENVAS:855702", "OPENVAS:855735", "OPENVAS:855742", "OPENVAS:855768", "OPENVAS:855771", "OPENVAS:855780", "OPENVAS:855835", "OPENVAS:855853", "OPENVAS:860183", "OPENVAS:861074", "OPENVAS:861274", "OPENVAS:861429", "OPENVAS:861545", "OPENVAS:861695", "OPENVAS:861746", "OPENVAS:861798", "OPENVAS:861861", "OPENVAS:861862", "OPENVAS:861878", "OPENVAS:861929", "OPENVAS:861956", "OPENVAS:862126", "OPENVAS:862152", "OPENVAS:862158", "OPENVAS:862163", "OPENVAS:862184", "OPENVAS:862207", "OPENVAS:862464", "OPENVAS:862470", "OPENVAS:862519", "OPENVAS:862546", "OPENVAS:862566", "OPENVAS:862568", "OPENVAS:862628", "OPENVAS:862631", "OPENVAS:862721", "OPENVAS:862737", "OPENVAS:862849", "OPENVAS:862920", "OPENVAS:863060", "OPENVAS:863070", "OPENVAS:863499", "OPENVAS:863683", "OPENVAS:863704", "OPENVAS:863838", "OPENVAS:863945", "OPENVAS:864019", "OPENVAS:864137", "OPENVAS:864153", "OPENVAS:864192", "OPENVAS:864229", "OPENVAS:864279", "OPENVAS:864283", "OPENVAS:864325", "OPENVAS:864327", "OPENVAS:864390", "OPENVAS:865421", "OPENVAS:865434", "OPENVAS:865516", "OPENVAS:866899", "OPENVAS:866977", "OPENVAS:867186", "OPENVAS:867187", "OPENVAS:867229", "OPENVAS:867235", "OPENVAS:867295", "OPENVAS:867344", "OPENVAS:867386", "OPENVAS:867676", "OPENVAS:867679", "OPENVAS:867688", "OPENVAS:867701", "OPENVAS:867767", "OPENVAS:867768", "OPENVAS:870209", "OPENVAS:870235", "OPENVAS:870236", "OPENVAS:870237", "OPENVAS:870238", "OPENVAS:870240", "OPENVAS:870243", "OPENVAS:870250", "OPENVAS:870340", "OPENVAS:870532", "OPENVAS:870540", "OPENVAS:870578", "OPENVAS:870589", "OPENVAS:870609", "OPENVAS:870633", "OPENVAS:870668", "OPENVAS:870745", "OPENVAS:870916", "OPENVAS:870924", "OPENVAS:870926", "OPENVAS:870944", "OPENVAS:871109", "OPENVAS:871154", "OPENVAS:880380", "OPENVAS:880382", "OPENVAS:880385", "OPENVAS:880386", "OPENVAS:880601", "OPENVAS:880611", "OPENVAS:880612", "OPENVAS:880630", "OPENVAS:880641", "OPENVAS:880647", "OPENVAS:880658", "OPENVAS:880691", "OPENVAS:880706", "OPENVAS:880738", "OPENVAS:880739", "OPENVAS:881066", "OPENVAS:881096", "OPENVAS:881100", "OPENVAS:881108", "OPENVAS:881134", "OPENVAS:881151", "OPENVAS:881156", "OPENVAS:881190", "OPENVAS:881239", "OPENVAS:881602", "OPENVAS:881606", "OPENVAS:881610", "OPENVAS:881611", "OPENVAS:881620", "OPENVAS:881669", "OPENVAS:881857", "OPENVAS:881918", "OPENVAS:892621", "OPENVAS:892622", "OPENVAS:892626", "OPENVAS:892627", "OPENVAS:900247", "OPENVAS:900654", "OPENVAS:902466"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2011-301950", "ORACLE:CPUAPR2017", "ORACLE:CPUAPR2017-3236618", "ORACLE:CPUJAN2011-194091", "ORACLE:CPUJAN2015", "ORACLE:CPUJAN2015-1972971", "ORACLE:CPUJAN2016", "ORACLE:CPUJAN2016-2367955", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2018-3236628", "ORACLE:CPUJUL2010-155308", "ORACLE:CPUJUL2014-1972956", "ORACLE:CPUJUL2015", "ORACLE:CPUJUL2015-2367936", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2016-2881720", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2017-3236622", "ORACLE:CPUOCT2010-175626", "ORACLE:CPUOCT2013-1899837", "ORACLE:CPUOCT2014-1972960", "ORACLE:CPUOCT2015", "ORACLE:CPUOCT2015-2367953", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2016-2881722", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2017-3236626"]}, {"type": "oraclelinux", "idList": ["ELSA-2006-0661", "ELSA-2006-0695", "ELSA-2007-0813", "ELSA-2007-0964", "ELSA-2007-1003", "ELSA-2009-1335", "ELSA-2009-1579", "ELSA-2009-1580", "ELSA-2010-0054", "ELSA-2010-0162", "ELSA-2010-0163", "ELSA-2010-0164", "ELSA-2010-0165", "ELSA-2010-0166", "ELSA-2010-0167", "ELSA-2010-0339", "ELSA-2010-0768", "ELSA-2010-0979", "ELSA-2011-0677", "ELSA-2011-1409", "ELSA-2012-0059", "ELSA-2012-0060", "ELSA-2012-0086", "ELSA-2012-0426", "ELSA-2012-0518", "ELSA-2012-0699", "ELSA-2012-2011", "ELSA-2013-0273", "ELSA-2013-0274", "ELSA-2013-0275", "ELSA-2013-0587", "ELSA-2014-0015", "ELSA-2014-0376", "ELSA-2014-0624", "ELSA-2014-0625", "ELSA-2014-0626", "ELSA-2014-0679", "ELSA-2014-0680", "ELSA-2014-1053", "ELSA-2014-1652", "ELSA-2014-1653", "ELSA-2014-3040", "ELSA-2015-0715", "ELSA-2015-0716", "ELSA-2015-0800", "ELSA-2015-1115", "ELSA-2015-2617", "ELSA-2016-0372", "ELSA-2016-3621", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:DLA-0003-1", "OSV:DLA-0008-1", "OSV:DLA-1518-1", "OSV:DLA-177-1", "OSV:DLA-400-1", "OSV:DSA-1173-1", "OSV:DSA-1174-1", "OSV:DSA-1185-2", "OSV:DSA-1195-1", "OSV:DSA-1379-1", "OSV:DSA-1571-1", "OSV:DSA-1888-1", "OSV:DSA-1934-1", "OSV:DSA-1970-1", "OSV:DSA-2125-1", "OSV:DSA-2141-1", "OSV:DSA-2141-2", "OSV:DSA-2162-1", "OSV:DSA-2390-1", "OSV:DSA-2392-1", "OSV:DSA-2454-1", "OSV:DSA-2454-2", "OSV:DSA-2475-1", "OSV:DSA-253", "OSV:DSA-2579-1", "OSV:DSA-2621-1", "OSV:DSA-2622-1", "OSV:DSA-2626-1", "OSV:DSA-2627-1", "OSV:DSA-2833-1", "OSV:DSA-2837-1", "OSV:DSA-288", "OSV:DSA-2896-1", "OSV:DSA-2908-1", "OSV:DSA-2931-1", "OSV:DSA-2950-1", "OSV:DSA-3197-1", "OSV:DSA-3197-2", "OSV:DSA-3253-1", "OSV:DSA-393", "OSV:DSA-394", "OSV:DSA-465", "OSV:DSA-603-1", "OSV:DSA-875-1", "OSV:DSA-881-1", "OSV:DSA-882-1", "OSV:DSA-888-1", "OSV:GHSA-8353-FGCR-XFHX"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:126065", "PACKETSTORM:126069", "PACKETSTORM:126070", "PACKETSTORM:126072", "PACKETSTORM:126101", "PACKETSTORM:126288", "PACKETSTORM:126308", "PACKETSTORM:132254", "PACKETSTORM:151177", "PACKETSTORM:62019", "PACKETSTORM:84112"]}, {"type": "paloalto", "idList": ["PAN-SA-2012-0017", "PAN-SA-2014-0003"]}, {"type": "qt", "idList": ["QT:AA25C9F2A179C07C68BE4260EC5E6C9C"]}, {"type": "rapid7community", "idList": ["RAPID7COMMUNITY:2D16953CACCA4F69B642B05183F60758", "RAPID7COMMUNITY:D35B422CE8C15A23745FD83E2205F7C7"]}, {"type": "redhat", "idList": ["RHSA-2003:063", "RHSA-2003:102", "RHSA-2003:293", "RHSA-2004:120", "RHSA-2005:476", "RHSA-2005:800", "RHSA-2005:829", "RHSA-2005:830", "RHSA-2006:0661", "RHSA-2006:0695", "RHSA-2007:0062", "RHSA-2007:0072", "RHSA-2007:0073", "RHSA-2007:0813", "RHSA-2007:0964", "RHSA-2007:1003", "RHSA-2008:0264", "RHSA-2008:0525", "RHSA-2008:0629", "RHSA-2009:1335", "RHSA-2009:1579", "RHSA-2009:1580", "RHSA-2009:1694", "RHSA-2010:0011", "RHSA-2010:0054", "RHSA-2010:0095", "RHSA-2010:0119", "RHSA-2010:0130", "RHSA-2010:0155", "RHSA-2010:0162", "RHSA-2010:0163", "RHSA-2010:0164", "RHSA-2010:0165", "RHSA-2010:0166", "RHSA-2010:0167", "RHSA-2010:0337", "RHSA-2010:0338", "RHSA-2010:0339", "RHSA-2010:0408", "RHSA-2010:0440", "RHSA-2010:0768", "RHSA-2010:0770", "RHSA-2010:0786", "RHSA-2010:0807", "RHSA-2010:0865", "RHSA-2010:0888", "RHSA-2010:0986", "RHSA-2010:0987", "RHSA-2011:0677", "RHSA-2011:0880", "RHSA-2011:1409", "RHSA-2012:0059", "RHSA-2012:0060", "RHSA-2012:0086", "RHSA-2012:0109", "RHSA-2012:0168", "RHSA-2012:0426", "RHSA-2012:0488", "RHSA-2012:0518", "RHSA-2012:0522", "RHSA-2012:0531", "RHSA-2012:0699", "RHSA-2012:1306", "RHSA-2012:1307", "RHSA-2012:1308", "RHSA-2013:0273", "RHSA-2013:0274", "RHSA-2013:0275", "RHSA-2013:0531", "RHSA-2013:0532", "RHSA-2013:0587", "RHSA-2013:0636", "RHSA-2013:0783", "RHSA-2013:0822", "RHSA-2013:0823", "RHSA-2013:0833", "RHSA-2013:0855", "RHSA-2013:1455", "RHSA-2013:1456", "RHSA-2014:0015", "RHSA-2014:0041", "RHSA-2014:0376", "RHSA-2014:0377", "RHSA-2014:0378", "RHSA-2014:0396", "RHSA-2014:0416", "RHSA-2014:0624", "RHSA-2014:0625", "RHSA-2014:0626", "RHSA-2014:0627", "RHSA-2014:0628", "RHSA-2014:0629", "RHSA-2014:0630", "RHSA-2014:0631", "RHSA-2014:0632", "RHSA-2014:0679", "RHSA-2014:0680", "RHSA-2014:1053", "RHSA-2015:0715", "RHSA-2015:0716", "RHSA-2015:0752", "RHSA-2015:0800", "RHSA-2015:1591", "RHSA-2016:0303", "RHSA-2016:0304", "RHSA-2016:0306", "RHSA-2016:0372", "RHSA-2016:0445", "RHSA-2016:0446", "RHSA-2016:0490", "RHSA-2016:2957", "RHSA-2020:4298"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:14146", "SECURITYVULNS:DOC:14292", "SECURITYVULNS:DOC:14486", "SECURITYVULNS:DOC:14920", "SECURITYVULNS:DOC:17750", "SECURITYVULNS:DOC:18187", "SECURITYVULNS:DOC:18695", "SECURITYVULNS:DOC:18820", "SECURITYVULNS:DOC:19438", "SECURITYVULNS:DOC:21866", "SECURITYVULNS:DOC:22079", "SECURITYVULNS:DOC:22763", "SECURITYVULNS:DOC:22777", "SECURITYVULNS:DOC:22982", "SECURITYVULNS:DOC:23048", "SECURITYVULNS:DOC:23220", "SECURITYVULNS:DOC:23561", "SECURITYVULNS:DOC:23588", "SECURITYVULNS:DOC:23678", "SECURITYVULNS:DOC:23702", "SECURITYVULNS:DOC:23750", "SECURITYVULNS:DOC:23890", "SECURITYVULNS:DOC:24227", "SECURITYVULNS:DOC:24282", "SECURITYVULNS:DOC:24448", "SECURITYVULNS:DOC:24771", "SECURITYVULNS:DOC:24895", "SECURITYVULNS:DOC:25720", "SECURITYVULNS:DOC:26212", "SECURITYVULNS:DOC:26596", "SECURITYVULNS:DOC:27870", "SECURITYVULNS:DOC:27881", "SECURITYVULNS:DOC:27941", "SECURITYVULNS:DOC:28007", "SECURITYVULNS:DOC:28164", "SECURITYVULNS:DOC:28706", "SECURITYVULNS:DOC:28779", "SECURITYVULNS:DOC:29043", "SECURITYVULNS:DOC:29464", "SECURITYVULNS:DOC:29601", "SECURITYVULNS:DOC:29602", "SECURITYVULNS:DOC:29603", "SECURITYVULNS:DOC:29623", "SECURITYVULNS:DOC:29856", "SECURITYVULNS:DOC:29893", "SECURITYVULNS:DOC:30023", "SECURITYVULNS:DOC:30155", "SECURITYVULNS:DOC:30448", "SECURITYVULNS:DOC:30449", "SECURITYVULNS:DOC:30469", "SECURITYVULNS:DOC:30471", "SECURITYVULNS:DOC:30472", "SECURITYVULNS:DOC:30473", "SECURITYVULNS:DOC:30474", "SECURITYVULNS:DOC:30475", "SECURITYVULNS:DOC:30476", "SECURITYVULNS:DOC:30477", "SECURITYVULNS:DOC:30478", "SECURITYVULNS:DOC:30479", "SECURITYVULNS:DOC:30480", "SECURITYVULNS:DOC:30481", "SECURITYVULNS:DOC:30493", "SECURITYVULNS:DOC:30494", "SECURITYVULNS:DOC:30495", "SECURITYVULNS:DOC:30496", "SECURITYVULNS:DOC:30497", "SECURITYVULNS:DOC:30498", "SECURITYVULNS:DOC:30499", "SECURITYVULNS:DOC:30500", "SECURITYVULNS:DOC:30501", "SECURITYVULNS:DOC:30502", "SECURITYVULNS:DOC:30503", "SECURITYVULNS:DOC:30504", "SECURITYVULNS:DOC:30505", "SECURITYVULNS:DOC:30506", "SECURITYVULNS:DOC:30507", "SECURITYVULNS:DOC:30508", "SECURITYVULNS:DOC:30509", "SECURITYVULNS:DOC:30510", "SECURITYVULNS:DOC:30511", "SECURITYVULNS:DOC:30512", "SECURITYVULNS:DOC:30519", "SECURITYVULNS:DOC:30520", "SECURITYVULNS:DOC:30522", "SECURITYVULNS:DOC:30523", "SECURITYVULNS:DOC:30524", "SECURITYVULNS:DOC:30525", "SECURITYVULNS:DOC:30526", "SECURITYVULNS:DOC:30530", "SECURITYVULNS:DOC:30537", "SECURITYVULNS:DOC:30539", "SECURITYVULNS:DOC:30553", "SECURITYVULNS:DOC:30685", "SECURITYVULNS:DOC:30696", "SECURITYVULNS:DOC:30771", "SECURITYVULNS:DOC:30776", "SECURITYVULNS:DOC:31041", "SECURITYVULNS:DOC:31090", "SECURITYVULNS:DOC:31682", "SECURITYVULNS:DOC:32267", "SECURITYVULNS:DOC:32423", "SECURITYVULNS:DOC:32493", "SECURITYVULNS:DOC:32494", "SECURITYVULNS:DOC:32514", "SECURITYVULNS:DOC:32522", "SECURITYVULNS:DOC:4102", "SECURITYVULNS:DOC:4128", "SECURITYVULNS:DOC:4222", "SECURITYVULNS:DOC:4245", "SECURITYVULNS:DOC:5177", "SECURITYVULNS:DOC:5178", "SECURITYVULNS:DOC:5186", "SECURITYVULNS:DOC:5915", "SECURITYVULNS:DOC:5919", "SECURITYVULNS:DOC:8618", "SECURITYVULNS:DOC:8624", "SECURITYVULNS:DOC:8692", "SECURITYVULNS:DOC:9901", "SECURITYVULNS:VULN:10014", "SECURITYVULNS:VULN:10388", "SECURITYVULNS:VULN:10519", "SECURITYVULNS:VULN:10745", "SECURITYVULNS:VULN:10790", "SECURITYVULNS:VULN:10999", "SECURITYVULNS:VULN:11198", "SECURITYVULNS:VULN:11264", "SECURITYVULNS:VULN:11380", "SECURITYVULNS:VULN:11435", "SECURITYVULNS:VULN:11620", "SECURITYVULNS:VULN:11624", "SECURITYVULNS:VULN:11754", "SECURITYVULNS:VULN:11981", "SECURITYVULNS:VULN:12150", "SECURITYVULNS:VULN:12306", "SECURITYVULNS:VULN:12332", "SECURITYVULNS:VULN:12383", "SECURITYVULNS:VULN:12425", "SECURITYVULNS:VULN:12679", "SECURITYVULNS:VULN:12729", "SECURITYVULNS:VULN:12873", "SECURITYVULNS:VULN:12887", "SECURITYVULNS:VULN:13126", "SECURITYVULNS:VULN:13186", "SECURITYVULNS:VULN:13198", "SECURITYVULNS:VULN:13310", "SECURITYVULNS:VULN:13422", "SECURITYVULNS:VULN:13478", "SECURITYVULNS:VULN:13663", "SECURITYVULNS:VULN:13679", "SECURITYVULNS:VULN:13690", "SECURITYVULNS:VULN:13708", "SECURITYVULNS:VULN:13810", "SECURITYVULNS:VULN:13868", "SECURITYVULNS:VULN:13971", "SECURITYVULNS:VULN:14031", "SECURITYVULNS:VULN:14233", "SECURITYVULNS:VULN:14333", "SECURITYVULNS:VULN:14562", "SECURITYVULNS:VULN:14601", "SECURITYVULNS:VULN:14696", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14755", "SECURITYVULNS:VULN:6663", "SECURITYVULNS:VULN:8033", "SECURITYVULNS:VULN:8250", "SECURITYVULNS:VULN:9726", "SECURITYVULNS:VULN:9925"]}, {"type": "seebug", "idList": ["SSV:11330", "SSV:11378", "SSV:11490", "SSV:11530", "SSV:12600", "SSV:12673", "SSV:15088", "SSV:17956", "SSV:18637", "SSV:19727", "SSV:19735", "SSV:19736", "SSV:2066", "SSV:2297", "SSV:3348", "SSV:60076", "SSV:61276", "SSV:62086", "SSV:62180", "SSV:62181", "SSV:62182", "SSV:62185", "SSV:62186", "SSV:62187", "SSV:62188", "SSV:62189", "SSV:62190", "SSV:62192", "SSV:62197", "SSV:62198", "SSV:62199", "SSV:62238", "SSV:62239", "SSV:62240", "SSV:62241", "SSV:62244", "SSV:62245", "SSV:623", "SSV:65057", "SSV:66544", "SSV:66601", "SSV:67231", "SSV:72797", "SSV:7704", "SSV:82273", "SSV:86019", "SSV:86038", "SSV:86061", "SSV:86255", "SSV:92577", "SSV:95013"]}, {"type": "slackware", "idList": ["SSA-2004-077-01", "SSA-2005-286-01", "SSA-2006-257-02", "SSA-2006-272-01", "SSA-2006-310-01", "SSA-2008-210-08", "SSA-2009-320-01", "SSA-2010-067-01", "SSA-2010-326-01", "SSA-2011-041-04", "SSA-2013-040-01", "SSA-2013-042-01", "SSA-2014-013-02", "SSA-2014-098-01", "SSA-2014-156-03", "SSA-2015-111-09"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0845-1", "OPENSUSE-SU-2012:0083-1", "OPENSUSE-SU-2013:0375-1", "OPENSUSE-SU-2013:0378-1", "OPENSUSE-SU-2014:0492-1", "OPENSUSE-SU-2014:0764-1", "OPENSUSE-SU-2014:0765-1", "OPENSUSE-SU-2014:1100-1", "OPENSUSE-SU-2015:1277-1", "OPENSUSE-SU-2015:2243-1", "OPENSUSE-SU-2016:0628-1", "OPENSUSE-SU-2016:0637-1", "OPENSUSE-SU-2016:0638-1", "OPENSUSE-SU-2016:0640-1", "OPENSUSE-SU-2016:0720-1", "SUSE-SA:2003:011", "SUSE-SA:2003:024", "SUSE-SA:2003:043", "SUSE-SA:2004:007", "SUSE-SA:2005:061", "SUSE-SA:2006:055", "SUSE-SA:2006:058", "SUSE-SA:2006:061", "SUSE-SA:2007:010", "SUSE-SA:2009:057", "SUSE-SA:2010:008", "SUSE-SA:2010:020", "SUSE-SA:2010:021", "SUSE-SA:2010:028", "SUSE-SA:2010:061", "SUSE-SA:2011:006", "SUSE-SU-2011:0847-1", "SUSE-SU-2012:0084-1", "SUSE-SU-2012:0623-1", "SUSE-SU-2012:0637-1", "SUSE-SU-2012:0674-1", "SUSE-SU-2012:0678-1", "SUSE-SU-2012:0679-1", "SUSE-SU-2012:1149-1", "SUSE-SU-2012:1149-2", "SUSE-SU-2013:0328-1", "SUSE-SU-2013:0701-1", "SUSE-SU-2013:0701-2", "SUSE-SU-2014:0320-1", "SUSE-SU-2014:0759-1", "SUSE-SU-2014:0759-2", "SUSE-SU-2014:0761-1", "SUSE-SU-2014:0762-1", "SUSE-SU-2014:0768-1", "SUSE-SU-2015:0541-1", "SUSE-SU-2015:0553-1", "SUSE-SU-2015:0553-2", "SUSE-SU-2015:0578-1", "SUSE-SU-2015:0620-1", "SUSE-SU-2015:0743-1", "SUSE-SU-2016:0617-1", "SUSE-SU-2016:0620-1", "SUSE-SU-2016:0621-1", "SUSE-SU-2016:0624-1", "SUSE-SU-2016:0631-1", "SUSE-SU-2016:0641-1", "SUSE-SU-2016:0678-1", "SUSE-SU-2016:0748-1", "SUSE-SU-2016:0778-1", "SUSE-SU-2016:0786-1", "SUSE-SU-2016:1057-1"]}, {"type": "symantec", "idList": ["SMNTC-1363", "SMNTC-1364"]}, {"type": "thn", "idList": ["THN:0F7112302CBABF46D19CACCCFA6103C5", "THN:11ACCB96E6DF3B8769AC3B63D2F85776", "THN:244769C413FFA5BE647D8F6F93431B74", "THN:3E9A13AAEA7FDC38D7BD8A148F19663D", "THN:4868B616BCBA555DA2446F6F0EA837B0", "THN:847F48AE6816E6BFF25355FC0EA7439A", "THN:87650195BF482879C3C258B474B11411", "THN:8D999AEE5218AD3BFA68E5ACE101F201", "THN:D2B91981A95FA63440BEC1909D1FAE82", "THN:EBCB003D7DB7BD8BF73239F9718C6126", "THN:F450AB9C3FB6FDB4B44FC6D9EE5E9AD4"]}, {"type": "threatpost", "idList": ["THREATPOST:15624C23F5CD5AC1029501D08A99D294", "THREATPOST:2C5C82CF691D70F64A14DA1BEC242DD5", "THREATPOST:79FD5014002E21B53F4970E1583AB7F2", "THREATPOST:9012A325F248438FAC15C4FB3082A796", "THREATPOST:9982AC17285494A6CE329FC5C04DD84A", "THREATPOST:9D9869F89AC0737D7BCF95D2D1CF13F8", "THREATPOST:A5161FD8579FC8D6BD28F429682A17F9", "THREATPOST:ADCFAD1BAEEB329FD319FED1F0A4A6E2", "THREATPOST:B5CB39945899ADD3A3D3790E21175180", "THREATPOST:D533EB88E7D7596BACF9A448FE23A374", "THREATPOST:DA06EE238F79D261C0FCB61902F3CDBD", "THREATPOST:F992B1B74265E26E8C7499D1F03622D7"]}, {"type": "ubuntu", "idList": ["USN-1010-1", "USN-1018-1", "USN-1064-1", "USN-131-1", "USN-1357-1", "USN-1424-1", "USN-1428-1", "USN-1451-1", "USN-1627-1", "USN-1628-1", "USN-1732-1", "USN-1732-2", "USN-1732-3", "USN-1735-1", "USN-1898-1", "USN-204-1", "USN-2079-1", "USN-2165-1", "USN-2192-1", "USN-2232-1", "USN-2232-2", "USN-2232-3", "USN-2232-4", "USN-24-1", "USN-2537-1", "USN-339-1", "USN-353-1", "USN-353-2", "USN-522-1", "USN-534-1", "USN-620-1", "USN-792-1", "USN-860-1", "USN-884-1", "USN-923-1", "USN-927-1", "USN-927-4", "USN-927-6", "USN-990-1", "USN-990-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2003-0078", "UB:CVE-2003-0131", "UB:CVE-2003-0147", "UB:CVE-2003-0543", "UB:CVE-2003-0544", "UB:CVE-2003-0545", "UB:CVE-2004-0079", "UB:CVE-2004-0975", "UB:CVE-2005-0109", "UB:CVE-2005-2946", "UB:CVE-2005-2969", "UB:CVE-2006-2937", "UB:CVE-2006-2940", "UB:CVE-2006-3738", "UB:CVE-2006-4339", "UB:CVE-2006-4340", "UB:CVE-2006-4343", "UB:CVE-2006-4790", "UB:CVE-2007-3108", "UB:CVE-2007-4995", "UB:CVE-2007-5135", "UB:CVE-2008-0891", "UB:CVE-2008-1672", "UB:CVE-2009-1377", "UB:CVE-2009-1378", "UB:CVE-2009-1379", "UB:CVE-2009-3555", "UB:CVE-2009-4355", "UB:CVE-2010-0742", "UB:CVE-2010-1633", "UB:CVE-2010-3864", "UB:CVE-2010-5298", "UB:CVE-2011-0014", "UB:CVE-2011-3207", "UB:CVE-2011-4108", "UB:CVE-2011-4576", "UB:CVE-2011-4577", "UB:CVE-2011-4619", "UB:CVE-2012-0050", "UB:CVE-2012-0390", "UB:CVE-2012-0884", "UB:CVE-2012-1165", "UB:CVE-2012-2110", "UB:CVE-2012-2131", "UB:CVE-2012-2333", "UB:CVE-2012-2686", "UB:CVE-2012-4929", "UB:CVE-2013-0166", "UB:CVE-2013-0169", "UB:CVE-2013-1619", "UB:CVE-2013-1620", "UB:CVE-2013-1621", "UB:CVE-2013-1623", "UB:CVE-2013-1624", "UB:CVE-2013-2116", "UB:CVE-2013-3587", "UB:CVE-2013-4353", "UB:CVE-2013-6449", "UB:CVE-2013-6450", "UB:CVE-2014-0160", "UB:CVE-2014-0195", "UB:CVE-2014-0198", "UB:CVE-2014-0221", "UB:CVE-2014-0224", "UB:CVE-2014-3470", "UB:CVE-2015-0209", "UB:CVE-2015-0286", "UB:CVE-2015-0287", "UB:CVE-2015-0288", "UB:CVE-2015-0289", "UB:CVE-2015-0292", "UB:CVE-2015-0293", "UB:CVE-2016-2107", "UB:CVE-2018-0497"]}, {"type": "veracode", "idList": ["VERACODE:23818", "VERACODE:23962", "VERACODE:23963", "VERACODE:23964", "VERACODE:24138", "VERACODE:24610", "VERACODE:24821", "VERACODE:24822", "VERACODE:24864", "VERACODE:24954", "VERACODE:24976"]}, {"type": "vmware", "idList": ["VMSA-2008-0001", "VMSA-2008-0001.1", "VMSA-2008-0005", "VMSA-2008-0005.1", "VMSA-2008-0013", "VMSA-2008-0013.4", "VMSA-2010-0004", "VMSA-2010-0004.5", "VMSA-2010-0009", "VMSA-2010-0009.2", "VMSA-2010-0015", "VMSA-2010-0015.1", "VMSA-2010-0019", "VMSA-2010-0019.3", "VMSA-2012-0013", "VMSA-2012-0013.2", "VMSA-2013-0003", "VMSA-2013-0009", "VMSA-2013-0009.3", "VMSA-2014-0004", "VMSA-2014-0004.7", "VMSA-2014-0006", "VMSA-2014-0006.11"]}, {"type": "vulnerlab", "idList": ["VULNERABLE:1254", "VULNERABLE:967", "VULNERLAB:1254", "VULNERLAB:967"]}, {"type": "zdi", "idList": ["ZDI-14-173"]}, {"type": "zdt", "idList": ["1337DAY-ID-22114", "1337DAY-ID-22118", "1337DAY-ID-22122", "1337DAY-ID-22129", "1337DAY-ID-22172"]}]}, "score": {"value": 0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSH_ADVISORY2.ASC", "OPENSSL_ADVISORY3.ASC"]}, {"type": "amazon", "idList": ["ALAS-2011-004", "ALAS-2012-085", "ALAS-2014-320", "ALAS-2014-350"]}, {"type": "archlinux", "idList": ["ASA-201605-3"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-38927"]}, {"type": "attackerkb", "idList": ["AKB:38A528B1-7F68-45C8-911E-1D3F8DC5EDB4"]}, {"type": "avleonov", "idList": ["AVLEONOV:A9AB661A53F0E9B8923DE780E6F05F48"]}, {"type": "centos", "idList": ["CESA-2009:1335", "CESA-2009:1579", "CESA-2009:1580", "CESA-2010:0054", "CESA-2010:0162", "CESA-2010:0163", "CESA-2010:0164", "CESA-2010:0165", "CESA-2010:0166", "CESA-2010:0167", "CESA-2010:0339", "CESA-2010:0768", "CESA-2012:0059", "CESA-2012:0060", "CESA-2012:0086", "CESA-2012:0426", "CESA-2012:0518", "CESA-2012:0699", "CESA-2013:0273", "CESA-2013:0274", "CESA-2013:0275", "CESA-2013:0587", "CESA-2014:0015", "CESA-2014:0376", "CESA-2014:0624", "CESA-2014:0625", "CESA-2014:0626", "CESA-2014:1053", "CESA-2015:0715", "CESA-2015:0716", "CESA-2015:0800", "CESA-2016:0372"]}, {"type": "cert", "idList": ["VU:423396", "VU:465542", "VU:484726", "VU:661475"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2009-0308", "CPAI-2014-1170", "CPAI-2014-1173", "CPAI-2014-1336", "CPAI-2014-1616"]}, {"type": "checkpoint_security", "idList": ["CPS:SK100173", "CPS:SK101186", "CPS:SK32088", "CPS:SK32188", "CPS:SK32230", "CPS:SK33695", "CPS:SK33701", "CPS:SK33702", "CPS:SK33771", "CPS:SK35708", "CPS:SK71821", "CPS:SK76360", "CPS:SK86443"]}, {"type": "chrome", "idList": ["GCSA-4830242147321115275"]}, {"type": "cisco", "idList": ["CISCO-SA-20091105-CVE-2009-3555", "CISCO-SA-20150320-OPENSSL"]}, {"type": "citrix", "idList": ["CTX140605"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:2612C84317452E216670EAF7C553C9D4"]}, {"type": "cve", "idList": ["CVE-2003-0078", "CVE-2003-0131", "CVE-2003-0147", "CVE-2003-0543", "CVE-2003-0544", "CVE-2003-0545", "CVE-2004-0079", "CVE-2004-0112", "CVE-2004-0975"]}, {"type": "debian", "idList": ["DEBIAN:DLA-400-1:76CCE", "DEBIAN:DSA-1934-1:699DB", "DEBIAN:DSA-2125-1:26495", "DEBIAN:DSA-2141-4:01EC7", "DEBIAN:DSA-253-1:CEE72", "DEBIAN:DSA-2579-1:8CFD9", "DEBIAN:DSA-2622-1:EE504", "DEBIAN:DSA-2837-1:B2C11", "DEBIAN:DSA-2896-1:B52FE", "DEBIAN:DSA-2950-1:15DF5"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2003-0545", "DEBIANCVE:CVE-2005-2946", "DEBIANCVE:CVE-2010-1633", "DEBIANCVE:CVE-2010-3864", "DEBIANCVE:CVE-2011-4619", "DEBIANCVE:CVE-2013-0169", "DEBIANCVE:CVE-2013-4353", "DEBIANCVE:CVE-2014-0195", "DEBIANCVE:CVE-2015-0292"]}, {"type": "exploitdb", "idList": ["EDB-ID:32998"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:8B4E7E8DAE5A13C8250C6C33307CD66C", "EXPLOITPACK:B68BB9381148CAC1A9824EB84CA5D160"]}, {"type": "f5", "idList": ["F5:K15325", "F5:K15329", "F5:K16319", "F5:K16321", "F5:K6734", "F5:K8108", "SOL10737", "SOL12566", "SOL13597", "SOL13598", "SOL14054", "SOL14059", "SOL14190", "SOL14261", "SOL15147", "SOL15158", "SOL15159", "SOL15180", "SOL15305", "SOL15314", "SOL15318", "SOL15325", "SOL15328", "SOL15329", "SOL15343", "SOL15350", "SOL15355", "SOL15356", "SOL15359", "SOL15366", "SOL15388", "SOL15389", "SOL15401", "SOL15405", "SOL15417", "SOL15461", "SOL15630", "SOL15637", "SOL15721", "SOL16285", "SOL16317", "SOL17248", "SOL17454", "SOL2319", "SOL2355", "SOL2379", "SOL5533", "SOL6623", "SOL6734", "SOL8106", "SOL8108", "SOL8837"]}, {"type": "fedora", "idList": ["FEDORA:37F8D10F892", "FEDORA:4853B37D0F", "FEDORA:679F221C24", "FEDORA:997B660D68A4", "FEDORA:A271421BA0", "FEDORA:C411B20546", "FEDORA:C42A8110D0A", "FEDORA:C6E3221DBD", "FEDORA:C8F7F110906", "FEDORA:DDD696087CE5", "FEDORA:F1AD728EDBF", "FEDORA:L76HVKWG014544", "FEDORA:L7DLNCJX011059"]}, {"type": "fortinet", "idList": ["FG-IR-14-018"]}, {"type": "freebsd", "idList": ["00B0D8CD-7097-11E2-98D9-003067C2616F", "077C2DCA-8F9A-11DB-AB33-000E0C2E438A", "0B8D7194-CA88-11E3-9D8D-C80AA9043978", "0F37D765-C5D4-11DB-9F82-000E0C2E438A", "180E9A38-060F-4C16-A6B7-49F3505FF22A", "1959E847-D4F0-11E3-84B0-0018FE623F2B", "1FE734BF-4A06-11DB-B48D-00508D6A62DF", "2AE114DE-C064-11E1-B5E0-000C299B62E1", "2ECB7B20-D97E-11E0-B2E2-00215C6A37BB", "3042C33A-F237-11DF-9D02-0018FE623F2B", "5631AE98-BE9E-11E3-B5E3-C80AA9043978", "5AAA257E-772D-11E3-A65A-3C970E169BC2", "5C5F19CE-43AF-11E1-89B4-001EC9578670", "60E26A40-3B25-11DA-9484-00123FFE8333", "60EB344E-6EB1-11E1-8AD7-00E0815B8DA8", "68233CBA-7774-11D8-89ED-0020ED76EF5A", "69BFC852-9BD0-11E2-A7BE-8C705AF55518", "7184F92E-8BB8-11E1-8D7B-003067B2972C", "78CC8A46-3E56-11E1-89B4-001EC9578670", "82B55DF8-4D5A-11DE-8811-0030843D3802", "9CCFEE39-3C3B-11DF-9EDC-000F20797EDE", "C97D7A37-2233-11DF-96DD-001B2134EF46", "DBA5D1C9-9F29-11E1-B511-003067C2616F"]}, {"type": "gentoo", "idList": ["GLSA-200609-05", "GLSA-200612-11", "GLSA-201006-18", "GLSA-201203-12", "GLSA-201408-19"]}, {"type": "githubexploit", "idList": ["ECC3E825-EE29-59D3-BE28-1B30DB15940E"]}, {"type": "hackerone", "idList": ["H1:49139", "H1:73236"]}, {"type": "hp", "idList": ["HP:C04262495"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20140417-HEARTBLEED"]}, {"type": "ibm", "idList": ["2A5E5140226F7DD38A791DE1E8EE7913E3512D8FCB1A86411DA5AFF49D8E6F4A", "388EFD8B007684B48001D31307078170D5DBF01AEACBC98F2CB6247B827493F8", "3F34D8EA25B1CFED1F77BE0A29D70083D293CF0532267E430A4F453410CE1576", "6234195C7E31959F34FEEB3A01B3AE191F8EB55B62E74A9D49559D08BB9DC38C", "69F32F166EB30A983D321FEF01D6359F9C720CB30502BC0DC1A0C7C9E4BECE5F", "8600D4FE1C84EFD70C8C1A94E48F4DDFC42B18B82D5F8C7EE6D12E22048B63B3", "9F83ED7D961B69342BBB0C4157AF6D1AD1EF3528F0C8EC1218A10D5B884F6B87", "C5F0A3013333B48D4C08CB3D13549994F17CDBB3EA06E50A46D8068D5A06FCAC", "DD74A94DCFD49E41C76C5DDF42C914B945842C457C59BD3AA077859815577B84", "DEE9AFF0B712A89D4448E22F7E754C2582FE9F4F5ECD4927D6EFFA568D528127", "F6AFA8ACEF585CD43E06DE7164EBB8240A1255197762E88CB2BA50823C840FA9", "FCEEB61FFF0AA043526B3AD29A5AA38A5A5E8F0EBFEBFB7196BA2301B080971B"]}, {"type": "ics", "idList": ["ICSA-14-128-01", "ICSA-17-094-04"]}, {"type": "jvn", "idList": ["JVN:51615542"]}, {"type": "kaspersky", "idList": ["KLA10382"]}, {"type": "kitploit", "idList": ["KITPLOIT:6372579284509577146", "KITPLOIT:8150556845533626750"]}, {"type": "lenovo", "idList": ["LENOVO:PS500190-NOSID"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:AC8C8799BB0970C229AB0C432EECB10A"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/SSL/OPENSSL_CCS", "MSF:AUXILIARY/SERVER/OPENSSL_HEARTBEAT_CLIENT_MEMORY", "MSF:ILITIES/F5-BIG-IP-CVE-2013-6449/", "MSF:ILITIES/GENTOO-LINUX-CVE-2013-6449/", "MSF:ILITIES/HPSMH-CVE-2013-6449/", "MSF:ILITIES/HPSMH-CVE-2014-0224/", "MSF:ILITIES/HPUX-CVE-2012-2110/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2014-0221/", "MSF:ILITIES/IBM-AIX-CVE-2013-6449/", "MSF:ILITIES/LINUXRPM-ELSA-2014-1653/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2014-0160/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2014-3470/", "MSF:ILITIES/PULSE-SECURE-PULSE-CONNECT-SECURE-CVE-2014-0160/", "MSF:ILITIES/SUSE-CVE-2013-6449/"]}, {"type": "mozilla", "idList": ["MFSA2006-60"]}, {"type": "myhack58", "idList": ["MYHACK58:62201444409"]}, {"type": "n0where", "idList": ["N0WHERE:76566"]}, {"type": "nessus", "idList": ["5349.PRM", "5356.PRM", "5559.PRM", "5667.PRM", "801053.PRM", "801065.PRM", "8661.PRM", "8662.PRM", "AIX_OPENSSL_ADVISORY3.NASL", "ALA_ALAS-2012-38.NASL", "ALA_ALAS-2013-171.NASL", "ALA_ALAS-2014-273.NASL", "ATTACHMATE_REFLECTION_HEARTBLEED.NASL", "BLUECOAT_PROXY_SG_6_5_3_6.NASL", "CENTOS_RHSA-2009-1335.NASL", "CENTOS_RHSA-2009-1579.NASL", "CENTOS_RHSA-2010-0163.NASL", "CENTOS_RHSA-2010-0164.NASL", "CENTOS_RHSA-2010-0768.NASL", "CENTOS_RHSA-2013-0587.NASL", "CENTOS_RHSA-2014-1053.NASL", "CISCO-SA-20140605-OPENSSL-IOSXR.NASL", "CISCO-SA-20150320-OPENSSL-IOS.NASL", "CISCO-VCS-CSCUO16472.NASL", "CISCO_ASA_CSCUP22532.NASL", "CISCO_JABBER_CLIENT_CSCUP23913.NASL", "DEBIAN_DSA-1379.NASL", "DEBIAN_DSA-2390.NASL", "DEBIAN_DSA-2931.NASL", "DEBIAN_DSA-3197.NASL", "DEBIAN_DSA-394.NASL", "DEBIAN_DSA-875.NASL", "F5_BIGIP_SOL15325.NASL", "F5_BIGIP_SOL16321.NASL", "F5_BIGIP_SOL5533.NASL", "F5_BIGIP_SOL6734.NASL", "F5_BIGIP_SOL8106.NASL", "FEDORA_2009-12229.NASL", "FEDORA_2009-12782.NASL", "FEDORA_2010-17826.NASL", "FEDORA_2010-3905.NASL", "FEDORA_2010-5357.NASL", "FEDORA_2010-5942.NASL", "FEDORA_2010-6131.NASL", "FEDORA_2011-12281.NASL", "FEDORA_2012-18035.NASL", "FEDORA_2013-2793.NASL", "FEDORA_2014-1560.NASL", "FEDORA_2014-17587.NASL", "FEDORA_2014-4879.NASL", "FEDORA_2014-7101.NASL", "FEDORA_2015-4320.NASL", "FORTINET_FG-IR-14-018.NASL", "FREEBSD_PKG_0F37D765C5D411DB9F82000E0C2E438A.NASL", "FREEBSD_PKG_2ECB7B20D97E11E0B2E200215C6A37BB.NASL", "FREEBSD_PKG_68233CBA777411D889ED0020ED76EF5A.NASL", "FREEBSD_PKG_78CC8A463E5611E189B4001EC9578670.NASL", "FREEBSD_PKG_82B55DF84D5A11DE88110030843D3802.NASL", "GENTOO_GLSA-201402-25.NASL", "GENTOO_GLSA-201404-07.NASL", "GENTOO_GLSA-201412-11.NASL", "HPSMH_7_3_3_1.NASL", "HPUX_PHSS_29891.NASL", "HPUX_PHSS_30058.NASL", "HPUX_PHSS_30639.NASL", "HPUX_PHSS_30642.NASL", "HPUX_PHSS_35436.NASL", "HPUX_PHSS_35460.NASL", "HPUX_PHSS_35481.NASL", "HP_INSIGHT_CONTROL_SERVER_MIGRATION_7_3_2.NASL", "HP_VERSION_CONTROL_REPO_MANAGER_HPSBMU03056.NASL", "JUNIPER_JSA10575.NASL", "KASPERSKY_INTERNET_SECURITY_HEARTBLEED.NASL", "LIBREOFFICE_423.NASL", "MACOSX_10_10_4.NASL", "MACOSX_JAVA_10_5_UPDATE7.NASL", "MACOSX_SECUPD2015-005.NASL", "MACOSX_VMWARE_OVFTOOL_VMSA_2014_0006.NASL", "MANDRAKE_MDKSA-2003-020.NASL", "MANDRAKE_MDKSA-2006-172.NASL", "MANDRIVA_MDVSA-2009-323.NASL", "MANDRIVA_MDVSA-2011-137.NASL", "MANDRIVA_MDVSA-2012-007.NASL", "MANDRIVA_MDVSA-2012-060.NASL", "MANDRIVA_MDVSA-2012-073.NASL", "MOZILLA_THUNDERBIRD_304.NASL", "OPENOFFICE_32.NASL", "OPENSSL_0_9_7C.NASL", "OPENSSL_0_9_8.NASL", "OPENSSL_1_0_0D.NASL", "OPENSSL_1_0_0I.NASL", "OPENSSL_1_0_0J.NASL", "OPENSSL_1_0_1D.NASL", "OPENSUSE-2012-751.NASL", "OPENSUSE-2015-889.NASL", "ORACLELINUX_ELSA-2006-0695.NASL", "ORACLELINUX_ELSA-2010-0333.NASL", "ORACLELINUX_ELSA-2012-0060.NASL", "ORACLELINUX_ELSA-2012-0086.NASL", "ORACLELINUX_ELSA-2013-0273.NASL", "ORACLE_EIDS_CPU_OCT_2014.NASL", "ORACLE_JAVA_CPU_OCT_2010_UNIX.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2014_CPU.NASL", "PALO_ALTO_PAN-SA-2014-0003.NASL", "REDHAT-RHSA-2003-063.NASL", "REDHAT-RHSA-2007-0073.NASL", "REDHAT-RHSA-2007-0964.NASL", "REDHAT-RHSA-2009-1580.NASL", "REDHAT-RHSA-2010-0338.NASL", "REDHAT-RHSA-2011-0880.NASL", "REDHAT-RHSA-2012-0060.NASL", "REDHAT-RHSA-2013-0273.NASL", "REDHAT-RHSA-2014-0416.NASL", "REDHAT-RHSA-2014-0626.NASL", "REDHAT-RHSA-2014-0679.NASL", "SLACKWARE_SSA_2013-040-01.NASL", "SL_20071012_OPENSSL_ON_SL5_X.NASL", "SL_20071022_OPENSSL_ON_SL3.NASL", "SL_20071115_OPENSSL_ON_SL4_X.NASL", "SL_20100325_OPENSSL_ON_SL5_X.NASL", "SL_20101013_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "SL_20120201_OPENSSL_ON_SL4_X.NASL", "SL_20150413_OPENSSL_ON_SL5_X.NASL", "SOLARIS10_X86_118372.NASL", "SOLARIS10_X86_148072.NASL", "SOLARIS9_113713.NASL", "SOLARIS9_X86_114050.NASL", "SOLARIS9_X86_114568.NASL", "SPLUNK_618.NASL", "SSLTEST.NASL", "SUSE_11_0_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_0_FIREFOX35UPGRADE-100407.NASL", "SUSE_11_0_JAVA-1_6_0-OPENJDK-100428.NASL", "SUSE_11_0_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_1_COMPAT-OPENSSL097G-091113.NASL", "SUSE_11_1_LIBOPENSSL-DEVEL-090522.NASL", "SUSE_11_1_MOZILLAFIREFOX-BRANDING-OPENSUSE-100413.NASL", "SUSE_11_2_SEAMONKEY-100406.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-101119.NASL", "SUSE_11_3_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120111.NASL", "SUSE_11_4_LIBOPENSSL-DEVEL-120206.NASL", "SUSE_11_COMPAT-OPENSSL097G-110721.NASL", "SUSE_11_COMPAT-OPENSSL097G-150317.NASL", "SUSE_11_GNUTLS-101206.NASL", "SUSE_11_JAVA-1_6_0-OPENJDK-130221.NASL", "SUSE_11_LIBOPENSSL-DEVEL-091112.NASL", "SUSE_11_LIBOPENSSL-DEVEL-120328.NASL", "SUSE_11_MOZILLAFIREFOX-100407.NASL", "SUSE_COMPAT-OPENSSL097G-2171.NASL", "SUSE_COMPAT-OPENSSL097G-6657.NASL", "SUSE_JAVA-1_5_0-IBM-7077.NASL", "SUSE_OPENSSL-2140.NASL", "SUSE_OPENSSL-2349.NASL", "SUSE_OPENSSL-6944.NASL", "SUSE_OPENSSL-8517.NASL", "SUSE_OPENSSL-CVE-2009-4355.PATCH-6783.NASL", "SUSE_SA_2003_011.NASL", "SUSE_SU-2016-0617-1.NASL", "SUSE_SU-2016-0641-1.NASL", "SYMANTEC_ENDPOINT_PROT_MGR_12_1_RU4_MP1A.NASL", "UBUNTU_USN-2079-1.NASL", "UBUNTU_USN-2537-1.NASL", "UBUNTU_USN-620-1.NASL", "UBUNTU_USN-927-4.NASL", "UBUNTU_USN-990-1.NASL", "VMWARE_ESXI_5_0_BUILD_1918656_REMOTE.NASL", "VMWARE_VMSA-2010-0015_REMOTE.NASL", "VMWARE_VMSA-2012-0013_REMOTE.NASL", "VMWARE_WORKSTATION_LINUX_10_0_2.NASL", "VSPHERE_CLIENT_VMSA_2014-0006.NASL", "WEBSENSE_EMAIL_SECURITY_HEARTBLEED.NASL", "WEBSPHERE_8_5_0_2.NASL"]}, {"type": "nmap", "idList": ["NMAP:SSL-HEARTBLEED.NSE"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2009-4355", "OPENSSL:CVE-2011-4108", "OPENSSL:CVE-2011-4577", "OPENSSL:CVE-2013-0169", "OPENSSL:CVE-2013-6449", "OPENSSL:CVE-2014-0224", "OPENSSL:CVE-2015-0209"]}, {"type": "openvas", "idList": ["OPENVAS:102024", "OPENVAS:102047", "OPENVAS:103849", "OPENVAS:105021", "OPENVAS:105022", "OPENVAS:1361412562310102020", "OPENVAS:1361412562310102045", "OPENVAS:1361412562310102047", "OPENVAS:1361412562310103454", "OPENVAS:1361412562310105043", "OPENVAS:1361412562310105129", "OPENVAS:1361412562310105158", "OPENVAS:1361412562310105202", "OPENVAS:1361412562310105203", "OPENVAS:1361412562310105947", "OPENVAS:1361412562310105948", "OPENVAS:1361412562310120151", "OPENVAS:1361412562310120310", "OPENVAS:1361412562310120514", "OPENVAS:1361412562310121048", "OPENVAS:1361412562310121156", "OPENVAS:1361412562310121175", "OPENVAS:1361412562310122006", "OPENVAS:1361412562310122380", "OPENVAS:1361412562310122382", "OPENVAS:1361412562310123154", "OPENVAS:136141256231055636", "OPENVAS:136141256231057389", "OPENVAS:136141256231063141", "OPENVAS:136141256231064246", "OPENVAS:136141256231064949", "OPENVAS:136141256231065974", "OPENVAS:136141256231066240", "OPENVAS:136141256231066275", "OPENVAS:136141256231066302", "OPENVAS:136141256231066414", "OPENVAS:136141256231066450", "OPENVAS:136141256231066451", "OPENVAS:136141256231066517", "OPENVAS:136141256231066563", "OPENVAS:136141256231067218", "OPENVAS:136141256231070248", "OPENVAS:1361412562310703253", "OPENVAS:136141256231070756", "OPENVAS:1361412562310800499", "OPENVAS:1361412562310806730", "OPENVAS:1361412562310806731", "OPENVAS:1361412562310830842", "OPENVAS:1361412562310830934", "OPENVAS:1361412562310831330", "OPENVAS:1361412562310831454", "OPENVAS:1361412562310835123", "OPENVAS:1361412562310835229", "OPENVAS:1361412562310840416", "OPENVAS:1361412562310841867", "OPENVAS:1361412562310841933", "OPENVAS:1361412562310850412", "OPENVAS:1361412562310855170", "OPENVAS:1361412562310855192", "OPENVAS:1361412562310855300", "OPENVAS:1361412562310855376", "OPENVAS:1361412562310855612", "OPENVAS:1361412562310855702", "OPENVAS:1361412562310855742", "OPENVAS:1361412562310855768", "OPENVAS:1361412562310855771", "OPENVAS:1361412562310862721", "OPENVAS:1361412562310864153", "OPENVAS:1361412562310864229", "OPENVAS:1361412562310867235", "OPENVAS:1361412562310867344", "OPENVAS:1361412562310867768", "OPENVAS:1361412562310868705", "OPENVAS:1361412562310869732", "OPENVAS:1361412562310870236", "OPENVAS:1361412562310870237", "OPENVAS:1361412562310870238", "OPENVAS:1361412562310880611", "OPENVAS:1361412562310881606", "OPENVAS:1361412562310881946", "OPENVAS:1361412562310881987", "OPENVAS:1361412562310882412", "OPENVAS:1361412562310900654", "OPENVAS:53291", "OPENVAS:55751", "OPENVAS:55796", "OPENVAS:57511", "OPENVAS:57909", "OPENVAS:61027", "OPENVAS:61182", "OPENVAS:64196", "OPENVAS:64799", "OPENVAS:65067", "OPENVAS:66583", "OPENVAS:67053", "OPENVAS:67218", "OPENVAS:68997", "OPENVAS:702950", "OPENVAS:703253", "OPENVAS:71261", "OPENVAS:71533", "OPENVAS:830049", "OPENVAS:830842", "OPENVAS:830906", "OPENVAS:831251", "OPENVAS:831586", "OPENVAS:840365", "OPENVAS:841323", "OPENVAS:850412", "OPENVAS:855008", "OPENVAS:861274", "OPENVAS:861695", "OPENVAS:862470", "OPENVAS:862628", "OPENVAS:863945", "OPENVAS:864283", "OPENVAS:867229", "OPENVAS:867344", "OPENVAS:867386", "OPENVAS:867768", "OPENVAS:870243", "OPENVAS:870540", "OPENVAS:870926", "OPENVAS:880612", "OPENVAS:880630", "OPENVAS:881066", "OPENVAS:881611", "OPENVAS:881620", "OPENVAS:881669"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2011-194091", "ORACLE:CPUJUL2015-2367936"]}, {"type": "oraclelinux", "idList": ["ELSA-2006-0661", "ELSA-2009-1579", "ELSA-2010-0163", "ELSA-2010-0164", "ELSA-2010-0166", "ELSA-2010-0339", "ELSA-2010-0768", "ELSA-2013-0275", "ELSA-2014-0625", "ELSA-2014-1652"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:62019"]}, {"type": "rapid7community", "idList": ["RAPID7COMMUNITY:2D16953CACCA4F69B642B05183F60758"]}, {"type": "redhat", "idList": ["RHSA-2005:830", "RHSA-2009:1335", "RHSA-2010:0888", "RHSA-2010:0986", "RHSA-2011:0677", "RHSA-2012:0060", "RHSA-2012:0518", "RHSA-2012:1308", "RHSA-2013:0823", "RHSA-2014:0015", "RHSA-2014:0041", "RHSA-2014:0376", "RHSA-2014:0416", "RHSA-2014:0625", "RHSA-2014:0627", "RHSA-2014:0632", "RHSA-2015:0715", "RHSA-2016:0445"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27870", "SECURITYVULNS:DOC:28706", "SECURITYVULNS:DOC:29893", "SECURITYVULNS:DOC:5178", "SECURITYVULNS:DOC:5919", "SECURITYVULNS:VULN:10519", "SECURITYVULNS:VULN:13478", "SECURITYVULNS:VULN:14333", "SECURITYVULNS:VULN:9726"]}, {"type": "seebug", "idList": ["SSV:12600", "SSV:19736", "SSV:61276", "SSV:62181", "SSV:62185", "SSV:62186", "SSV:62190", "SSV:62198", "SSV:62238"]}, {"type": "slackware", "idList": ["SSA-2009-320-01", "SSA-2013-040-01", "SSA-2015-111-09"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:0378-1", "OPENSUSE-SU-2015:2243-1", "SUSE-SA:2006:058", "SUSE-SA:2007:010", "SUSE-SA:2010:061", "SUSE-SU-2012:0637-1", "SUSE-SU-2012:1149-2", "SUSE-SU-2014:0759-1", "SUSE-SU-2014:0761-1", "SUSE-SU-2016:0641-1"]}, {"type": "symantec", "idList": ["SMNTC-1363"]}, {"type": "thn", "idList": ["THN:847F48AE6816E6BFF25355FC0EA7439A", "THN:EBCB003D7DB7BD8BF73239F9718C6126", "THN:F450AB9C3FB6FDB4B44FC6D9EE5E9AD4"]}, {"type": "threatpost", "idList": ["THREATPOST:2C5C82CF691D70F64A14DA1BEC242DD5", "THREATPOST:A5161FD8579FC8D6BD28F429682A17F9", "THREATPOST:B5CB39945899ADD3A3D3790E21175180"]}, {"type": "ubuntu", "idList": ["USN-1628-1", "USN-1732-2", "USN-1898-1", "USN-2232-1", "USN-2232-2", "USN-2232-3", "USN-2232-4", "USN-24-1", "USN-339-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2003-0078", "UB:CVE-2004-0975", "UB:CVE-2006-2940", "UB:CVE-2006-3738", "UB:CVE-2006-4339", "UB:CVE-2007-4995", "UB:CVE-2008-0891", "UB:CVE-2010-1633", "UB:CVE-2011-4576", "UB:CVE-2012-0050", "UB:CVE-2012-0884", "UB:CVE-2013-0166", "UB:CVE-2013-4353", "UB:CVE-2014-0160", "UB:CVE-2014-0195", "UB:CVE-2014-0198"]}, {"type": "vmware", "idList": ["VMSA-2010-0004", "VMSA-2010-0019.3"]}, {"type": "vulnerlab", "idList": ["VULNERLAB:967"]}, {"type": "zdi", "idList": ["ZDI-14-173"]}, {"type": "zdt", "idList": ["1337DAY-ID-22122"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2003-0078", "epss": "0.021330000", "percentile": "0.874800000", "modified": "2023-03-13"}, {"cve": "CVE-2003-0131", "epss": "0.033470000", "percentile": "0.898630000", "modified": "2023-03-13"}, {"cve": "CVE-2003-0147", "epss": "0.009920000", "percentile": "0.812380000", "modified": "2023-03-13"}, {"cve": "CVE-2003-0543", "epss": "0.969230000", "percentile": "0.994910000", "modified": "2023-03-13"}, {"cve": "CVE-2003-0544", "epss": "0.158470000", "percentile": "0.950210000", "modified": "2023-03-13"}, {"cve": "CVE-2003-0545", "epss": "0.879200000", "percentile": "0.980390000", "modified": "2023-03-13"}, {"cve": "CVE-2004-0079", "epss": "0.009440000", "percentile": "0.807400000", "modified": "2023-03-13"}, {"cve": "CVE-2004-0112", "epss": "0.002840000", "percentile": "0.636820000", "modified": "2023-03-13"}, {"cve": "CVE-2004-0975", "epss": "0.000420000", "percentile": "0.056400000", "modified": "2023-03-13"}, {"cve": "CVE-2005-0109", "epss": "0.000750000", "percentile": "0.303110000", "modified": "2023-03-13"}, {"cve": "CVE-2005-2946", "epss": "0.004250000", "percentile": "0.703120000", "modified": "2023-03-13"}, {"cve": "CVE-2005-2969", "epss": "0.012590000", "percentile": "0.834600000", "modified": "2023-03-13"}, {"cve": "CVE-2006-2937", "epss": "0.153130000", "percentile": "0.949450000", "modified": "2023-03-13"}, {"cve": "CVE-2006-2940", "epss": "0.028380000", "percentile": "0.891130000", "modified": "2023-03-13"}, {"cve": "CVE-2006-3738", "epss": "0.968750000", "percentile": "0.994630000", "modified": "2023-03-13"}, {"cve": "CVE-2006-4339", "epss": "0.012220000", "percentile": "0.831940000", "modified": "2023-03-13"}, {"cve": "CVE-2006-4343", "epss": "0.009150000", "percentile": "0.804180000", "modified": "2023-03-13"}, {"cve": "CVE-2007-3108", "epss": "0.000450000", "percentile": "0.124190000", "modified": "2023-03-13"}, {"cve": "CVE-2007-4995", "epss": "0.089100000", "percentile": "0.935660000", "modified": "2023-03-13"}, {"cve": "CVE-2007-5135", "epss": "0.571230000", "percentile": "0.971100000", "modified": "2023-03-13"}, {"cve": "CVE-2008-0891", "epss": "0.111560000", "percentile": "0.942210000", "modified": "2023-03-13"}, {"cve": "CVE-2008-1672", "epss": "0.043810000", "percentile": "0.910630000", "modified": "2023-03-13"}, {"cve": "CVE-2009-1377", "epss": "0.053020000", "percentile": "0.918520000", "modified": "2023-03-13"}, {"cve": "CVE-2009-1378", "epss": "0.047500000", "percentile": "0.913980000", "modified": "2023-03-13"}, {"cve": "CVE-2009-1379", "epss": "0.117350000", "percentile": "0.943720000", "modified": "2023-03-13"}, {"cve": "CVE-2009-3555", "epss": "0.001750000", "percentile": "0.529070000", "modified": "2023-03-13"}, {"cve": "CVE-2009-4355", "epss": "0.203540000", "percentile": "0.955570000", "modified": "2023-03-13"}, {"cve": "CVE-2010-0742", "epss": "0.251030000", "percentile": "0.959090000", "modified": "2023-03-13"}, {"cve": "CVE-2010-1633", "epss": "0.008500000", "percentile": "0.796440000", "modified": "2023-03-13"}, {"cve": "CVE-2010-3864", "epss": "0.316350000", "percentile": "0.962750000", "modified": "2023-03-13"}, {"cve": "CVE-2010-5298", "epss": "0.033640000", "percentile": "0.898940000", "modified": "2023-03-13"}, {"cve": "CVE-2011-0014", "epss": "0.103370000", "percentile": "0.940220000", "modified": "2023-03-13"}, {"cve": "CVE-2011-3207", "epss": "0.013240000", "percentile": "0.839130000", "modified": "2023-03-13"}, {"cve": "CVE-2011-4108", "epss": "0.004850000", "percentile": "0.722490000", "modified": "2023-03-13"}, {"cve": "CVE-2011-4576", "epss": "0.008850000", "percentile": "0.800610000", "modified": "2023-03-13"}, {"cve": "CVE-2011-4577", "epss": "0.106370000", "percentile": "0.940980000", "modified": "2023-03-13"}, {"cve": "CVE-2011-4619", "epss": "0.310050000", "percentile": "0.962560000", "modified": "2023-03-13"}, {"cve": "CVE-2012-0050", "epss": "0.464450000", "percentile": "0.968160000", "modified": "2023-03-13"}, {"cve": "CVE-2012-0884", "epss": "0.008670000", "percentile": "0.798510000", "modified": "2023-03-13"}, {"cve": "CVE-2012-1165", "epss": "0.417820000", "percentile": "0.966920000", "modified": "2023-03-13"}, {"cve": "CVE-2012-2110", "epss": "0.110130000", "percentile": "0.941910000", "modified": "2023-03-13"}, {"cve": "CVE-2012-2333", "epss": "0.052710000", "percentile": "0.918300000", "modified": "2023-03-13"}, {"cve": "CVE-2012-4929", "epss": "0.001630000", "percentile": "0.512120000", "modified": "2023-03-13"}, {"cve": "CVE-2013-0166", "epss": "0.006820000", "percentile": "0.769190000", "modified": "2023-03-13"}, {"cve": "CVE-2013-0169", "epss": "0.005360000", "percentile": "0.736300000", "modified": "2023-03-13"}, {"cve": "CVE-2013-4353", "epss": "0.684920000", "percentile": "0.973690000", "modified": "2023-03-13"}, {"cve": "CVE-2013-6449", "epss": "0.936840000", "percentile": "0.985510000", "modified": "2023-03-13"}, {"cve": "CVE-2013-6450", "epss": "0.043320000", "percentile": "0.910180000", "modified": "2023-03-13"}, {"cve": "CVE-2014-0160", "epss": "0.975900000", "percentile": "1.000000000", "modified": "2023-03-13"}, {"cve": "CVE-2014-0195", "epss": "0.970740000", "percentile": "0.995770000", "modified": "2023-03-13"}, {"cve": "CVE-2014-0198", "epss": "0.052320000", "percentile": "0.917980000", "modified": "2023-03-13"}, {"cve": "CVE-2014-0221", "epss": "0.973040000", "percentile": "0.997350000", "modified": "2023-03-13"}, {"cve": "CVE-2014-0224", "epss": "0.975390000", "percentile": "0.999840000", "modified": "2023-03-13"}, {"cve": "CVE-2014-3470", "epss": "0.974140000", "percentile": "0.998460000", "modified": "2023-03-13"}, {"cve": "CVE-2015-0209", "epss": "0.135080000", "percentile": "0.946670000", "modified": "2023-03-13"}, {"cve": "CVE-2015-0286", "epss": "0.957700000", "percentile": "0.990140000", "modified": "2023-03-13"}, {"cve": "CVE-2015-0287", "epss": "0.023030000", "percentile": "0.879670000", "modified": "2023-03-13"}, {"cve": "CVE-2015-0288", "epss": "0.016440000", "percentile": "0.855870000", "modified": "2023-03-13"}, {"cve": "CVE-2015-0289", "epss": "0.016440000", "percentile": "0.855870000", "modified": "2023-03-13"}, {"cve": "CVE-2015-0292", "epss": "0.253660000", "percentile": "0.959230000", "modified": "2023-03-13"}, {"cve": "CVE-2015-0293", "epss": "0.518730000", "percentile": "0.969690000", "modified": "2023-03-13"}], "vulnersScore": 0.2}, "affectedSoftware": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1660025421, "score": 1660025700, "epss": 1678780633}, "_internal": {"score_hash": "3c204c2d6f20c222bb348e4e6a3996a5"}}

{"nessus": [{"lastseen": "2023-02-06T14:24:22", "description": "Update to 1.0.1c and synced all patches with Fedora openssl-1.0.1c-7.fc19\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "nessus", "title": "Fedora 18 : mingw-openssl-1.0.1c-1.fc18 (2012-18035)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3207", "CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2333"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-openssl", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2012-18035.NASL", "href": "https://www.tenable.com/plugins/nessus/63031", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-18035.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63031);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-3207\", \"CVE-2011-4108\", \"CVE-2011-4576\", \"CVE-2011-4577\", \"CVE-2011-4619\", \"CVE-2012-0884\", \"CVE-2012-1165\", \"CVE-2012-2110\", \"CVE-2012-2333\");\n script_bugtraq_id(49469, 51281, 52428, 52764, 53158, 53476);\n script_xref(name:\"FEDORA\", value:\"2012-18035\");\n\n script_name(english:\"Fedora 18 : mingw-openssl-1.0.1c-1.fc18 (2012-18035)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 1.0.1c and synced all patches with Fedora\nopenssl-1.0.1c-7.fc19\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=736089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=773330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=802817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=814203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=820694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=846213\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f876088\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"mingw-openssl-1.0.1c-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:23:59", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities:\n\n - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an error state mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected. (CVE-2017-3737)\n\n - There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation).\n Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected.\n Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.\n (CVE-2017-3738)\n\n - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected.\n Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen. (CVE-2017-3736)\n\n - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. (CVE-2006-2937)\n\n - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) public exponent or (2) public modulus values in X.509 certificates that require extra time to process when using RSA signature verification.\n (CVE-2006-2940)\n\n - Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.\n (CVE-2006-3738)\n\n - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. (CVE-2006-4339)\n\n - The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. (CVE-2006-4343)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys. (CVE-2007-3108)\n\n - Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. (CVE-2007-4995)\n\n - Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.\n (CVE-2007-5135)\n\n - Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.\n (CVE-2008-0891)\n\n - OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses particular cipher suites, which triggers a NULL pointer dereference. (CVE-2008-1672)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. (CVE-2009-1377)\n\n - Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. (CVE-2009-1378)\n\n - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. (CVE-2009-1379)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post- renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue.\n (CVE-2009-3555)\n\n - Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. (CVE-2009-4355)\n\n - The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. (CVE-2010-0742)\n\n - RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information. (CVE-2010-1633)\n\n - Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi- threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap- based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.\n (CVE-2010-3864)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. (CVE-2010-4180)\n\n - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka OCSP stapling vulnerability. (CVE-2011-0014)\n\n - crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. (CVE-2011-3207)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. (CVE-2012-0050)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. (CVE-2012-2110)\n\n - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (CVE-2013-4353)\n\n - The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.\n (CVE-2013-6449)\n\n - The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (CVE-2013-6450)\n\n - An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160)\n\n - A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566)\n\n - A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-0891", "CVE-2008-1672", "CVE-2008-1678", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0742", "CVE-2010-1633", "CVE-2010-3864", "CVE-2010-4180", "CVE-2011-0014", "CVE-2011-3207", "CVE-2011-4108", "CVE-2012-0050", "CVE-2012-2110", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-3566", "CVE-2015-3193", "CVE-2016-0701", "CVE-2016-2183", "CVE-2017-3732", "CVE-2017-3736", "CVE-2017-3737", "CVE-2017-3738"], "modified": "2022-05-19T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/127201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0033. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127201);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2006-2937\",\n \"CVE-2006-2940\",\n \"CVE-2006-3738\",\n \"CVE-2006-4339\",\n \"CVE-2006-4343\",\n \"CVE-2007-3108\",\n \"CVE-2007-4995\",\n \"CVE-2007-5135\",\n \"CVE-2008-0891\",\n \"CVE-2008-1672\",\n \"CVE-2009-1377\",\n \"CVE-2009-1378\",\n \"CVE-2009-1379\",\n \"CVE-2009-3555\",\n \"CVE-2009-4355\",\n \"CVE-2010-0742\",\n \"CVE-2010-1633\",\n \"CVE-2010-3864\",\n \"CVE-2010-4180\",\n \"CVE-2011-0014\",\n \"CVE-2011-3207\",\n \"CVE-2012-0050\",\n \"CVE-2012-2110\",\n \"CVE-2013-4353\",\n \"CVE-2013-6449\",\n \"CVE-2013-6450\",\n \"CVE-2014-0160\",\n \"CVE-2014-3566\",\n \"CVE-2016-2183\",\n \"CVE-2017-3736\",\n \"CVE-2017-3737\",\n \"CVE-2017-3738\"\n );\n script_bugtraq_id(92630);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected\nby multiple vulnerabilities:\n\n - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced\n an error state mechanism. The intent was that if a\n fatal error occurred during a handshake then OpenSSL\n would move into the error state and would immediately\n fail if you attempted to continue the handshake. This\n works as designed for the explicit handshake functions\n (SSL_do_handshake(), SSL_accept() and SSL_connect()),\n however due to a bug it does not work correctly if\n SSL_read() or SSL_write() is called directly. In that\n scenario, if the handshake fails then a fatal error will\n be returned in the initial function call. If\n SSL_read()/SSL_write() is subsequently called by the\n application for the same SSL object then it will succeed\n and the data is passed without being decrypted/encrypted\n directly from the SSL/TLS record layer. In order to\n exploit this issue an application bug would have to be\n present that resulted in a call to\n SSL_read()/SSL_write() being issued after having already\n received a fatal error. OpenSSL version 1.0.2b-1.0.2m\n are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is\n not affected. (CVE-2017-3737)\n\n - There is an overflow bug in the AVX2 Montgomery\n multiplication procedure used in exponentiation with\n 1024-bit moduli. No EC algorithms are affected. Analysis\n suggests that attacks against RSA and DSA as a result of\n this defect would be very difficult to perform and are\n not believed likely. Attacks against DH1024 are\n considered just feasible, because most of the work\n necessary to deduce information about a private key may\n be performed offline. The amount of resources required\n for such an attack would be significant. However, for an\n attack on TLS to be meaningful, the server would have to\n share the DH1024 private key among multiple clients,\n which is no longer an option since CVE-2016-0701. This\n only affects processors that support the AVX2 but not\n ADX extensions like Intel Haswell (4th generation).\n Note: The impact from this issue is similar to\n CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL\n version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected.\n Fixed in OpenSSL 1.0.2n. Due to the low severity of this\n issue we are not issuing a new release of OpenSSL 1.1.0\n at this time. The fix will be included in OpenSSL 1.1.0h\n when it becomes available. The fix is also available in\n commit e502cc86d in the OpenSSL git repository.\n (CVE-2017-3738)\n\n - There is a carry propagating bug in the x86_64\n Montgomery squaring procedure in OpenSSL before 1.0.2m\n and 1.1.0 before 1.1.0g. No EC algorithms are affected.\n Analysis suggests that attacks against RSA and DSA as a\n result of this defect would be very difficult to perform\n and are not believed likely. Attacks against DH are\n considered just feasible (although very difficult)\n because most of the work necessary to deduce information\n about a private key may be performed offline. The amount\n of resources required for such an attack would be very\n significant and likely only accessible to a limited\n number of attackers. An attacker would additionally need\n online access to an unpatched system using the target\n private key in a scenario with persistent DH parameters\n and a private key that is shared between multiple\n clients. This only affects processors that support the\n BMI1, BMI2 and ADX extensions like Intel Broadwell (5th\n generation) and later or AMD Ryzen. (CVE-2017-3736)\n\n - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service\n (infinite loop and memory consumption) via malformed\n ASN.1 structures that trigger an improperly handled\n error condition. (CVE-2006-2937)\n\n - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows attackers to cause a denial of\n service (CPU consumption) via parasitic public keys with\n large (1) public exponent or (2) public modulus\n values in X.509 certificates that require extra time to\n process when using RSA signature verification.\n (CVE-2006-2940)\n\n - Buffer overflow in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions has unspecified impact and remote\n attack vectors involving a long list of ciphers.\n (CVE-2006-3738)\n\n - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3,\n removes PKCS-1 padding before generating a hash, which\n allows remote attackers to forge a PKCS #1 v1.5\n signature that is signed by that RSA key and prevents\n OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. (CVE-2006-4339)\n\n - The get_server_hello function in the SSLv2 client code\n in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows remote servers to cause a denial\n of service (client crash) via unknown vectors that\n trigger a null pointer dereference. (CVE-2006-4343)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c\n in OpenSSL 0.9.8e and earlier does not properly perform\n Montgomery multiplication, which might allow local users\n to conduct a side-channel attack and retrieve RSA\n private keys. (CVE-2007-3108)\n\n - Off-by-one error in the DTLS implementation in OpenSSL\n 0.9.8 before 0.9.8f allows remote attackers to execute\n arbitrary code via unspecified vectors. (CVE-2007-4995)\n\n - Off-by-one error in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f,\n might allow remote attackers to execute arbitrary code\n via a crafted packet that triggers a one-byte buffer\n underflow. NOTE: this issue was introduced as a result\n of a fix for CVE-2006-3738. As of 20071012, it is\n unknown whether code execution is possible.\n (CVE-2007-5135)\n\n - Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g,\n when the TLS server name extensions are enabled, allows\n remote attackers to cause a denial of service (crash)\n via a malformed Client Hello packet. NOTE: some of these\n details are obtained from third party information.\n (CVE-2008-0891)\n\n - OpenSSL 0.9.8f and 0.9.8g allows remote attackers to\n cause a denial of service (crash) via a TLS handshake\n that omits the Server Key Exchange message and uses\n particular cipher suites, which triggers a NULL\n pointer dereference. (CVE-2008-1672)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in\n OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote\n attackers to cause a denial of service (memory\n consumption) via a large series of future epoch DTLS\n records that are buffered in a queue, aka DTLS record\n buffer limitation bug. (CVE-2009-1377)\n\n - Multiple memory leaks in the\n dtls1_process_out_of_seq_message function in\n ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8\n versions allow remote attackers to cause a denial of\n service (memory consumption) via DTLS records that (1)\n are duplicates or (2) have sequence numbers much greater\n than current sequence numbers, aka DTLS fragment\n handling memory leak. (CVE-2009-1378)\n\n - Use-after-free vulnerability in the\n dtls1_retrieve_buffered_fragment function in\n ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote\n attackers to cause a denial of service (openssl s_client\n crash) and possibly have unspecified other impact via a\n DTLS packet, as demonstrated by a packet from a server\n that uses a crafted server certificate. (CVE-2009-1379)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly\n earlier, as used in Microsoft Internet Information\n Services (IIS) 7.0, mod_ssl in the Apache HTTP Server\n 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5\n and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, multiple Cisco products, and other\n products, does not properly associate renegotiation\n handshakes with an existing connection, which allows\n man-in-the-middle attackers to insert data into HTTPS\n sessions, and possibly other types of sessions protected\n by TLS or SSL, by sending an unauthenticated request\n that is processed retroactively by a server in a post-\n renegotiation context, related to a plaintext\n injection attack, aka the Project Mogul issue.\n (CVE-2009-3555)\n\n - Memory leak in the zlib_stateful_finish function in\n crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and\n 1.0.0 Beta through Beta 4 allows remote attackers to\n cause a denial of service (memory consumption) via\n vectors that trigger incorrect calls to the\n CRYPTO_cleanup_all_ex_data function, as demonstrated by\n use of SSLv3 and PHP with the Apache HTTP Server, a\n related issue to CVE-2008-1678. (CVE-2009-4355)\n\n - The Cryptographic Message Syntax (CMS) implementation in\n crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x\n before 1.0.0a does not properly handle structures that\n contain OriginatorInfo, which allows context-dependent\n attackers to modify invalid memory locations or conduct\n double-free attacks, and possibly execute arbitrary\n code, via unspecified vectors. (CVE-2010-0742)\n\n - RSA verification recovery in the EVP_PKEY_verify_recover\n function in OpenSSL 1.x before 1.0.0a, as used by\n pkeyutl and possibly other applications, returns\n uninitialized memory upon failure, which might allow\n context-dependent attackers to bypass intended key\n requirements or obtain sensitive information via\n unspecified vectors. NOTE: some of these details are\n obtained from third party information. (CVE-2010-1633)\n\n - Multiple race conditions in ssl/t1_lib.c in OpenSSL\n 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-\n threading and internal caching are enabled on a TLS\n server, might allow remote attackers to execute\n arbitrary code via client data that triggers a heap-\n based buffer overflow, related to (1) the TLS server\n name extension and (2) elliptic curve cryptography.\n (CVE-2010-3864)\n\n - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when\n SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does\n not properly prevent modification of the ciphersuite in\n the session cache, which allows remote attackers to\n force the downgrade to an unintended cipher via vectors\n involving sniffing network traffic to discover a session\n identifier. (CVE-2010-4180)\n\n - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0\n through 1.0.0c allows remote attackers to cause a denial\n of service (crash), and possibly obtain sensitive\n information in applications that use OpenSSL, via a\n malformed ClientHello handshake message that triggers an\n out-of-bounds memory access, aka OCSP stapling\n vulnerability. (CVE-2011-0014)\n\n - crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e\n does not initialize certain structure members, which\n makes it easier for remote attackers to bypass CRL\n validation by using a nextUpdate value corresponding to\n a time in the past. (CVE-2011-3207)\n\n - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS\n applications, which allows remote attackers to cause a\n denial of service (crash) via unspecified vectors\n related to an out-of-bounds read. NOTE: this\n vulnerability exists because of an incorrect fix for\n CVE-2011-4108. (CVE-2012-0050)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c\n in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1\n before 1.0.1a does not properly interpret integer data,\n which allows remote attackers to conduct buffer overflow\n attacks, and cause a denial of service (memory\n corruption) or possibly have unspecified other impact,\n via crafted DER data, as demonstrated by an X.509\n certificate or an RSA public key. (CVE-2012-2110)\n\n - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL\n 1.0.1 before 1.0.1f allows remote TLS servers to cause a\n denial of service (NULL pointer dereference and\n application crash) via a crafted Next Protocol\n Negotiation record in a TLS handshake. (CVE-2013-4353)\n\n - The ssl_get_algorithm2 function in ssl/s3_lib.c in\n OpenSSL before 1.0.2 obtains a certain version number\n from an incorrect data structure, which allows remote\n attackers to cause a denial of service (daemon crash)\n via crafted traffic from a TLS 1.2 client.\n (CVE-2013-6449)\n\n - The DTLS retransmission implementation in OpenSSL 1.0.0\n before 1.0.0l and 1.0.1 before 1.0.1f does not properly\n maintain data structures for digest and encryption\n contexts, which might allow man-in-the-middle attackers\n to trigger the use of a different context and cause a\n denial of service (application crash) by interfering\n with packet delivery, related to ssl/d1_both.c and\n ssl/t1_enc.c. (CVE-2013-6450)\n\n - An information disclosure flaw was found in the way\n OpenSSL handled TLS and DTLS Heartbeat Extension\n packets. A malicious TLS or DTLS client or server could\n send a specially crafted TLS or DTLS Heartbeat packet to\n disclose a limited portion of memory per request from a\n connected client or server. Note that the disclosed\n portions of memory could potentially include sensitive\n information such as private keys. (CVE-2014-0160)\n\n - A flaw was found in the way SSL 3.0 handled padding\n bytes when decrypting messages encrypted using block\n ciphers in cipher block chaining (CBC) mode. This flaw\n allows a man-in-the-middle (MITM) attacker to decrypt a\n selected byte of a cipher text in as few as 256 tries if\n they are able to force a victim application to\n repeatedly send the same data over newly created SSL 3.0\n connections. (CVE-2014-3566)\n\n - A flaw was found in the way the DES/3DES cipher was used\n as part of the TLS/SSL protocol. A man-in-the-middle\n attacker could use this flaw to recover some plaintext\n data by capturing large amounts of encrypted traffic\n between TLS/SSL server and client if the communication\n used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0033\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2006-3738\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-2183\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 287, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"openssl-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-crypto-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-debuginfo-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-devel-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-libs-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-perl-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\",\n \"openssl-static-1.0.2k-12.el7.cgslv5lite.0.1.g0e5ddfd\"\n ],\n \"CGSL MAIN 5.04\": [\n \"openssl-1.0.2k-12.el7.cgslv5\",\n \"openssl-debuginfo-1.0.2k-12.el7.cgslv5\",\n \"openssl-devel-1.0.2k-12.el7.cgslv5\",\n \"openssl-libs-1.0.2k-12.el7.cgslv5\",\n \"openssl-perl-1.0.2k-12.el7.cgslv5\",\n \"openssl-static-1.0.2k-12.el7.cgslv5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:34:58", "description": "A version of LibreOffice 4.2.x prior to 4.2.3 is installed on the remote Windows host. This version of LibreOffice is bundled with a version of OpenSSL affected by multiple vulnerabilities :\n\n - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - An error exists in the 'ssl3_take_mac' function in the file 'ssl/s3_both.c' related to handling TLS handshake traffic that could lead to denial of service attacks.\n (CVE-2013-4353)\n\n - An error exists in the 'ssl_get_algorithm2' function in the file 'ssl/s3_lib.c' related to handling TLS 1.2 traffic that could lead to denial of service attacks.\n (CVE-2013-6449)\n\n - An error exists related to the handling of DTLS retransmission processes that could lead to denial of service attacks. (CVE-2013-6450)\n\n - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.\n (CVE-2014-0160)\n\n - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note this issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)\n\nNote that Nessus has not attempted to exploit these issues, but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2014-07-15T00:00:00", "type": "nessus", "title": "LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Heartbleed)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2022-05-05T00:00:00", "cpe": ["cpe:/a:libreoffice:libreoffice"], "id": "LIBREOFFICE_423.NASL", "href": "https://www.tenable.com/plugins/nessus/76510", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76510);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/05\");\n\n script_cve_id(\n \"CVE-2010-5298\",\n \"CVE-2013-4353\",\n \"CVE-2013-6449\",\n \"CVE-2013-6450\",\n \"CVE-2014-0160\",\n \"CVE-2014-0195\",\n \"CVE-2014-0198\",\n \"CVE-2014-0221\",\n \"CVE-2014-0224\",\n \"CVE-2014-3470\"\n );\n script_bugtraq_id(\n 64530,\n 64618,\n 64691,\n 66690,\n 66801,\n 67193,\n 67898,\n 67899,\n 67900,\n 67901\n );\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"CERT\", value:\"978508\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Heartbleed)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"A version of LibreOffice 4.2.x prior to 4.2.3 is installed on the\nremote Windows host. This version of LibreOffice is bundled with a\nversion of OpenSSL affected by multiple vulnerabilities :\n\n - An error exists in the function 'ssl3_read_bytes'\n that could allow data to be injected into other\n sessions or allow denial of service attacks. Note\n this issue is only exploitable if\n 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - An error exists in the 'ssl3_take_mac' function in the\n file 'ssl/s3_both.c' related to handling TLS handshake\n traffic that could lead to denial of service attacks.\n (CVE-2013-4353)\n\n - An error exists in the 'ssl_get_algorithm2' function in\n the file 'ssl/s3_lib.c' related to handling TLS 1.2\n traffic that could lead to denial of service attacks.\n (CVE-2013-6449)\n\n - An error exists related to the handling of DTLS\n retransmission processes that could lead to denial of\n service attacks. (CVE-2013-6450)\n\n - An out-of-bounds read error, known as the 'Heartbleed\n Bug', exists related to handling TLS heartbeat\n extensions that could allow an attacker to obtain\n sensitive information such as primary key material,\n secondary key material, and other protected content.\n (CVE-2014-0160)\n\n - A buffer overflow error exists related to invalid DTLS\n fragment handling that could lead to execution of\n arbitrary code. Note this issue only affects OpenSSL\n when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that\n could allow a NULL pointer to be dereferenced leading\n to denial of service attacks. Note this issue is\n exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is\n enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that\n could lead to denial of service attacks. Note this\n issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an\n attacker to cause usage of weak keying material\n leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH\n cipher suites that could allow denial of service\n attacks. Note this issue only affects OpenSSL TLS\n clients. (CVE-2014-3470)\n\nNote that Nessus has not attempted to exploit these issues, but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.libreoffice.org/about-us/security/advisories/cve-2014-0160/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140605.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to LibreOffice version 4.2.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3470\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2014-0160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:libreoffice:libreoffice\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"libreoffice_installed.nasl\");\n script_require_keys(\"SMB/LibreOffice/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nkb_base = \"SMB/LibreOffice\";\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\nversion_ui = get_kb_item_or_exit(kb_base+\"/Version_UI\", exit_code:1);\n\n# Versions 4.2 up to and not including 4.2.3 are vulnerable.\nif (version =~ \"^4\\.2($|\\.[0-2]($|[^0-9]))\")\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version_ui +\n '\\n Fixed version : 4.2.3' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"LibreOffice\", version_ui, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:35:30", "description": "A version of LibreOffice 4.2.x prior to 4.2.3 is installed on the remote Mac OS X host. This version of LibreOffice is bundled with a version of OpenSSL affected by multiple vulnerabilities :\n\n - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - An error exists in the 'ssl3_take_mac' function in the file 'ssl/s3_both.c' related to handling TLS handshake traffic that could lead to denial of service attacks.\n (CVE-2013-4353)\n\n - An error exists in the 'ssl_get_algorithm2' function in the file 'ssl/s3_lib.c' related to handling TLS 1.2 traffic that could lead to denial of service attacks.\n (CVE-2013-6449)\n\n - An error exists related to the handling of DTLS retransmission processes that could lead to denial of service attacks. (CVE-2013-6450)\n\n - An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to obtain sensitive information such as primary key material, secondary key material, and other protected content.\n (CVE-2014-0160)\n\n - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note this issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)\n\nNote that Nessus has not attempted to exploit these issues, but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2014-07-15T00:00:00", "type": "nessus", "title": "LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Mac OS X) (Heartbleed)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2022-05-05T00:00:00", "cpe": ["cpe:/a:libreoffice:libreoffice"], "id": "MACOSX_LIBREOFFICE_423.NASL", "href": "https://www.tenable.com/plugins/nessus/76511", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76511);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/05\");\n\n script_cve_id(\n \"CVE-2010-5298\",\n \"CVE-2013-4353\",\n \"CVE-2013-6449\",\n \"CVE-2013-6450\",\n \"CVE-2014-0160\",\n \"CVE-2014-0195\",\n \"CVE-2014-0198\",\n \"CVE-2014-0221\",\n \"CVE-2014-0224\",\n \"CVE-2014-3470\"\n );\n script_bugtraq_id(\n 64530,\n 64618,\n 64691,\n 66690,\n 66801,\n 67193,\n 67898,\n 67899,\n 67900,\n 67901\n );\n script_xref(name:\"CERT\", value:\"720951\");\n script_xref(name:\"CERT\", value:\"978508\");\n script_xref(name:\"EDB-ID\", value:\"32745\");\n script_xref(name:\"EDB-ID\", value:\"32764\");\n script_xref(name:\"EDB-ID\", value:\"32791\");\n script_xref(name:\"EDB-ID\", value:\"32998\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"LibreOffice 4.2.x < 4.2.3 OpenSSL Multiple Vulnerabilities (Mac OS X) (Heartbleed)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"A version of LibreOffice 4.2.x prior to 4.2.3 is installed on the\nremote Mac OS X host. This version of LibreOffice is bundled with a\nversion of OpenSSL affected by multiple vulnerabilities :\n\n - An error exists in the function 'ssl3_read_bytes'\n that could allow data to be injected into other\n sessions or allow denial of service attacks. Note\n this issue is only exploitable if\n 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - An error exists in the 'ssl3_take_mac' function in the\n file 'ssl/s3_both.c' related to handling TLS handshake\n traffic that could lead to denial of service attacks.\n (CVE-2013-4353)\n\n - An error exists in the 'ssl_get_algorithm2' function in\n the file 'ssl/s3_lib.c' related to handling TLS 1.2\n traffic that could lead to denial of service attacks.\n (CVE-2013-6449)\n\n - An error exists related to the handling of DTLS\n retransmission processes that could lead to denial of\n service attacks. (CVE-2013-6450)\n\n - An out-of-bounds read error, known as the 'Heartbleed\n Bug', exists related to handling TLS heartbeat\n extensions that could allow an attacker to obtain\n sensitive information such as primary key material,\n secondary key material, and other protected content.\n (CVE-2014-0160)\n\n - A buffer overflow error exists related to invalid DTLS\n fragment handling that could lead to execution of\n arbitrary code. Note this issue only affects OpenSSL\n when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that\n could allow a NULL pointer to be dereferenced leading\n to denial of service attacks. Note this issue is\n exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is\n enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that\n could lead to denial of service attacks. Note this\n issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an\n attacker to cause usage of weak keying material\n leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH\n cipher suites that could allow denial of service\n attacks. Note this issue only affects OpenSSL TLS\n clients. (CVE-2014-3470)\n\nNote that Nessus has not attempted to exploit these issues, but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.libreoffice.org/about-us/security/advisories/cve-2014-0160/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.heartbleed.com\");\n script_set_attribute(attribute:\"see_also\", value:\"https://eprint.iacr.org/2014/140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#2014-0160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140407.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140605.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to LibreOffice version 4.2.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3470\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2014-0160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:libreoffice:libreoffice\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_libreoffice_installed.nasl\");\n script_require_keys(\"MacOSX/LibreOffice/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nkb_base = \"MacOSX/LibreOffice\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\n\n# Versions 4.2 up to and not including 4.2.3 are vulnerable\nif (version =~ \"^4\\.2\\.[0-2]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 4.2.3' +\n '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"LibreOffice\", version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-07T14:19:50", "description": "openssl was updated to 1.0.0k security release to fix bugs and security issues. (bnc#802648 bnc#802746) The version was upgraded to avoid backporting the large fixes for SSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169) TLS 1.1 and 1.2 AES-NI crash (CVE-2012-2686) OCSP invalid key DoS issue (CVE-2013-0166)\n\nAlso the following bugfix was included: bnc#757773 - c_rehash to accept more filename extensions", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl (openSUSE-SU-2013:0336-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4108", "CVE-2011-4576", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0027", "CVE-2012-0050", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2686", "CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debugsource", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2013-153.NASL", "href": "https://www.tenable.com/plugins/nessus/74901", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-153.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74901);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2011-4108\",\n \"CVE-2011-4576\",\n \"CVE-2011-4577\",\n \"CVE-2011-4619\",\n \"CVE-2012-0027\",\n \"CVE-2012-0050\",\n \"CVE-2012-0884\",\n \"CVE-2012-1165\",\n \"CVE-2012-2110\",\n \"CVE-2012-2686\",\n \"CVE-2013-0166\",\n \"CVE-2013-0169\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-SU-2013:0336-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"openssl was updated to 1.0.0k security release to fix bugs and\nsecurity issues. (bnc#802648 bnc#802746) The version was upgraded to\navoid backporting the large fixes for SSL, TLS and DTLS Plaintext\nRecovery Attack (CVE-2013-0169) TLS 1.1 and 1.2 AES-NI crash\n(CVE-2012-2686) OCSP invalid key DoS issue (CVE-2013-0166)\n\nAlso the following bugfix was included: bnc#757773 -\nc_rehash to accept more filename extensions\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=757773\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=802648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=802746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2013-02/msg00069.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libopenssl-devel-1.0.0k-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libopenssl1_0_0-1.0.0k-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libopenssl1_0_0-debuginfo-1.0.0k-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"openssl-1.0.0k-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"openssl-debuginfo-1.0.0k-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"openssl-debugsource-1.0.0k-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.0k-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.0k-34.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.0k-34.20.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:29:27", "description": "It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes.\n(CVE-2007-3108)\n\nMoritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service. (CVE-2007-5135).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-11-10T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 : openssl vulnerabilities (USN-522-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-5135"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl-dev", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg", "p-cpe:/a:canonical:ubuntu_linux:openssl", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:6.10", "cpe:/o:canonical:ubuntu_linux:7.04"], "id": "UBUNTU_USN-522-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28127", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-522-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28127);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4343\", \"CVE-2007-3108\", \"CVE-2007-5135\");\n script_xref(name:\"USN\", value:\"522-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 : openssl vulnerabilities (USN-522-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL did not correctly perform Montgomery\nmultiplications. Local attackers might be able to reconstruct RSA\nprivate keys by examining another user's OpenSSL processes.\n(CVE-2007-3108)\n\nMoritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers\nfunction did not correctly check the size of the buffer it was writing\nto. A remote attacker could exploit this to write one NULL byte past\nthe end of an application's cipher list buffer, possibly leading to\narbitrary code execution or a denial of service. (CVE-2007-5135).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/522-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl-dev\", pkgver:\"0.9.8a-7ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8a-7ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8a-7ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"openssl\", pkgver:\"0.9.8a-7ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libssl-dev\", pkgver:\"0.9.8b-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8b-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8b-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"openssl\", pkgver:\"0.9.8b-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libssl-dev\", pkgver:\"0.9.8c-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8c-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libssl0.9.8-dbg\", pkgver:\"0.9.8c-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"openssl\", pkgver:\"0.9.8c-4ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl-dev / libssl0.9.8 / libssl0.9.8-dbg / openssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-01T14:38:55", "description": "Security fix for CVE-2015-0209, CVE-2015-0289, CVE-2015-0292, CVE-2015-0287, CVE-2015-0286, CVE-2015-0288\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-25T00:00:00", "type": "nessus", "title": "Fedora 21 : openssl-1.0.1k-6.fc21 (2015-4303)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-4303.NASL", "href": "https://www.tenable.com/plugins/nessus/82059", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4303.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82059);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_bugtraq_id(73225, 73227, 73228, 73231, 73232, 73237, 73239);\n script_xref(name:\"FEDORA\", value:\"2015-4303\");\n\n script_name(english:\"Fedora 21 : openssl-1.0.1k-6.fc21 (2015-4303)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-0209, CVE-2015-0289, CVE-2015-0292,\nCVE-2015-0287, CVE-2015-0286, CVE-2015-0288\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1196737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202366\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202418\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4d0debe9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"openssl-1.0.1k-6.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:00", "description": "From Red Hat Security Advisory 2015:0715 :\n\nUpdated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson of the OpenSSL development team as the original reporter of CVE-2015-0286, Emilia Kasper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia Kasper of the OpenSSL development team as the original reporters of CVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : openssl (ELSA-2015-0715)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "p-cpe:/a:oracle:linux:openssl-static", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2015-0715.NASL", "href": "https://www.tenable.com/plugins/nessus/82015", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:0715 and \n# Oracle Linux Security Advisory ELSA-2015-0715 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82015);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_xref(name:\"RHSA\", value:\"2015:0715\");\n\n script_name(english:\"Oracle Linux 6 : openssl (ELSA-2015-0715)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:0715 :\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp()\nfunction. A remote attacker could crash a TLS/SSL client or server\nusing OpenSSL via a specially crafted X.509 certificate when the\nattacker-supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in\nthe way OpenSSL decoded malformed Base64-encoded inputs. An attacker\nable to make an application using OpenSSL decode a specially crafted\nBase64-encoded input (such as a PEM file) could use this flaw to cause\nthe application to crash. Note: this flaw is not exploitable via the\nTLS/SSL protocol because the data being transferred is not\nBase64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had\nboth the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed\nElliptic Curve private keys. A specially crafted key file could cause\nan application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused\ncertain ASN.1 structures. A remote attacker could possibly use a\nspecially crafted ASN.1 structure that, when parsed by an application,\nwould cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509\ncertificate handling implementation. A specially crafted X.509\ncertificate could cause an application using OpenSSL to crash if the\napplication attempted to convert the certificate to a certificate\nrequest. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. An attacker able to make an application using\nOpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input\ncould cause that application to crash. TLS/SSL clients and servers\nusing OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289,\nCVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson\nof the OpenSSL development team as the original reporter of\nCVE-2015-0286, Emilia Kasper of the OpenSSL development team as the\noriginal reporter of CVE-2015-0287, Brian Carpenter as the original\nreporter of CVE-2015-0288, Michal Zalewski of Google as the original\nreporter of CVE-2015-0289, Robert Dugal and David Ramos as the\noriginal reporters of CVE-2015-0292, and Sean Burford of Google and\nEmilia Kasper of the OpenSSL development team as the original\nreporters of CVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-March/004922.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"openssl-1.0.1e-30.el6_6.7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-perl-1.0.1e-30.el6_6.7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-static-1.0.1e-30.el6_6.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl-static\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:49", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Storage 2.1.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson of the OpenSSL development team as the original reporter of CVE-2015-0286, Emilia Kasper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia Kasper of the OpenSSL development team as the original reporters of CVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2015-04-01T00:00:00", "type": "nessus", "title": "RHEL 6 : Storage Server (RHSA-2015:0752)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2015-0752.NASL", "href": "https://www.tenable.com/plugins/nessus/82494", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0752. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82494);\n script_version(\"1.22\");\n script_cvs_date(\"Date: 2019/10/24 15:35:39\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_xref(name:\"RHSA\", value:\"2015:0752\");\n\n script_name(english:\"RHEL 6 : Storage Server (RHSA-2015:0752)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Storage 2.1.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp()\nfunction. A remote attacker could crash a TLS/SSL client or server\nusing OpenSSL via a specially crafted X.509 certificate when the\nattacker-supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in\nthe way OpenSSL decoded malformed Base64-encoded inputs. An attacker\nable to make an application using OpenSSL decode a specially crafted\nBase64-encoded input (such as a PEM file) could use this flaw to cause\nthe application to crash. Note: this flaw is not exploitable via the\nTLS/SSL protocol because the data being transferred is not\nBase64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had\nboth the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed\nElliptic Curve private keys. A specially crafted key file could cause\nan application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused\ncertain ASN.1 structures. A remote attacker could possibly use a\nspecially crafted ASN.1 structure that, when parsed by an application,\nwould cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509\ncertificate handling implementation. A specially crafted X.509\ncertificate could cause an application using OpenSSL to crash if the\napplication attempted to convert the certificate to a certificate\nrequest. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. An attacker able to make an application using\nOpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input\ncould cause that application to crash. TLS/SSL clients and servers\nusing OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289,\nCVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson\nof the OpenSSL development team as the original reporter of\nCVE-2015-0286, Emilia Kasper of the OpenSSL development team as the\noriginal reporter of CVE-2015-0287, Brian Carpenter as the original\nreporter of CVE-2015-0288, Michal Zalewski of Google as the original\nreporter of CVE-2015-0289, Robert Dugal and David Ramos as the\noriginal reporters of CVE-2015-0292, and Sean Burford of Google and\nEmilia Kasper of the OpenSSL development team as the original\nreporters of CVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20150319.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/1384453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0288\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0752\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"redhat-storage-server\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Storage Server\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-30.el6_6.7\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.7\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-30.el6_6.7\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-30.el6_6.7\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-30.el6_6.7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-03T15:07:02", "description": "Security fix for CVE-2015-0209, CVE-2015-0289, CVE-2015-0292, CVE-2015-0287, CVE-2015-0286, CVE-2015-0288\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-25T00:00:00", "type": "nessus", "title": "Fedora 20 : openssl-1.0.1e-42.fc20 (2015-4300)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2015-4300.NASL", "href": "https://www.tenable.com/plugins/nessus/82058", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4300.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82058);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_bugtraq_id(73225, 73227, 73228, 73231, 73232, 73237, 73239);\n script_xref(name:\"FEDORA\", value:\"2015-4300\");\n\n script_name(english:\"Fedora 20 : openssl-1.0.1e-42.fc20 (2015-4300)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-0209, CVE-2015-0289, CVE-2015-0292,\nCVE-2015-0287, CVE-2015-0286, CVE-2015-0288\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1196737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202366\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202418\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?690fa967\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"openssl-1.0.1e-42.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:32", "description": "Security fix for CVE-2015-0209, CVE-2015-0289, CVE-2015-0292, CVE-2015-0287, CVE-2015-0286, CVE-2015-0288\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-25T00:00:00", "type": "nessus", "title": "Fedora 22 : openssl-1.0.1k-6.fc22 (2015-4320)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-4320.NASL", "href": "https://www.tenable.com/plugins/nessus/82060", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4320.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82060);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_bugtraq_id(73225, 73227, 73228, 73231, 73232, 73237, 73239);\n script_xref(name:\"FEDORA\", value:\"2015-4320\");\n\n script_name(english:\"Fedora 22 : openssl-1.0.1k-6.fc22 (2015-4320)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-0209, CVE-2015-0289, CVE-2015-0292,\nCVE-2015-0287, CVE-2015-0286, CVE-2015-0288\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1196737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202366\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1202418\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44594cda\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"openssl-1.0.1k-6.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:17", "description": "An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker- supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nThis update also fixes the following bug :\n\n - When a wrapped Advanced Encryption Standard (AES) key did not require any padding, it was incorrectly padded with 8 bytes, which could lead to data corruption and interoperability problems. With this update, the rounding algorithm in the RFC 5649 key wrapping implementation has been fixed. As a result, the wrapped key conforms to the specification, which prevents the described problems.\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL7.x x86_64 (20150324)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-libs", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "p-cpe:/a:fermilab:scientific_linux:openssl-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150324_OPENSSL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/82266", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82266);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL7.x x86_64 (20150324)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp()\nfunction. A remote attacker could crash a TLS/SSL client or server\nusing OpenSSL via a specially crafted X.509 certificate when the\nattacker- supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in\nthe way OpenSSL decoded malformed Base64-encoded inputs. An attacker\nable to make an application using OpenSSL decode a specially crafted\nBase64-encoded input (such as a PEM file) could use this flaw to cause\nthe application to crash. Note: this flaw is not exploitable via the\nTLS/SSL protocol because the data being transferred is not\nBase64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had\nboth the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed\nElliptic Curve private keys. A specially crafted key file could cause\nan application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused\ncertain ASN.1 structures. A remote attacker could possibly use a\nspecially crafted ASN.1 structure that, when parsed by an application,\nwould cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509\ncertificate handling implementation. A specially crafted X.509\ncertificate could cause an application using OpenSSL to crash if the\napplication attempted to convert the certificate to a certificate\nrequest. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. An attacker able to make an application using\nOpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input\ncould cause that application to crash. TLS/SSL clients and servers\nusing OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nThis update also fixes the following bug :\n\n - When a wrapped Advanced Encryption Standard (AES) key\n did not require any padding, it was incorrectly padded\n with 8 bytes, which could lead to data corruption and\n interoperability problems. With this update, the\n rounding algorithm in the RFC 5649 key wrapping\n implementation has been fixed. As a result, the wrapped\n key conforms to the specification, which prevents the\n described problems.\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1503&L=scientific-linux-errata&T=0&P=3614\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f05e14b9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1e-42.el7_1.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7_1.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7_1.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7_1.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T15:07:49", "description": "The remote Cisco IOS XE device is missing a vendor-supplied security patch and has an IOS service configured to use TLS or SSL. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library :\n\n - A use-after-free condition exists in the d2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read error exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)\n\n - An integer underflow condition exists in the EVP_DecodeUpdate() function due to improper validation of base64 encoded input when decoding. This allows a remote attacker, using maliciously crafted base64 data, to cause a segmentation fault or memory corruption, resulting in a denial of service or possibly the execution of arbitrary code. (CVE-2015-0292)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)", "cvss3": {}, "published": "2016-04-14T00:00:00", "type": "nessus", "title": "Cisco IOS XE Multiple OpenSSL Vulnerabilities (CSCut46130 / CSCut46126)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2019-11-19T00:00:00", "cpe": ["cpe:/o:cisco:ios_xe"], "id": "CISCO-SA-20150320-OPENSSL-IOSXE.NASL", "href": "https://www.tenable.com/plugins/nessus/90526", "sourceData": "#TRUSTED a4c53503c388e2f66ee2ed51343b9713c6f0cd34004b8452855a574e3b1f202bb9fa7ff9c2cef512e1f92c563d8a54760552a0e9dd87f4899c116e4d2b6a7c2be07823878ebc9d5295cedeeff1679763f3facb87d83d0f97458ec717566a5640856f93ab0532bbcc619e6330d63de02f45c55cb3ac2e07883be3de297d39e4695fa62445ef63b00dd9387102377eeec2013b929664919bdc378f16b33ce6765b399b843cef51c40f28a2409a11deec2d032ee559d9a702d9ee604cbc8979d6a25065fa4c2cd6975ad70e439352f32e21285d06738a03b771221b731cc740986892cc1c65422009fdf54347bac58f85a6cd9e33a817dc7b07d8d8cc57ec48c1385483e93fc03383cf4613cd6318314766b52992425677cf5c0c73cbf83231c6df056bd5b9ee2a36992f01af89f2d5a16a0ad19efdba7101c406bda57ff7ac9c9519f19329edab6cc3d879d08c1c9297bfa1853d7763ae3d76c53ba8925de39ebe2048fe255d898f51cb31e27f16438bedb13120636879e64a32e0319db980b383ba1607539aa91849cb4d84104f9f16add571513ef6f866f77c534fab2411a19d20fbbd858d79dcc19e1c122c3a3c27828c2ac2276513a79981475bd32e2b7b1af8cda347c7b081589bfa50621e271da231517491bc5cb52e0df8f2468dba161079a31b9c830af162264f69f447f39b77af4a287bcff868e9fb1e1e98f96671ab\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90526);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/19\");\n\n script_cve_id(\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-0292\",\n \"CVE-2015-0293\"\n );\n script_bugtraq_id(\n 73225,\n 73227,\n 73228,\n 73231,\n 73232,\n 73237,\n 73239\n );\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCut46130\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCut46126\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20150320-openssl\");\n\n script_name(english:\"Cisco IOS XE Multiple OpenSSL Vulnerabilities (CSCut46130 / CSCut46126)\");\n script_summary(english:\"Checks the IOS XE version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Cisco IOS XE device is missing a vendor-supplied security\npatch and has an IOS service configured to use TLS or SSL. It is,\ntherefore, affected by the following vulnerabilities in the bundled\nOpenSSL library :\n\n - A use-after-free condition exists in the\n d2i_ECPrivateKey() function due to improper processing\n of malformed EC private key files during import. A\n remote attacker can exploit this to dereference or free\n already freed memory, resulting in a denial of service\n or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read error exists in the ASN1_TYPE_cmp()\n function due to improperly performed boolean-type\n comparisons. A remote attacker can exploit this, via a\n crafted X.509 certificate to an endpoint that uses the\n certificate-verification feature, to cause an invalid\n read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to\n a failure to reinitialize 'CHOICE' and 'ADB' data\n structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write\n operation and memory corruption, resulting in a denial\n of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the\n X509_to_X509_REQ() function due to improper processing\n of certificate keys. This allows a remote attacker, via\n a crafted X.509 certificate, to cause a denial of\n service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing outer\n ContentInfo. This allows a remote attacker, using an\n application that processes arbitrary PKCS#7 data and\n providing malformed data with ASN.1 encoding, to cause\n a denial of service. (CVE-2015-0289)\n\n - An integer underflow condition exists in the\n EVP_DecodeUpdate() function due to improper validation\n of base64 encoded input when decoding. This allows a\n remote attacker, using maliciously crafted base64 data,\n to cause a segmentation fault or memory corruption,\n resulting in a denial of service or possibly the\n execution of arbitrary code. (CVE-2015-0292)\n\n - A flaw exists in servers that both support SSLv2 and\n enable export cipher suites due to improper\n implementation of SSLv2. A remote attacker can exploit\n this, via a crafted CLIENT-MASTER-KEY message, to cause\n a denial of service. (CVE-2015-0293)\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150320-openssl\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2beef118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCut46130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150319.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant fixed version referenced in Cisco bug ID\nCSCut46130.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios_xe\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_ios_xe_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS-XE/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nversion = get_kb_item_or_exit(\"Host/Cisco/IOS-XE/Version\");\n##\n# Examines the output of show running config all for evidence\n# the WebUI is running and using SSL\n#\n# @remark 'override' in the return value signals that the scan\n# was not provided sufficient credentials to check for\n# the related configurations. 'flag' signals whether or\n# not the configuration examined shows the webui with\n# SSL is enabled\n#\n# @return always an array like:\n# {\n# 'override' : (TRUE|FALSE),\n# 'flag' : (TRUE|FALSE)\n# }\n##\nfunction iosxe_webui_ssl()\n{\n local_var res, buf;\n res = make_array(\n 'override', TRUE,\n 'flag', TRUE\n );\n\n # Signal we need local checks\n if (!get_kb_item(\"Host/local_checks_enabled\"))\n return res;\n\n buf = cisco_command_kb_item(\n \"Host/Cisco/Config/show_running-config_all\",\n \"show running-config all\"\n );\n\n # Privilege escalation required\n if (cisco_needs_enable(buf))\n return res;\n\n res['flag'] = FALSE;\n\n # Check to make sure no errors in command output\n if(!check_cisco_result(buf))\n return res;\n\n # All good check for various SSL services\n res['override'] = FALSE;\n\n # Web UI HTTPS\n if (preg(string:buf, pattern:\"^ip http secure-server\", multiline:TRUE))\n res['flag'] = TRUE;\n\n return res;\n}\n\n##\n# Main check logic\n##\n\nflag = 0;\nif (version == \"3.11.0S\") flag++;\nif (version == \"3.12.0S\") flag++;\nif (version == \"3.13.0S\") flag++;\nif (version == \"3.14.0S\") flag++;\nif (version == \"3.15.0S\") flag++;\n\nif (!flag)\n audit(AUDIT_INST_VER_NOT_VULN, \"Cisco IOS XE\", version);\n\n# Configuration check\nsslcheck = iosxe_webui_ssl();\n\nif (!sslcheck['flag'] && !sslcheck['override'])\n audit(AUDIT_HOST_NOT, \"affected because it appears the WebUI is not enabled or not using SSL/TLS\");\n\n# Override is shown regardless of verbosity\nreport = \"\";\nif (report_verbosity > 0)\n{\n order = make_list('Cisco bug ID', 'Installed release');\n report = make_array(\n order[0], 'CSCut46130 / CSCut46126',\n order[1], version\n );\n report = report_items_str(report_items:report, ordered_fields:order);\n}\n\nsecurity_hole(port:0, extra:report+cisco_caveat(sslcheck['override']));\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:31", "description": "Updated OpenSSL packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\n - An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.\n (CVE-2015-0286)\n\n - An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded.\n (CVE-2015-0292)\n\n - A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293)\n\n - A use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209)\n\n - An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request.\n (CVE-2015-0288)\n\n - A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson of the OpenSSL development team as the original reporter of CVE-2015-0286, Emilia K\u00e4sper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia K\u00e4sper of the OpenSSL development team as the original reporters of CVE-2015-0293.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "CentOS 6 : openssl (CESA-2015:0715)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-static", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2015-0715.NASL", "href": "https://www.tenable.com/plugins/nessus/81997", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0715 and \n# CentOS Errata and Security Advisory 2015:0715 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81997);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-0292\",\n \"CVE-2015-0293\"\n );\n script_bugtraq_id(\n 73225,\n 73227,\n 73228,\n 73231,\n 73232,\n 73237,\n 73239\n );\n script_xref(name:\"RHSA\", value:\"2015:0715\");\n\n script_name(english:\"CentOS 6 : openssl (CESA-2015:0715)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated OpenSSL packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\n - An invalid pointer use flaw was found in OpenSSL's\n ASN1_TYPE_cmp() function. A remote attacker could crash\n a TLS/SSL client or server using OpenSSL via a specially\n crafted X.509 certificate when the attacker-supplied\n certificate was verified by the application.\n (CVE-2015-0286)\n\n - An integer underflow flaw, leading to a buffer overflow,\n was found in the way OpenSSL decoded malformed\n Base64-encoded inputs. An attacker able to make an\n application using OpenSSL decode a specially crafted\n Base64-encoded input (such as a PEM file) could use this\n flaw to cause the application to crash. Note: this flaw\n is not exploitable via the TLS/SSL protocol because the\n data being transferred is not Base64-encoded.\n (CVE-2015-0292)\n\n - A denial of service flaw was found in the way OpenSSL\n handled SSLv2 handshake messages. A remote attacker\n could use this flaw to cause a TLS/SSL server using\n OpenSSL to exit on a failed assertion if it had both\n the SSLv2 protocol and EXPORT-grade cipher suites\n enabled. (CVE-2015-0293)\n\n - A use-after-free flaw was found in the way OpenSSL\n imported malformed Elliptic Curve private keys. A\n specially crafted key file could cause an application\n using OpenSSL to crash when imported. (CVE-2015-0209)\n\n - An out-of-bounds write flaw was found in the way OpenSSL\n reused certain ASN.1 structures. A remote attacker could\n possibly use a specially crafted ASN.1 structure that,\n when parsed by an application, would cause that\n application to crash. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw was found in OpenSSL's\n X.509 certificate handling implementation. A specially\n crafted X.509 certificate could cause an application\n using OpenSSL to crash if the application attempted to\n convert the certificate to a certificate request.\n (CVE-2015-0288)\n\n - A NULL pointer dereference was found in the way OpenSSL\n handled certain PKCS#7 inputs. An attacker able to make\n an application using OpenSSL verify, decrypt, or parse a\n specially crafted PKCS#7 input could cause that\n application to crash. TLS/SSL clients and servers using\n OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289,\nCVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson\nof the OpenSSL development team as the original reporter of\nCVE-2015-0286, Emilia K\u00c3\u00a4sper of the OpenSSL development team as the\noriginal reporter of CVE-2015-0287, Brian Carpenter as the original\nreporter of CVE-2015-0288, Michal Zalewski of Google as the original\nreporter of CVE-2015-0289, Robert Dugal and David Ramos as the\noriginal reporters of CVE-2015-0292, and Sean Burford of Google and\nEmilia K\u00c3\u00a4sper of the OpenSSL development team as the original\nreporters of CVE-2015-0293.\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2015-March/020988.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7cf8ffbb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\n\npackages = make_list(\"openssl\", \"openssl-devel\", \"openssl-perl\", \"openssl-static\");\nadvisory_version = \"1.0.1e-30.el6_6.7\";\nbuggy_branch = \"1.0.1e-30.el6\\.([89]|\\d{2,})\\|\";\nforeach currpackage (packages)\n{\n rpm_regex = currpackage + \"-\" + buggy_branch;\n advisory_reference = currpackage + \"-\" + advisory_version;\n if (! rpm_exists(release:\"CentOS-6\", rpm:rpm_regex) && rpm_check(release:\"CentOS-6\", reference:advisory_reference)) flag++;\n}\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-03T15:08:27", "description": "An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker- supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20150324)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "p-cpe:/a:fermilab:scientific_linux:openssl-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150324_OPENSSL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/82265", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82265);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20150324)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp()\nfunction. A remote attacker could crash a TLS/SSL client or server\nusing OpenSSL via a specially crafted X.509 certificate when the\nattacker- supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in\nthe way OpenSSL decoded malformed Base64-encoded inputs. An attacker\nable to make an application using OpenSSL decode a specially crafted\nBase64-encoded input (such as a PEM file) could use this flaw to cause\nthe application to crash. Note: this flaw is not exploitable via the\nTLS/SSL protocol because the data being transferred is not\nBase64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had\nboth the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed\nElliptic Curve private keys. A specially crafted key file could cause\nan application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused\ncertain ASN.1 structures. A remote attacker could possibly use a\nspecially crafted ASN.1 structure that, when parsed by an application,\nwould cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509\ncertificate handling implementation. A specially crafted X.509\ncertificate could cause an application using OpenSSL to crash if the\napplication attempted to convert the certificate to a certificate\nrequest. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. An attacker able to make an application using\nOpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input\ncould cause that application to crash. TLS/SSL clients and servers\nusing OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1503&L=scientific-linux-errata&T=0&P=1388\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4b441c97\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"openssl-1.0.1e-30.el6_6.7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-perl-1.0.1e-30.el6_6.7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-static-1.0.1e-30.el6_6.7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:16", "description": "Updated openssl packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson of the OpenSSL development team as the original reporter of CVE-2015-0286, Emilia K\u00e4sper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia K\u00e4sper of the OpenSSL development team as the original reporters of CVE-2015-0293.\n\nThis update also fixes the following bug :\n\n* When a wrapped Advanced Encryption Standard (AES) key did not require any padding, it was incorrectly padded with 8 bytes, which could lead to data corruption and interoperability problems. With this update, the rounding algorithm in the RFC 5649 key wrapping implementation has been fixed. As a result, the wrapped key conforms to the specification, which prevents the described problems.\n(BZ#1197667)\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "CentOS 7 : openssl (CESA-2015:0716)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-libs", "p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-static", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-0716.NASL", "href": "https://www.tenable.com/plugins/nessus/81998", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0716 and \n# CentOS Errata and Security Advisory 2015:0716 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81998);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_xref(name:\"RHSA\", value:\"2015:0716\");\n\n script_name(english:\"CentOS 7 : openssl (CESA-2015:0716)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp()\nfunction. A remote attacker could crash a TLS/SSL client or server\nusing OpenSSL via a specially crafted X.509 certificate when the\nattacker-supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in\nthe way OpenSSL decoded malformed Base64-encoded inputs. An attacker\nable to make an application using OpenSSL decode a specially crafted\nBase64-encoded input (such as a PEM file) could use this flaw to cause\nthe application to crash. Note: this flaw is not exploitable via the\nTLS/SSL protocol because the data being transferred is not\nBase64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had\nboth the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed\nElliptic Curve private keys. A specially crafted key file could cause\nan application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused\ncertain ASN.1 structures. A remote attacker could possibly use a\nspecially crafted ASN.1 structure that, when parsed by an application,\nwould cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509\ncertificate handling implementation. A specially crafted X.509\ncertificate could cause an application using OpenSSL to crash if the\napplication attempted to convert the certificate to a certificate\nrequest. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. An attacker able to make an application using\nOpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input\ncould cause that application to crash. TLS/SSL clients and servers\nusing OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289,\nCVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson\nof the OpenSSL development team as the original reporter of\nCVE-2015-0286, Emilia K\u00c3\u00a4sper of the OpenSSL development team as the\noriginal reporter of CVE-2015-0287, Brian Carpenter as the original\nreporter of CVE-2015-0288, Michal Zalewski of Google as the original\nreporter of CVE-2015-0289, Robert Dugal and David Ramos as the\noriginal reporters of CVE-2015-0292, and Sean Burford of Google and\nEmilia K\u00c3\u00a4sper of the OpenSSL development team as the original\nreporters of CVE-2015-0293.\n\nThis update also fixes the following bug :\n\n* When a wrapped Advanced Encryption Standard (AES) key did not\nrequire any padding, it was incorrectly padded with 8 bytes, which\ncould lead to data corruption and interoperability problems. With this\nupdate, the rounding algorithm in the RFC 5649 key wrapping\nimplementation has been fixed. As a result, the wrapped key conforms\nto the specification, which prevents the described problems.\n(BZ#1197667)\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n # http://lists.centos.org/pipermail/centos-cr-announce/2015-March/001858.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d4e94e5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n# Temp disable\nexit(0, \"Temporarily disabled.\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7.4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7.4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7.4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7.4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T14:38:17", "description": "It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2015-0209)\n\nStephen Henson discovered that OpenSSL incorrectly handled comparing ASN.1 boolean types. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-0286)\n\nEmilia Kasper discovered that OpenSSL incorrectly handled ASN.1 structure reuse. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2015-0287)\n\nBrian Carpenter discovered that OpenSSL incorrectly handled invalid certificate keys. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-0288)\n\nMichal Zalewski discovered that OpenSSL incorrectly handled missing outer ContentInfo when parsing PKCS#7 structures. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2015-0289)\n\nRobert Dugal and David Ramos discovered that OpenSSL incorrectly handled decoding Base64 encoded data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2015-0292)\n\nSean Burford and Emilia Kasper discovered that OpenSSL incorrectly handled specially crafted SSLv2 CLIENT-MASTER-KEY messages. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-0293).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-20T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : openssl vulnerabilities (USN-2537-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2537-1.NASL", "href": "https://www.tenable.com/plugins/nessus/81971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2537-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81971);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_bugtraq_id(73225, 73227, 73228, 73231, 73232, 73237, 73239);\n script_xref(name:\"USN\", value:\"2537-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : openssl vulnerabilities (USN-2537-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL incorrectly handled malformed EC\nprivate key files. A remote attacker could possibly use this issue to\ncause OpenSSL to crash, resulting in a denial of service, or execute\narbitrary code. (CVE-2015-0209)\n\nStephen Henson discovered that OpenSSL incorrectly handled comparing\nASN.1 boolean types. A remote attacker could possibly use this issue\nto cause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-0286)\n\nEmilia Kasper discovered that OpenSSL incorrectly handled ASN.1\nstructure reuse. A remote attacker could possibly use this issue to\ncause OpenSSL to crash, resulting in a denial of service, or execute\narbitrary code. (CVE-2015-0287)\n\nBrian Carpenter discovered that OpenSSL incorrectly handled invalid\ncertificate keys. A remote attacker could possibly use this issue to\ncause OpenSSL to crash, resulting in a denial of service.\n(CVE-2015-0288)\n\nMichal Zalewski discovered that OpenSSL incorrectly handled missing\nouter ContentInfo when parsing PKCS#7 structures. A remote attacker\ncould possibly use this issue to cause OpenSSL to crash, resulting in\na denial of service, or execute arbitrary code. (CVE-2015-0289)\n\nRobert Dugal and David Ramos discovered that OpenSSL incorrectly\nhandled decoding Base64 encoded data. A remote attacker could possibly\nuse this issue to cause OpenSSL to crash, resulting in a denial of\nservice, or execute arbitrary code. (CVE-2015-0292)\n\nSean Burford and Emilia Kasper discovered that OpenSSL incorrectly\nhandled specially crafted SSLv2 CLIENT-MASTER-KEY messages. A remote\nattacker could possibly use this issue to cause OpenSSL to crash,\nresulting in a denial of service. (CVE-2015-0293).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2537-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libssl0.9.8 and / or libssl1.0.0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8k-7ubuntu8.27\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1-4ubuntu5.25\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1f-1ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1f-1ubuntu9.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl0.9.8 / libssl1.0.0\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:19:08", "description": "The version of OpenSSL installed on the remote AIX host is affected by the following vulnerabilities :\n\n - A use-after-free condition exists in the d2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)\n\n - An integer underflow condition exists in the EVP_DecodeUpdate() function due to improper validation of base64 encoded input when decoding. This allows a remote attacker, using maliciously crafted base64 data, to cause a segmentation fault or memory corruption, resulting in a denial of service or possibly the execution of arbitrary code. (CVE-2015-0292)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)", "cvss3": {}, "published": "2015-04-20T00:00:00", "type": "nessus", "title": "AIX OpenSSL Advisory : openssl_advisory13.asc", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix", "cpe:/a:openssl:openssl"], "id": "AIX_OPENSSL_ADVISORY13.NASL", "href": "https://www.tenable.com/plugins/nessus/82900", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory openssl_advisory13.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82900);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-0292\",\n \"CVE-2015-0293\"\n );\n script_bugtraq_id(\n 73225,\n 73227,\n 73228,\n 73231,\n 73232,\n 73237,\n 73239\n );\n\n script_name(english:\"AIX OpenSSL Advisory : openssl_advisory13.asc\");\n script_summary(english:\"Checks the version of the OpenSSL packages and iFixes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host has a version of OpenSSL installed that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of OpenSSL installed on the remote AIX host is affected by\nthe following vulnerabilities :\n\n - A use-after-free condition exists in the\n d2i_ECPrivateKey() function due to improper processing\n of malformed EC private key files during import. A\n remote attacker can exploit this to dereference or free\n already freed memory, resulting in a denial of service\n or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp()\n function due to improperly performed boolean-type\n comparisons. A remote attacker can exploit this, via a\n crafted X.509 certificate to an endpoint that uses the\n certificate-verification feature, to cause an invalid\n read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to\n a failure to reinitialize 'CHOICE' and 'ADB' data\n structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write\n operation and memory corruption, resulting in a denial\n of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the\n X509_to_X509_REQ() function due to improper processing\n of certificate keys. This allows a remote attacker, via\n a crafted X.509 certificate, to cause a denial of\n service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing outer\n ContentInfo. This allows a remote attacker, using an\n application that processes arbitrary PKCS#7 data and\n providing malformed data with ASN.1 encoding, to cause\n a denial of service. (CVE-2015-0289)\n\n - An integer underflow condition exists in the\n EVP_DecodeUpdate() function due to improper validation\n of base64 encoded input when decoding. This allows a\n remote attacker, using maliciously crafted base64 data,\n to cause a segmentation fault or memory corruption,\n resulting in a denial of service or possibly the\n execution of arbitrary code. (CVE-2015-0292)\n\n - A flaw exists in servers that both support SSLv2 and\n enable export cipher suites due to improper\n implementation of SSLv2. A remote attacker can exploit\n this, via a crafted CLIENT-MASTER-KEY message, to cause\n a denial of service. (CVE-2015-0293)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory13.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\");\n script_set_attribute(attribute:\"solution\", value:\n\"A fix is available and can be downloaded from the AIX website.\n\nIMPORTANT : If possible, it is recommended that a mksysb backup of the\nsystem be created. Verify that it is both bootable and readable before\nproceeding.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/20\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\ninclude(\"aix.inc\");\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This AIX package check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\n#0.9.8.2503\nif (aix_check_ifix(release:\"5.3\", patch:\"IV71446m9b\", package:\"openssl.base\", minfilesetver:\"0.0.0.0\", maxfilesetver:\"0.9.8.2504\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", patch:\"IV71446m9b\", package:\"openssl.base\", minfilesetver:\"0.0.0.0\", maxfilesetver:\"0.9.8.2504\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", patch:\"IV71446m9b\", package:\"openssl.base\", minfilesetver:\"0.0.0.0\", maxfilesetver:\"0.9.8.2504\") < 0) flag++;\n\n#1.0.1.512\nif (aix_check_ifix(release:\"5.3\", patch:\"IV71446m9a\", package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.513\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", patch:\"IV71446m9a\", package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.513\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", patch:\"IV71446m9a\", package:\"openssl.base\", minfilesetver:\"1.0.1.500\", maxfilesetver:\"1.0.1.513\") < 0) flag++;\n\n#12.9.8.2503\nif (aix_check_ifix(release:\"5.3\", patch:\"IV71446m9c\", package:\"openssl.base\", minfilesetver:\"12.0.0.0\", maxfilesetver:\"12.9.8.2504\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", patch:\"IV71446m9c\", package:\"openssl.base\", minfilesetver:\"12.0.0.0\", maxfilesetver:\"12.9.8.2504\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", patch:\"IV71446m9c\", package:\"openssl.base\", minfilesetver:\"12.0.0.0\", maxfilesetver:\"12.9.8.2504\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:32", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nAn invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson of the OpenSSL development team as the original reporter of CVE-2015-0286, Emilia Kasper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia Kasper of the OpenSSL development team as the original reporters of CVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "RHEL 6 : openssl (RHSA-2015:0715)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.6"], "id": "REDHAT-RHSA-2015-0715.NASL", "href": "https://www.tenable.com/plugins/nessus/82017", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0715. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82017);\n script_version(\"1.24\");\n script_cvs_date(\"Date: 2019/10/24 15:35:39\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_xref(name:\"RHSA\", value:\"2015:0715\");\n\n script_name(english:\"RHEL 6 : openssl (RHSA-2015:0715)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nAn invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp()\nfunction. A remote attacker could crash a TLS/SSL client or server\nusing OpenSSL via a specially crafted X.509 certificate when the\nattacker-supplied certificate was verified by the application.\n(CVE-2015-0286)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in\nthe way OpenSSL decoded malformed Base64-encoded inputs. An attacker\nable to make an application using OpenSSL decode a specially crafted\nBase64-encoded input (such as a PEM file) could use this flaw to cause\nthe application to crash. Note: this flaw is not exploitable via the\nTLS/SSL protocol because the data being transferred is not\nBase64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had\nboth the SSLv2 protocol and EXPORT-grade cipher suites enabled.\n(CVE-2015-0293)\n\nA use-after-free flaw was found in the way OpenSSL imported malformed\nElliptic Curve private keys. A specially crafted key file could cause\nan application using OpenSSL to crash when imported. (CVE-2015-0209)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused\ncertain ASN.1 structures. A remote attacker could possibly use a\nspecially crafted ASN.1 structure that, when parsed by an application,\nwould cause that application to crash. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL's X.509\ncertificate handling implementation. A specially crafted X.509\ncertificate could cause an application using OpenSSL to crash if the\napplication attempted to convert the certificate to a certificate\nrequest. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 inputs. An attacker able to make an application using\nOpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input\ncould cause that application to crash. TLS/SSL clients and servers\nusing OpenSSL were not affected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289,\nCVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Stephen Henson\nof the OpenSSL development team as the original reporter of\nCVE-2015-0286, Emilia Kasper of the OpenSSL development team as the\noriginal reporter of CVE-2015-0287, Brian Carpenter as the original\nreporter of CVE-2015-0288, Michal Zalewski of Google as the original\nreporter of CVE-2015-0289, Robert Dugal and David Ramos as the\noriginal reporters of CVE-2015-0292, and Sean Burford of Google and\nEmilia Kasper of the OpenSSL development team as the original\nreporters of CVE-2015-0293.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library must\nbe restarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20150319.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/1384453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0288\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0715\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-1.0.1e-30.el6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-debuginfo-1.0.1e-30.el6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-devel-1.0.1e-30.el6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-perl-1.0.1e-30.el6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-30.el6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-30.el6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-static-1.0.1e-30.el6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-static-1.0.1e-30.el6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-30.el6.7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-03T15:07:23", "description": "Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues :\n\nCVE-2015-0209\n\nIt was discovered that a malformed EC private key might result in memory corruption.\n\nCVE-2015-0286\n\nStephen Henson discovered that the ASN1_TYPE_cmp() function can be crashed, resulting in denial of service.\n\nCVE-2015-0287\n\nEmilia Kaesper discovered a memory corruption in ASN.1 parsing.\n\nCVE-2015-0288\n\nIt was discovered that missing input sanitising in the X509_to_X509_REQ() function might result in denial of service.\n\nCVE-2015-0289\n\nMichal Zalewski discovered a NULL pointer dereference in the PKCS#7 parsing code, resulting in denial of service.\n\nCVE-2015-0292\n\nIt was discovered that missing input sanitising in base64 decoding might result in memory corruption.\n\nCVE-2015-0293\n\nA malicious client can trigger an OPENSSL_assert (i.e., an abort) in servers that both support SSLv2 and enable export cipher suites by sending a specially crafted SSLv2 CLIENT-MASTER-KEY message.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-177-1 : openssl security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libcrypto0.9.8-udeb", "p-cpe:/a:debian:debian_linux:libssl-dev", "p-cpe:/a:debian:debian_linux:libssl0.9.8", "p-cpe:/a:debian:debian_linux:libssl0.9.8-dbg", "p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-177.NASL", "href": "https://www.tenable.com/plugins/nessus/82162", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-177-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82162);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_bugtraq_id(73196, 73225, 73227, 73228, 73231, 73232, 73237, 73239);\n\n script_name(english:\"Debian DLA-177-1 : openssl security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in OpenSSL, a Secure\nSockets Layer toolkit. The Common Vulnerabilities and Exposures\nproject identifies the following issues :\n\nCVE-2015-0209\n\nIt was discovered that a malformed EC private key might result in\nmemory corruption.\n\nCVE-2015-0286\n\nStephen Henson discovered that the ASN1_TYPE_cmp() function can be\ncrashed, resulting in denial of service.\n\nCVE-2015-0287\n\nEmilia Kaesper discovered a memory corruption in ASN.1 parsing.\n\nCVE-2015-0288\n\nIt was discovered that missing input sanitising in the\nX509_to_X509_REQ() function might result in denial of service.\n\nCVE-2015-0289\n\nMichal Zalewski discovered a NULL pointer dereference in the PKCS#7\nparsing code, resulting in denial of service.\n\nCVE-2015-0292\n\nIt was discovered that missing input sanitising in base64 decoding\nmight result in memory corruption.\n\nCVE-2015-0293\n\nA malicious client can trigger an OPENSSL_assert (i.e., an abort) in\nservers that both support SSLv2 and enable export cipher suites by\nsending a specially crafted SSLv2 CLIENT-MASTER-KEY message.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/03/msg00014.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/openssl\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrypto0.9.8-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl0.9.8-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcrypto0.9.8-udeb\", reference:\"0.9.8o-4squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl-dev\", reference:\"0.9.8o-4squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8o-4squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8o-4squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"openssl\", reference:\"0.9.8o-4squeeze20\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:35:32", "description": "The remote Cisco IOS device is missing a vendor-supplied security patch and has an IOS service configured to use TLS or SSL. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library :\n\n - A use-after-free condition exists in the d2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read error exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)\n\n - An integer underflow condition exists in the EVP_DecodeUpdate() function due to improper validation of base64 encoded input when decoding. This allows a remote attacker, using maliciously crafted base64 data, to cause a segmentation fault or memory corruption, resulting in a denial of service or possibly the execution of arbitrary code. (CVE-2015-0292)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)", "cvss3": {}, "published": "2016-04-14T00:00:00", "type": "nessus", "title": "Cisco IOS Multiple OpenSSL Vulnerabilities (CSCut46130)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2019-11-19T00:00:00", "cpe": ["cpe:/o:cisco:ios"], "id": "CISCO-SA-20150320-OPENSSL-IOS.NASL", "href": "https://www.tenable.com/plugins/nessus/90525", "sourceData": "#TRUSTED 50c5ee3159f76d52106959d5fccc37925a0fdfdd11fa504dc19da1d5d480717579569a2685cc828db889bf51b0b57b5541658aeda2afcdf859221a79f8d5ca2e7793ea33022e59ab5a5824cae5520e404875efa5f364df071088d3b6ec9c3ac4d5814e0eeb22a41a1896fa743410f3f7950153b9562d172988e98f943289066679f84abb29aeaaafa2c6ddfe6b9c6bf5045189f628b845eb5aeb2581b601d4cce8ddbc181092198ad4d1fa8a4f94cccf5e470b3f927f44c833322123433f12e853e7384cb2fc8a5c8a6ff7a5efa4c40c0bcbe060a95ae1417c8cbaa1f5234ce03acdfb09b4312c1f57c794a0c56bc055a37b6651a8bb47350981757ab20d4b1d62608612ec4f5043b25ddf5fca655bded1a1da0383a9d8a2c10506d42f7f2b70999c6435911c477eeffb76c2ff212b2ffda5ff87abf21a42074aab62db323f04cd10403706fb54428943cdf59564667f08aea8eb40993d6cc28d67eed99e74c01a6a3573bf5b0df67603109fcb97a9bf3e970a2611b74da82ba57d4e3d0d5caa7d251abae80952a0bbb938c4b8f1f1057c9dc530d1bb967030a1c22e88f3ef7e62d13fb20d90e1d01fccda0aa11ff43fab2ca1920830c6a81072ad92a565a72e361c07f448312e3998a7e2c84ccb12ff546121c91be8094ad336320beb71e0edceb8363e3ec7e458ee01fc87bdee006d6945a50acbdd1a8a88af725d0b9c0acb\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90525);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/19\");\n\n script_cve_id(\n \"CVE-2015-0209\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-0292\",\n \"CVE-2015-0293\"\n );\n script_bugtraq_id(\n 73225,\n 73227,\n 73228,\n 73231,\n 73232,\n 73237,\n 73239\n );\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCut46130\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20150320-openssl\");\n\n script_name(english:\"Cisco IOS Multiple OpenSSL Vulnerabilities (CSCut46130)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Cisco IOS device is missing a vendor-supplied security\npatch and has an IOS service configured to use TLS or SSL. It is,\ntherefore, affected by the following vulnerabilities in the bundled\nOpenSSL library :\n\n - A use-after-free condition exists in the\n d2i_ECPrivateKey() function due to improper processing\n of malformed EC private key files during import. A\n remote attacker can exploit this to dereference or free\n already freed memory, resulting in a denial of service\n or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read error exists in the ASN1_TYPE_cmp()\n function due to improperly performed boolean-type\n comparisons. A remote attacker can exploit this, via a\n crafted X.509 certificate to an endpoint that uses the\n certificate-verification feature, to cause an invalid\n read operation, resulting in a denial of service.\n (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to\n a failure to reinitialize 'CHOICE' and 'ADB' data\n structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write\n operation and memory corruption, resulting in a denial\n of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the\n X509_to_X509_REQ() function due to improper processing\n of certificate keys. This allows a remote attacker, via\n a crafted X.509 certificate, to cause a denial of\n service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing outer\n ContentInfo. This allows a remote attacker, using an\n application that processes arbitrary PKCS#7 data and\n providing malformed data with ASN.1 encoding, to cause\n a denial of service. (CVE-2015-0289)\n\n - An integer underflow condition exists in the\n EVP_DecodeUpdate() function due to improper validation\n of base64 encoded input when decoding. This allows a\n remote attacker, using maliciously crafted base64 data,\n to cause a segmentation fault or memory corruption,\n resulting in a denial of service or possibly the\n execution of arbitrary code. (CVE-2015-0292)\n\n - A flaw exists in servers that both support SSLv2 and\n enable export cipher suites due to improper\n implementation of SSLv2. A remote attacker can exploit\n this, via a crafted CLIENT-MASTER-KEY message, to cause\n a denial of service. (CVE-2015-0293)\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150320-openssl\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2beef118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCut46130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20150319.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant fixed version referenced in Cisco bug ID\nCSCut46130.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\n\n##\n# Examines the output of show running config all for known SSL\n# utilizing IOS features.\n#\n# @remark 'override' in the return value signals that the scan\n# was not provided sufficient credentials to check for\n# the related configurations. 'flag' signals whether or\n# not the configuration examined appears to be using SSL\n#\n# @return always an array like:\n# {\n# 'override' : (TRUE|FALSE),\n# 'flag' : (TRUE|FALSE)\n# }\n##\nfunction ios_using_openssl()\n{\n local_var res, buf;\n res = make_array(\n 'override', TRUE,\n 'flag', TRUE\n );\n\n # Signal we need local checks\n if (!get_kb_item(\"Host/local_checks_enabled\"))\n return res;\n\n buf = cisco_command_kb_item(\n \"Host/Cisco/Config/show_running-config_all\",\n \"show running-config all\"\n );\n\n # Privilege escalation required\n if (cisco_needs_enable(buf))\n return res;\n\n res['flag'] = FALSE;\n\n # Check to make sure no errors in command output\n if(!check_cisco_result(buf))\n return res;\n\n # All good check for various SSL services\n res['override'] = FALSE;\n\n # Web UI HTTPS\n if (preg(string:buf, pattern:\"^ip http secure-server\", multiline:TRUE))\n res['flag'] = TRUE;\n # HTTPS client feature / Voice-XML HTTPS client\n else if (preg(string:buf, pattern:\"^(ip )?http client secure-\", multiline:TRUE))\n res['flag'] = TRUE;\n # CNS feature\n else if (preg(string:buf, pattern:\"^cns (config|exec|event) .* encrypt\", multiline:TRUE))\n res['flag'] = TRUE;\n # CMTS billing feature\n else if (preg(string:buf, pattern:\"^cable metering .* secure\", multiline:TRUE))\n res['flag'] = TRUE;\n # SSL VPN\n else if (\n cisco_check_sections(\n config : buf,\n section_regex : \"^webvpn gateway \",\n config_regex :'^\\\\s*inservice'\n )\n ) res['flag'] = TRUE;\n # Settlement for Packet Telephony feature\n else if (\n cisco_check_sections(\n config : buf,\n section_regex : \"^settlement \",\n config_regex : make_list('^\\\\s*url https:', '^\\\\s*no shutdown')\n )\n ) res['flag'] = TRUE;\n\n return res;\n}\n\n##\n# Main check logic\n##\n\n# Look for known affected versions\naffected = make_list(\n'12.2(58)EX', '12.2(58)EY', '12.2(58)EY1', '12.2(58)EY2', '12.2(58)EZ', '12.2(60)EZ', '12.2(60)EZ1',\n'12.2(60)EZ2', '12.2(60)EZ3', '12.2(60)EZ4', '12.2(60)EZ5', '12.2(60)EZ6', '12.2(60)EZ7', '12.2(60)EZ8',\n'12.2(58)SE', '12.2(58)SE1', '12.2(58)SE2', '12.2(54)SG', '12.2(54)SG1', '12.2(54)WO', '12.2(54)XO',\n'12.4(22)GC1', '12.4(24)GC1', '12.4(24)GC3', '12.4(24)GC3a', '12.4(24)GC4', '12.4(24)GC5', '12.4(22)MD',\n'12.4(22)MD1', '12.4(22)MD2', '12.4(24)MD', '12.4(24)MD1', '12.4(24)MD2', '12.4(24)MD3', '12.4(24)MD4',\n'12.4(24)MD5', '12.4(24)MD6', '12.4(24)MD7', '12.4(22)MDA', '12.4(22)MDA1', '12.4(22)MDA2', '12.4(22)MDA3',\n'12.4(22)MDA4', '12.4(22)MDA5', '12.4(22)MDA6', '12.4(24)MDA1', '12.4(24)MDA10', '12.4(24)MDA11', '12.4(24)MDA12',\n'12.4(24)MDA13', '12.4(24)MDA2', '12.4(24)MDA3', '12.4(24)MDA4', '12.4(24)MDA5', '12.4(24)MDA6', '12.4(24)MDA7',\n'12.4(24)MDA8', '12.4(24)MDA9', '12.4(24)MDB', '12.4(24)MDB1', '12.4(24)MDB10', '12.4(24)MDB11', '12.4(24)MDB12',\n'12.4(24)MDB13', '12.4(24)MDB14', '12.4(24)MDB15', '12.4(24)MDB16', '12.4(24)MDB17', '12.4(24)MDB18', '12.4(24)MDB19',\n'12.4(24)MDB3', '12.4(24)MDB4', '12.4(24)MDB5', '12.4(24)MDB5a', '12.4(24)MDB6', '12.4(24)MDB7', '12.4(24)MDB8',\n'12.4(24)MDB9', '12.4(22)T', '12.4(22)T1', '12.4(22)T2', '12.4(22)T3', '12.4(22)T4', '12.4(22)T5',\n'12.4(24)T', '12.4(24)T1', '12.4(24)T2', '12.4(24)T3', '12.4(24)T3e', '12.4(24)T3f', '12.4(24)T4',\n'12.4(24)T4a', '12.4(24)T4b', '12.4(24)T4c', '12.4(24)T4d', '12.4(24)T4e', '12.4(24)T4f', '12.4(24)T4l',\n'12.4(24)T5', '12.4(24)T6', '12.4(24)T7', '12.4(24)T8', '12.4(22)XR1', '12.4(22)XR10', '12.4(22)XR11',\n'12.4(22)XR12', '12.4(22)XR2', '12.4(22)XR3', '12.4(22)XR4', '12.4(22)XR5', '12.4(22)XR6', '12.4(22)XR7',\n'12.4(22)XR8', '12.4(22)XR9', '12.4(22)YD', '12.4(22)YD1', '12.4(22)YD2', '12.4(22)YD3', '12.4(22)YD4',\n'12.4(22)YE2', '12.4(22)YE3', '12.4(22)YE4', '12.4(22)YE5', '12.4(22)YE6', '12.4(24)YE', '12.4(24)YE1',\n'12.4(24)YE2', '12.4(24)YE3', '12.4(24)YE3a', '12.4(24)YE3b', '12.4(24)YE3c', '12.4(24)YE3d', '12.4(24)YE3e',\n'12.4(24)YE4', '12.4(24)YE5', '12.4(24)YE6', '12.4(24)YE7', '12.4(24)YG1', '12.4(24)YG2', '12.4(24)YG3',\n'12.4(24)YG4', '15.0(2)EB', '15.0(2)EC', '15.0(2)ED', '15.0(2)ED1', '15.0(2)EH', '15.0(2)EJ',\n'15.0(2)EJ1', '15.0(2)EK', '15.0(2)EK1', '15.0(1)EX', '15.0(2)EX', '15.0(2)EX1', '15.0(2)EX2',\n'15.0(2)EX3', '15.0(2)EX4', '15.0(2)EX5', '15.0(2)EX8', '15.0(2a)EX5', '15.0(1)EY', '15.0(1)EY1',\n'15.0(1)EY2', '15.0(2)EY', '15.0(2)EY1', '15.0(2)EY2', '15.0(2)EY3', '15.0(2)EZ', '15.0(1)M',\n'15.0(1)M1', '15.0(1)M10', '15.0(1)M2', '15.0(1)M3', '15.0(1)M4', '15.0(1)M5', '15.0(1)M6',\n'15.0(1)M7', '15.0(1)M8', '15.0(1)M9', '15.0(1)MR', '15.0(2)MR', '15.0(1)S2', '15.0(1)S5',\n'15.0(1)S6', '15.0(1)SE', '15.0(1)SE1', '15.0(1)SE2', '15.0(1)SE3', '15.0(2)SE', '15.0(2)SE1',\n'15.0(2)SE2', '15.0(2)SE3', '15.0(2)SE4', '15.0(2)SE5', '15.0(2)SE6', '15.0(2)SE7', '15.0(2)SG',\n'15.0(2)SG1', '15.0(2)SG10', '15.0(2)SG2', '15.0(2)SG3', '15.0(2)SG4', '15.0(2)SG5', '15.0(2)SG6',\n'15.0(2)SG7', '15.0(2)SG8', '15.0(2)SQD', '15.0(2)SQD1', '15.0(1)XA', '15.0(1)XA1', '15.0(1)XA2',\n'15.0(1)XA3', '15.0(1)XA4', '15.0(1)XA5', '15.0(1)XO', '15.0(1)XO1', '15.0(2)XO', '15.1(2)EY',\n'15.1(2)EY1a', '15.1(2)EY2', '15.1(2)EY2a', '15.1(2)EY3', '15.1(2)EY4', '15.1(2)GC', '15.1(2)GC1',\n'15.1(2)GC2', '15.1(4)GC', '15.1(4)GC1', '15.1(4)GC2', '15.1(4)M', '15.1(4)M1', '15.1(4)M10',\n'15.1(4)M2', '15.1(4)M3', '15.1(4)M3a', '15.1(4)M4', '15.1(4)M5', '15.1(4)M6', '15.1(4)M7',\n'15.1(4)M8', '15.1(4)M9', '15.1(1)MR', '15.1(1)MR1', '15.1(1)MR2', '15.1(1)MR3', '15.1(1)MR4',\n'15.1(3)MR', '15.1(3)MRA', '15.1(3)MRA1', '15.1(3)MRA2', '15.1(3)MRA3', '15.1(3)MRA4', '15.1(1)S',\n'15.1(1)S1', '15.1(1)S2', '15.1(2)S', '15.1(2)S1', '15.1(2)S2', '15.1(3)S', '15.1(3)S0a',\n'15.1(3)S1', '15.1(3)S2', '15.1(3)S3', '15.1(3)S4', '15.1(3)S5', '15.1(3)S5a', '15.1(3)S6',\n'15.1(1)SG', '15.1(1)SG1', '15.1(1)SG2', '15.1(2)SG', '15.1(2)SG1', '15.1(2)SG2', '15.1(2)SG3',\n'15.1(2)SG4', '15.1(2)SG5', '15.1(2)SG6', '15.1(2)SNG', '15.1(2)SNH', '15.1(2)SNI', '15.1(2)SNI1',\n'15.1(3)SVB1', '15.1(3)SVD', '15.1(3)SVD1', '15.1(3)SVD2', '15.1(3)SVE', '15.1(3)SVF', '15.1(3)SVF1',\n'15.1(3)SVF4a', '15.1(1)SY', '15.1(1)SY1', '15.1(1)SY2', '15.1(1)SY3', '15.1(1)SY4', '15.1(1)SY5',\n'15.1(2)SY', '15.1(2)SY1', '15.1(2)SY2', '15.1(2)SY3', '15.1(2)SY4', '15.1(2)SY4a', '15.1(2)SY5',\n'15.1(1)T', '15.1(1)T1', '15.1(1)T2', '15.1(1)T3', '15.1(1)T4', '15.1(1)T5', '15.1(2)T',\n'15.1(2)T0a', '15.1(2)T1', '15.1(2)T2', '15.1(2)T2a', '15.1(2)T3', '15.1(2)T4', '15.1(2)T5',\n'15.1(3)T', '15.1(3)T1', '15.1(3)T2', '15.1(3)T3', '15.1(3)T4', '15.1(1)XB', '15.2(1)E',\n'15.2(1)E1', '15.2(1)E2', '15.2(1)E3', '15.2(2)E', '15.2(2)E1', '15.2(2)E2', '15.2(2a)E1',\n'15.2(3)E', '15.2(3)E1', '15.2(3)E2', '15.2(3a)E', '15.2(2)EB', '15.2(2)EB1', '15.2(1)EY',\n'15.2(2)EA1', '15.2(2)EA2', '15.2(3)EA', '15.2(1)GC', '15.2(1)GC1', '15.2(1)GC2', '15.2(2)GC',\n'15.2(3)GC', '15.2(3)GC1', '15.2(4)GC', '15.2(4)GC1', '15.2(4)GC2', '15.2(4)GC3', '15.2(2)JA',\n'15.2(2)JA1', '15.2(4)JA', '15.2(4)JA1', '15.2(2)JAX', '15.2(2)JAX1', '15.2(2)JB', '15.2(2)JB1',\n'15.2(2)JB2', '15.2(2)JB3', '15.2(2)JB4', '15.2(2)JB5', '15.2(4)JB', '15.2(4)JB1', '15.2(4)JB2',\n'15.2(4)JB3', '15.2(4)JB3a', '15.2(4)JB3b', '15.2(4)JB3h', '15.2(4)JB3s', '15.2(4)JB4', '15.2(4)JB5',\n'15.2(4)JB5h', '15.2(4)JB5m', '15.2(4)JB50', '15.2(4)JB6', '15.2(4)JB7', '15.2(2)JN1', '15.2(2)JN2',\n'15.2(4)JN', '15.2(4)M', '15.2(4)M1', '15.2(4)M2', '15.2(4)M3', '15.2(4)M4', '15.2(4)M5',\n'15.2(4)M6', '15.2(4)M6a', '15.2(4)M7', '15.2(4)M8', '15.2(1)S', '15.2(1)S1', '15.2(1)S2',\n'15.2(2)S', '15.2(2)S0a', '15.2(2)S0c', '15.2(2)S1', '15.2(2)S2', '15.2(4)S', '15.2(4)S1',\n'15.2(4)S2', '15.2(4)S3', '15.2(4)S3a', '15.2(4)S4', '15.2(4)S4a', '15.2(4)S5', '15.2(4)S6',\n'15.2(4)S7', '15.2(2)SNG', '15.2(2)SNH1', '15.2(2)SNI', '15.2(1)SY', '15.2(1)SY0a', '15.2(1)SY1',\n'15.2(1)T', '15.2(1)T1', '15.2(1)T2', '15.2(1)T3', '15.2(1)T3a', '15.2(1)T4', '15.2(2)T',\n'15.2(2)T1', '15.2(2)T2', '15.2(2)T3', '15.2(2)T4', '15.2(3)T', '15.2(3)T1', '15.2(3)T2',\n'15.2(3)T3', '15.2(3)T4', '15.3(3)JA', '15.3(3)JA1', '15.3(3)JA1m', '15.3(3)JA1n', '15.3(3)JA4',\n'15.3(3)JA77', '15.3(3)JAA', '15.3(3)JAB', '15.3(3)JAX', '15.3(3)JAX1', '15.3(3)JAX2', '15.3(3)JBB',\n'15.3(3)JN1', '15.3(3)JN2', '15.3(3)JN3', '15.3(3)JN4', '15.3(3)JNB', '15.3(3)JNB1', '15.3(3)JNB2',\n'15.3(3)M', '15.3(3)M1', '15.3(3)M2', '15.3(3)M3', '15.3(3)M4', '15.3(3)M5', '15.3(1)S',\n'15.3(1)S1', '15.3(1)S2', '15.3(2)S', '15.3(2)S0a', '15.3(2)S1', '15.3(2)S2', '15.3(3)S',\n'15.3(3)S1', '15.3(3)S1a', '15.3(3)S2', '15.3(3)S3', '15.3(3)S4', '15.3(3)S5', '15.3(3)S6',\n'15.3(1)T', '15.3(1)T1', '15.3(1)T2', '15.3(1)T3', '15.3(1)T4', '15.3(2)T', '15.3(2)T1',\n'15.3(2)T2', '15.3(2)T3', '15.3(2)T4', '15.4(1)CG', '15.4(1)CG1', '15.4(2)CG', '15.4(3)M',\n'15.4(3)M1', '15.4(3)M2', '15.4(3)M3', '15.4(1)S', '15.4(1)S1', '15.4(1)S2', '15.4(1)S3',\n'15.4(1)S4', '15.4(2)S', '15.4(2)S1', '15.4(2)S2', '15.4(2)S3', '15.4(3)S', '15.4(3)S1',\n'15.4(3)S2', '15.4(3)S3', '15.4(1)T', '15.4(1)T1', '15.4(1)T2', '15.4(1)T3', '15.4(1)T4',\n'15.4(2)T', '15.4(2)T1', '15.4(2)T2', '15.4(2)T3', '15.5(1)S', '15.5(1)S1', '15.5(1)S2',\n'15.5(2)S', '15.5(1)T', '15.5(1)T1', '15.5(1)T2', '15.5(2)T'\n);\n\nflag = FALSE;\nforeach afver (affected)\n{\n if (ver == afver)\n {\n flag = TRUE;\n break;\n }\n}\n\nif (!flag)\n audit(AUDIT_INST_VER_NOT_VULN, \"Cisco IOS\", ver);\n\n# Configuration check\nsslcheck = ios_using_openssl();\n\nif (!sslcheck['flag'] && !sslcheck['override'])\n audit(AUDIT_HOST_NOT, \"affected because it does not appear as though any service utilizing the OpenSSL library is enabled\");\n\n# Override is shown regardless of verbosity\nreport = \"\";\nif (report_verbosity > 0)\n{\n order = make_list('Cisco bug ID', 'Installed release');\n report = make_array(\n order[0], 'CSCut46130',\n order[1], ver\n );\n report = report_items_str(report_items:report, ordered_fields:order);\n}\n\nsecurity_hole(port:0, extra:report+cisco_caveat(sslcheck['override']));\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:32:44", "description": "According to its banner, the remote web server uses a version of OpenSSL 1.0.1 prior to 1.0.1h. The OpenSSL library is, therefore, affected by the following vulnerabilities :\n\n - A race condition exists in the ssl3_read_bytes() function when SSL_MODE_RELEASE_BUFFERS is enabled. This allows a remote attacker to inject data across sessions or cause a denial of service. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS fragment handling that can lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the do_ssl3_write() function that allows a NULL pointer to be dereferenced, resulting in a denial of service. Note that this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled.\n (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note that this issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that allows an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH ciphersuites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)\n\n - An integer underflow condition exists in the EVP_DecodeUpdate() function due to improper validation of base64 encoded input when decoding. This allows a remote attacker, using maliciously crafted base64 data, to cause a segmentation fault or memory corruption, resulting in a denial of service or possibly the execution of arbitrary code. (CVE-2015-0292)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-06-06T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.1 < 1.0.1h Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2015-0292"], "modified": "2019-11-26T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_1H.NASL", "href": "https://www.tenable.com/plugins/nessus/74364", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74364);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\n \"CVE-2010-5298\",\n \"CVE-2014-0195\",\n \"CVE-2014-0198\",\n \"CVE-2014-0221\",\n \"CVE-2014-0224\",\n \"CVE-2014-3470\",\n \"CVE-2015-0292\"\n );\n script_bugtraq_id(\n 66801,\n 67193,\n 67898,\n 67899,\n 67900,\n 67901,\n 73228\n );\n script_xref(name:\"CERT\", value:\"978508\");\n\n script_name(english:\"OpenSSL 1.0.1 < 1.0.1h Multiple Vulnerabilities\");\n script_summary(english:\"Performs a banner check.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server uses a version of\nOpenSSL 1.0.1 prior to 1.0.1h. The OpenSSL library is, therefore,\naffected by the following vulnerabilities :\n\n - A race condition exists in the ssl3_read_bytes()\n function when SSL_MODE_RELEASE_BUFFERS is enabled. This\n allows a remote attacker to inject data across sessions\n or cause a denial of service. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS\n fragment handling that can lead to execution of\n arbitrary code. Note this issue only affects OpenSSL\n when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the do_ssl3_write() function that\n allows a NULL pointer to be dereferenced, resulting in a\n denial of service. Note that this issue is exploitable\n only if 'SSL_MODE_RELEASE_BUFFERS' is enabled.\n (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that\n could lead to denial of service attacks. Note that this\n issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that allows an attacker to\n cause usage of weak keying material leading to\n simplified man-in-the-middle attacks. (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH\n ciphersuites that could allow denial of service\n attacks. Note this issue only affects OpenSSL TLS\n clients. (CVE-2014-3470)\n\n - An integer underflow condition exists in the\n EVP_DecodeUpdate() function due to improper validation\n of base64 encoded input when decoding. This allows a\n remote attacker, using maliciously crafted base64 data,\n to cause a segmentation fault or memory corruption,\n resulting in a denial of service or possibly the\n execution of arbitrary code. (CVE-2015-0292)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140605.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openssl.org/news/vulnerabilities.html#CVE-2010-5298\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0195\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openssl.org/news/vulnerabilities.html#CVE-2014-0198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html#CVE-2014-0221\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openssl.org/news/vulnerabilities.html#CVE-2014-0224\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openssl.org/news/vulnerabilities.html#CVE-2014-3470\");\n script_set_attribute(attribute:\"see_also\", value:\"http://ccsinjection.lepidum.co.jp/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/06/05/earlyccs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.1h or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-0292\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:'1.0.1h', min:\"1.0.1\", severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:38:47", "description": "It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.\n(CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL.\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298 , CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nAn integer underflow flaw, leading to a heap-based buffer overflow, was found in the way OpenSSL decoded certain base64 strings. A remote attacker could provide a specially crafted base64 string via certain PEM processing routines that, when parsed by the OpenSSL library, would cause the OpenSSL server to crash. (CVE-2015-0292)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-10-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : openssl (ALAS-2014-349)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2015-0292"], "modified": "2019-11-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-349.NASL", "href": "https://www.tenable.com/plugins/nessus/78292", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-349.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78292);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/12\");\n\n script_cve_id(\"CVE-2010-5298\", \"CVE-2014-0195\", \"CVE-2014-0198\", \"CVE-2014-0221\", \"CVE-2014-0224\", \"CVE-2014-3470\", \"CVE-2015-0292\");\n script_xref(name:\"ALAS\", value:\"2014-349\");\n script_xref(name:\"RHSA\", value:\"2014:0625\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2014-349)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to\ndecrypt and modify traffic between a client and a server.\n(CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client\nmust be using a vulnerable version of OpenSSL; the server must be\nusing OpenSSL version 1.0.1 and above, and the client must be using\nany version of OpenSSL.\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid\nDTLS packet fragments. A remote attacker could possibly use this flaw\nto execute arbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write\nbuffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL\nclient or server using OpenSSL could crash or unexpectedly drop\nconnections when processing certain SSL traffic. (CVE-2010-5298 ,\nCVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain\nDTLS ServerHello requests. A specially crafted DTLS handshake packet\ncould cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A\nspecially crafted handshake packet could cause a TLS/SSL client that\nhas the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nAn integer underflow flaw, leading to a heap-based buffer overflow,\nwas found in the way OpenSSL decoded certain base64 strings. A remote\nattacker could provide a specially crafted base64 string via certain\nPEM processing routines that, when parsed by the OpenSSL library,\nwould cause the OpenSSL server to crash. (CVE-2015-0292)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-349.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.1h-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.1h-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.1h-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.1h-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.1h-1.72.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:07", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.\n (CVE-2010-5298)\n\n - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (CVE-2013-4353)\n\n - The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.\n (CVE-2013-6449)\n\n - The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/ t1_enc.c. (CVE-2013-6450)\n\n - The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. (CVE-2014-0076)\n\n - The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. (CVE-2014-0195)\n\n - The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. (CVE-2014-0198)\n\n - The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. (CVE-2014-0221)\n\n - The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. (CVE-2014-3470)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : openssl (cve_2010_5298_race_conditions)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0076", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-3470"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:openssl"], "id": "SOLARIS11_OPENSSL_20140623.NASL", "href": "https://www.tenable.com/plugins/nessus/80720", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80720);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-5298\", \"CVE-2013-4353\", \"CVE-2013-6449\", \"CVE-2013-6450\", \"CVE-2014-0076\", \"CVE-2014-0195\", \"CVE-2014-0198\", \"CVE-2014-0221\", \"CVE-2014-3470\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : openssl (cve_2010_5298_race_conditions)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - Race condition in the ssl3_read_bytes function in\n s3_pkt.c in OpenSSL through 1.0.1g, when\n SSL_MODE_RELEASE_BUFFERS is enabled, allows remote\n attackers to inject data across sessions or cause a\n denial of service (use-after-free and parsing error) via\n an SSL connection in a multithreaded environment.\n (CVE-2010-5298)\n\n - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL\n 1.0.1 before 1.0.1f allows remote TLS servers to cause a\n denial of service (NULL pointer dereference and\n application crash) via a crafted Next Protocol\n Negotiation record in a TLS handshake. (CVE-2013-4353)\n\n - The ssl_get_algorithm2 function in ssl/s3_lib.c in\n OpenSSL before 1.0.2 obtains a certain version number\n from an incorrect data structure, which allows remote\n attackers to cause a denial of service (daemon crash)\n via crafted traffic from a TLS 1.2 client.\n (CVE-2013-6449)\n\n - The DTLS retransmission implementation in OpenSSL 1.0.0\n before 1.0.0l and 1.0.1 before 1.0.1f does not properly\n maintain data structures for digest and encryption\n contexts, which might allow man-in-the-middle attackers\n to trigger the use of a different context and cause a\n denial of service (application crash) by interfering\n with packet delivery, related to ssl/d1_both.c and ssl/\n t1_enc.c. (CVE-2013-6450)\n\n - The Montgomery ladder implementation in OpenSSL through\n 1.0.0l does not ensure that certain swap operations have\n a constant-time behavior, which makes it easier for\n local users to obtain ECDSA nonces via a FLUSH+RELOAD\n cache side-channel attack. (CVE-2014-0076)\n\n - The dtls1_reassemble_fragment function in d1_both.c in\n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1\n before 1.0.1h does not properly validate fragment\n lengths in DTLS ClientHello messages, which allows\n remote attackers to execute arbitrary code or cause a\n denial of service (buffer overflow and application\n crash) via a long non-initial fragment. (CVE-2014-0195)\n\n - The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x\n through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is\n enabled, does not properly manage a buffer pointer\n during certain recursive calls, which allows remote\n attackers to cause a denial of service (NULL pointer\n dereference and application crash) via vectors that\n trigger an alert condition. (CVE-2014-0198)\n\n - The dtls1_get_message_fragment function in d1_both.c in\n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1\n before 1.0.1h allows remote attackers to cause a denial\n of service (recursion and client crash) via a DTLS hello\n message in an invalid DTLS handshake. (CVE-2014-0221)\n\n - The ssl3_send_client_key_exchange function in s3_clnt.c\n in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and\n 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite\n is used, allows remote attackers to cause a denial of\n service (NULL pointer dereference and client crash) by\n triggering a NULL certificate value. (CVE-2014-3470)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2010-5298-race-conditions-vulnerability-in-openssl\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd109a1f\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2014-0076-cryptographic-issues-vulnerability-in-openssl\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9af5de24\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2014-0195-buffer-errors-vulnerability-in-openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2014-0198-buffer-errors-vulnerability-in-openssl\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2014-0221-resource-management-errors-vulnerability-in-openssl\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ba4f79a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2014-3470-denial-of-servicedos-vulnerability-in-openssl\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-openssl\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ecff53d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.20.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:openssl\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^openssl$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.20.0.5.0\", sru:\"SRU 11.1.20.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : openssl\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_hole(port:0, extra:error_extra);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"openssl\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:40:21", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability\n\n - replace expired GlobalSign Root CA certificate in ca-bundle.crt\n\n - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n\n - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n\n - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051)\n\n - use __secure_getenv everywhere instead of getenv (#839735)\n\n - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n\n - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio (#814185)\n\n - fix problem with the SGC restart patch that might terminate handshake incorrectly\n\n - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n\n - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n\n - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770)\n\n - fix for CVE-2011-4109 - double free in policy checks (#771771)\n\n - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n\n - fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n\n - add known answer test for SHA2 algorithms (#740866)\n\n - make default private key length in certificate Makefile 2048 bits (can be changed with PRIVATE_KEY_BITS setting) (#745410)\n\n - fix incorrect return value in parse_yesno (#726593)\n\n - added DigiCert CA certificates to ca-bundle (#735819)\n\n - added a new section about error states to README.FIPS (#628976)\n\n - add missing DH_check_pub_key call when DH key is computed (#698175)\n\n - presort list of ciphers available in SSL (#688901)\n\n - accept connection in s_server even if getaddrinfo fails (#561260)\n\n - point to openssl dgst for list of supported digests (#608639)\n\n - fix handling of future TLS versions (#599112)\n\n - added VeriSign Class 3 Public Primary Certification Authority - G5 and StartCom Certification Authority certs to ca-bundle (#675671, #617856)\n\n - upstream fixes for the CHIL engine (#622003, #671484)\n\n - add SHA-2 hashes in SSL_library_init (#676384)\n\n - fix CVE-2010-4180 - completely disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462)\n\n - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924)\n\n - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which in the RHEL-5 and newer versions will crash in such case (#569774)\n\n - fix CVE-2009-3555 - support the safe renegotiation extension and do not allow legacy renegotiation on the server by default (#533125)\n\n - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197)\n\n - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data is called prematurely by application (#546707)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-11-26T00:00:00", "type": "nessus", "title": "OracleVM 2.2 : openssl (OVMSA-2014-0007)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2409", "CVE-2009-3245", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0433", "CVE-2010-4180", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2333", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2014-0224"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:openssl", "cpe:/o:oracle:vm_server:2.2"], "id": "ORACLEVM_OVMSA-2014-0007.NASL", "href": "https://www.tenable.com/plugins/nessus/79531", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2014-0007.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79531);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2009-2409\",\n \"CVE-2009-3245\",\n \"CVE-2009-3555\",\n \"CVE-2009-4355\",\n \"CVE-2010-0433\",\n \"CVE-2010-4180\",\n \"CVE-2011-4108\",\n \"CVE-2011-4109\",\n \"CVE-2011-4576\",\n \"CVE-2011-4619\",\n \"CVE-2012-0050\",\n \"CVE-2012-0884\",\n \"CVE-2012-1165\",\n \"CVE-2012-2110\",\n \"CVE-2012-2333\",\n \"CVE-2012-4929\",\n \"CVE-2013-0166\",\n \"CVE-2013-0169\",\n \"CVE-2014-0224\"\n );\n script_bugtraq_id(\n 29330,\n 31692,\n 36935,\n 38562,\n 45164,\n 51281,\n 51563,\n 52428,\n 52764,\n 53158,\n 53476,\n 55704,\n 57755,\n 57778,\n 60268,\n 67899\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"OracleVM 2.2 : openssl (OVMSA-2014-0007)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote OracleVM host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability\n\n - replace expired GlobalSign Root CA certificate in\n ca-bundle.crt\n\n - fix for CVE-2013-0169 - SSL/TLS CBC timing attack\n (#907589)\n\n - fix for CVE-2013-0166 - DoS in OCSP signatures checking\n (#908052)\n\n - enable compression only if explicitly asked for or\n OPENSSL_DEFAULT_ZLIB environment variable is set (fixes\n CVE-2012-4929 #857051)\n\n - use __secure_getenv everywhere instead of getenv\n (#839735)\n\n - fix for CVE-2012-2333 - improper checking for record\n length in DTLS (#820686)\n\n - fix for CVE-2012-2110 - memory corruption in\n asn1_d2i_read_bio (#814185)\n\n - fix problem with the SGC restart patch that might\n terminate handshake incorrectly\n\n - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7\n code (#802725)\n\n - fix for CVE-2012-1165 - NULL read dereference on bad\n MIME headers (#802489)\n\n - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext\n recovery vulnerability and additional DTLS fixes\n (#771770)\n\n - fix for CVE-2011-4109 - double free in policy checks\n (#771771)\n\n - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding\n (#771775)\n\n - fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n\n - add known answer test for SHA2 algorithms (#740866)\n\n - make default private key length in certificate Makefile\n 2048 bits (can be changed with PRIVATE_KEY_BITS setting)\n (#745410)\n\n - fix incorrect return value in parse_yesno (#726593)\n\n - added DigiCert CA certificates to ca-bundle (#735819)\n\n - added a new section about error states to README.FIPS\n (#628976)\n\n - add missing DH_check_pub_key call when DH key is\n computed (#698175)\n\n - presort list of ciphers available in SSL (#688901)\n\n - accept connection in s_server even if getaddrinfo fails\n (#561260)\n\n - point to openssl dgst for list of supported digests\n (#608639)\n\n - fix handling of future TLS versions (#599112)\n\n - added VeriSign Class 3 Public Primary Certification\n Authority - G5 and StartCom Certification Authority\n certs to ca-bundle (#675671, #617856)\n\n - upstream fixes for the CHIL engine (#622003, #671484)\n\n - add SHA-2 hashes in SSL_library_init (#676384)\n\n - fix CVE-2010-4180 - completely disable code for\n SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462)\n\n - fix CVE-2009-3245 - add missing bn_wexpand return checks\n (#570924)\n\n - fix CVE-2010-0433 - do not pass NULL princ to\n krb5_kt_get_entry which in the RHEL-5 and newer versions\n will crash in such case (#569774)\n\n - fix CVE-2009-3555 - support the safe renegotiation\n extension and do not allow legacy renegotiation on the\n server by default (#533125)\n\n - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables\n (#510197)\n\n - fix CVE-2009-4355 - do not leak memory when\n CRYPTO_cleanup_all_ex_data is called prematurely by\n application (#546707)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2014-June/000210.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(20, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"2\\.2\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.2\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.2\", reference:\"openssl-0.9.8e-27.el5_10.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:40:38", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability\n\n - replace expired GlobalSign Root CA certificate in ca-bundle.crt\n\n - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n\n - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n\n - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051)\n\n - use __secure_getenv everywhere instead of getenv (#839735)\n\n - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n\n - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio (#814185)\n\n - fix problem with the SGC restart patch that might terminate handshake incorrectly\n\n - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n\n - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n\n - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770)\n\n - fix for CVE-2011-4109 - double free in policy checks (#771771)\n\n - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n\n - fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n\n - add known answer test for SHA2 algorithms (#740866)\n\n - make default private key length in certificate Makefile 2048 bits (can be changed with PRIVATE_KEY_BITS setting) (#745410)\n\n - fix incorrect return value in parse_yesno (#726593)\n\n - added DigiCert CA certificates to ca-bundle (#735819)\n\n - added a new section about error states to README.FIPS (#628976)\n\n - add missing DH_check_pub_key call when DH key is computed (#698175)\n\n - presort list of ciphers available in SSL (#688901)\n\n - accept connection in s_server even if getaddrinfo fails (#561260)\n\n - point to openssl dgst for list of supported digests (#608639)\n\n - fix handling of future TLS versions (#599112)\n\n - added VeriSign Class 3 Public Primary Certification Authority - G5 and StartCom Certification Authority certs to ca-bundle (#675671, #617856)\n\n - upstream fixes for the CHIL engine (#622003, #671484)\n\n - add SHA-2 hashes in SSL_library_init (#676384)\n\n - fix CVE-2010-4180 - completely disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462)\n\n - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924)\n\n - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which in the RHEL-5 and newer versions will crash in such case (#569774)\n\n - fix CVE-2009-3555 - support the safe renegotiation extension and do not allow legacy renegotiation on the server by default (#533125)\n\n - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197)\n\n - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data is called prematurely by application (#546707)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-11-26T00:00:00", "type": "nessus", "title": "OracleVM 3.2 : onpenssl (OVMSA-2014-0008)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2409", "CVE-2009-3245", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0433", "CVE-2010-4180", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4576", "CVE-2011-4619", "CVE-2012-0050", "CVE-2012-0884", "CVE-2012-1165", "CVE-2012-2110", "CVE-2012-2333", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2014-0224"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:openssl", "cpe:/o:oracle:vm_server:3.2"], "id": "ORACLEVM_OVMSA-2014-0008.NASL", "href": "https://www.tenable.com/plugins/nessus/79532", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2014-0008.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79532);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2009-2409\",\n \"CVE-2009-3245\",\n \"CVE-2009-3555\",\n \"CVE-2009-4355\",\n \"CVE-2010-0433\",\n \"CVE-2010-4180\",\n \"CVE-2011-4108\",\n \"CVE-2011-4109\",\n \"CVE-2011-4576\",\n \"CVE-2011-4619\",\n \"CVE-2012-0050\",\n \"CVE-2012-0884\",\n \"CVE-2012-1165\",\n \"CVE-2012-2110\",\n \"CVE-2012-2333\",\n \"CVE-2012-4929\",\n \"CVE-2013-0166\",\n \"CVE-2013-0169\",\n \"CVE-2014-0224\"\n );\n script_bugtraq_id(\n 29330,\n 31692,\n 36935,\n 38562,\n 45164,\n 51281,\n 51563,\n 52428,\n 52764,\n 53158,\n 53476,\n 55704,\n 57755,\n 57778,\n 60268,\n 67899\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"OracleVM 3.2 : onpenssl (OVMSA-2014-0008)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote OracleVM host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability\n\n - replace expired GlobalSign Root CA certificate in\n ca-bundle.crt\n\n - fix for CVE-2013-0169 - SSL/TLS CBC timing attack\n (#907589)\n\n - fix for CVE-2013-0166 - DoS in OCSP signatures checking\n (#908052)\n\n - enable compression only if explicitly asked for or\n OPENSSL_DEFAULT_ZLIB environment variable is set (fixes\n CVE-2012-4929 #857051)\n\n - use __secure_getenv everywhere instead of getenv\n (#839735)\n\n - fix for CVE-2012-2333 - improper checking for record\n length in DTLS (#820686)\n\n - fix for CVE-2012-2110 - memory corruption in\n asn1_d2i_read_bio (#814185)\n\n - fix problem with the SGC restart patch that might\n terminate handshake incorrectly\n\n - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7\n code (#802725)\n\n - fix for CVE-2012-1165 - NULL read dereference on bad\n MIME headers (#802489)\n\n - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext\n recovery vulnerability and additional DTLS fixes\n (#771770)\n\n - fix for CVE-2011-4109 - double free in policy checks\n (#771771)\n\n - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding\n (#771775)\n\n - fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n\n - add known answer test for SHA2 algorithms (#740866)\n\n - make default private key length in certificate Makefile\n 2048 bits (can be changed with PRIVATE_KEY_BITS setting)\n (#745410)\n\n - fix incorrect return value in parse_yesno (#726593)\n\n - added DigiCert CA certificates to ca-bundle (#735819)\n\n - added a new section about error states to README.FIPS\n (#628976)\n\n - add missing DH_check_pub_key call when DH key is\n computed (#698175)\n\n - presort list of ciphers available in SSL (#688901)\n\n - accept connection in s_server even if getaddrinfo fails\n (#561260)\n\n - point to openssl dgst for list of supported digests\n (#608639)\n\n - fix handling of future TLS versions (#599112)\n\n - added VeriSign Class 3 Public Primary Certification\n Authority - G5 and StartCom Certification Authority\n certs to ca-bundle (#675671, #617856)\n\n - upstream fixes for the CHIL engine (#622003, #671484)\n\n - add SHA-2 hashes in SSL_library_init (#676384)\n\n - fix CVE-2010-4180 - completely disable code for\n SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462)\n\n - fix CVE-2009-3245 - add missing bn_wexpand return checks\n (#570924)\n\n - fix CVE-2010-0433 - do not pass NULL princ to\n krb5_kt_get_entry which in the RHEL-5 and newer versions\n will crash in such case (#569774)\n\n - fix CVE-2009-3555 - support the safe renegotiation\n extension and do not allow legacy renegotiation on the\n server by default (#533125)\n\n - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables\n (#510197)\n\n - fix CVE-2009-4355 - do not leak memory when\n CRYPTO_cleanup_all_ex_data is called prematurely by\n application (#546707)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2014-June/000208.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(20, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.2\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.2\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.2\", reference:\"openssl-0.9.8e-27.el5_10.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:23:02", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl098e packages installed that are affected by multiple vulnerabilities:\n\n - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. (CVE-2006-2937)\n\n - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) public exponent or (2) public modulus values in X.509 certificates that require extra time to process when using RSA signature verification.\n (CVE-2006-2940)\n\n - Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.\n (CVE-2006-3738)\n\n - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. (CVE-2006-4339)\n\n - The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. (CVE-2006-4343)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys. (CVE-2007-3108)\n\n - Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. (CVE-2007-4995)\n\n - Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.\n (CVE-2007-5135)\n\n - OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. (CVE-2008-5077)\n\n - The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.\n (CVE-2009-0590)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. (CVE-2009-1377)\n\n - Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. (CVE-2009-1378)\n\n - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. (CVE-2009-1379)\n\n - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.\n (CVE-2009-1386)\n\n - The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of- sequence DTLS handshake message, related to a fragment bug. (CVE-2009-1387)\n\n - The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. (CVE-2009-2409)\n\n - OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. (CVE-2009-3245)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post- renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue.\n (CVE-2009-3555)\n\n - Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. (CVE-2009-4355)\n\n - The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. (CVE-2010-0433)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. (CVE-2012-2110)\n\n - The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the- middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a CRIME attack. (CVE-2012-4929)\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.\n (CVE-2013-0166)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side- channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue. (CVE-2013-0169)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl098e Multiple Vulnerabilities (NS-SA-2019-0020)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5135", "CVE-2008-1678", "CVE-2008-5077", "CVE-2009-0590", "CVE-2009-1377", "CVE-2009-1378", "CVE-2009-1379", "CVE-2009-1386", "CVE-2009-1387", "CVE-2009-2409", "CVE-2009-3245", "CVE-2009-3555", "CVE-2009-4355", "CVE-2010-0433", "CVE-2012-2110", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-06T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0020_OPENSSL098E.NASL", "href": "https://www.tenable.com/plugins/nessus/127177", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0020. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127177);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\n \"CVE-2006-2937\",\n \"CVE-2006-2940\",\n \"CVE-2006-3738\",\n \"CVE-2006-4339\",\n \"CVE-2006-4343\",\n \"CVE-2007-3108\",\n \"CVE-2007-4995\",\n \"CVE-2007-5135\",\n \"CVE-2008-5077\",\n \"CVE-2009-0590\",\n \"CVE-2009-1377\",\n \"CVE-2009-1378\",\n \"CVE-2009-1379\",\n \"CVE-2009-1386\",\n \"CVE-2009-1387\",\n \"CVE-2009-2409\",\n \"CVE-2009-3245\",\n \"CVE-2009-3555\",\n \"CVE-2009-4355\",\n \"CVE-2010-0433\",\n \"CVE-2012-2110\",\n \"CVE-2012-4929\",\n \"CVE-2013-0166\",\n \"CVE-2013-0169\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl098e Multiple Vulnerabilities (NS-SA-2019-0020)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl098e packages installed that are\naffected by multiple vulnerabilities:\n\n - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service\n (infinite loop and memory consumption) via malformed\n ASN.1 structures that trigger an improperly handled\n error condition. (CVE-2006-2937)\n\n - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows attackers to cause a denial of\n service (CPU consumption) via parasitic public keys with\n large (1) public exponent or (2) public modulus\n values in X.509 certificates that require extra time to\n process when using RSA signature verification.\n (CVE-2006-2940)\n\n - Buffer overflow in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions has unspecified impact and remote\n attack vectors involving a long list of ciphers.\n (CVE-2006-3738)\n\n - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3,\n removes PKCS-1 padding before generating a hash, which\n allows remote attackers to forge a PKCS #1 v1.5\n signature that is signed by that RSA key and prevents\n OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. (CVE-2006-4339)\n\n - The get_server_hello function in the SSLv2 client code\n in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows remote servers to cause a denial\n of service (client crash) via unknown vectors that\n trigger a null pointer dereference. (CVE-2006-4343)\n\n - The BN_from_montgomery function in crypto/bn/bn_mont.c\n in OpenSSL 0.9.8e and earlier does not properly perform\n Montgomery multiplication, which might allow local users\n to conduct a side-channel attack and retrieve RSA\n private keys. (CVE-2007-3108)\n\n - Off-by-one error in the DTLS implementation in OpenSSL\n 0.9.8 before 0.9.8f allows remote attackers to execute\n arbitrary code via unspecified vectors. (CVE-2007-4995)\n\n - Off-by-one error in the SSL_get_shared_ciphers function\n in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f,\n might allow remote attackers to execute arbitrary code\n via a crafted packet that triggers a one-byte buffer\n underflow. NOTE: this issue was introduced as a result\n of a fix for CVE-2006-3738. As of 20071012, it is\n unknown whether code execution is possible.\n (CVE-2007-5135)\n\n - OpenSSL 0.9.8i and earlier does not properly check the\n return value from the EVP_VerifyFinal function, which\n allows remote attackers to bypass validation of the\n certificate chain via a malformed SSL/TLS signature for\n DSA and ECDSA keys. (CVE-2008-5077)\n\n - The ASN1_STRING_print_ex function in OpenSSL before\n 0.9.8k allows remote attackers to cause a denial of\n service (invalid memory access and application crash)\n via vectors that trigger printing of a (1) BMPString or\n (2) UniversalString with an invalid encoded length.\n (CVE-2009-0590)\n\n - The dtls1_buffer_record function in ssl/d1_pkt.c in\n OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote\n attackers to cause a denial of service (memory\n consumption) via a large series of future epoch DTLS\n records that are buffered in a queue, aka DTLS record\n buffer limitation bug. (CVE-2009-1377)\n\n - Multiple memory leaks in the\n dtls1_process_out_of_seq_message function in\n ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8\n versions allow remote attackers to cause a denial of\n service (memory consumption) via DTLS records that (1)\n are duplicates or (2) have sequence numbers much greater\n than current sequence numbers, aka DTLS fragment\n handling memory leak. (CVE-2009-1378)\n\n - Use-after-free vulnerability in the\n dtls1_retrieve_buffered_fragment function in\n ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote\n attackers to cause a denial of service (openssl s_client\n crash) and possibly have unspecified other impact via a\n DTLS packet, as demonstrated by a packet from a server\n that uses a crafted server certificate. (CVE-2009-1379)\n\n - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote\n attackers to cause a denial of service (NULL pointer\n dereference and daemon crash) via a DTLS\n ChangeCipherSpec packet that occurs before ClientHello.\n (CVE-2009-1386)\n\n - The dtls1_retrieve_buffered_fragment function in\n ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows\n remote attackers to cause a denial of service (NULL\n pointer dereference and daemon crash) via an out-of-\n sequence DTLS handshake message, related to a fragment\n bug. (CVE-2009-1387)\n\n - The Network Security Services (NSS) library before\n 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and\n 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products\n support MD2 with X.509 certificates, which might allow\n remote attackers to spoof certificates by using MD2\n design flaws to generate a hash collision in less than\n brute-force time. NOTE: the scope of this issue is\n currently limited because the amount of computation\n required is still large. (CVE-2009-2409)\n\n - OpenSSL before 0.9.8m does not check for a NULL return\n value from bn_wexpand function calls in (1)\n crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3)\n crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which\n has unspecified impact and context-dependent attack\n vectors. (CVE-2009-3245)\n\n - The TLS protocol, and the SSL protocol 3.0 and possibly\n earlier, as used in Microsoft Internet Information\n Services (IIS) 7.0, mod_ssl in the Apache HTTP Server\n 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5\n and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, multiple Cisco products, and other\n products, does not properly associate renegotiation\n handshakes with an existing connection, which allows\n man-in-the-middle attackers to insert data into HTTPS\n sessions, and possibly other types of sessions protected\n by TLS or SSL, by sending an unauthenticated request\n that is processed retroactively by a server in a post-\n renegotiation context, related to a plaintext\n injection attack, aka the Project Mogul issue.\n (CVE-2009-3555)\n\n - Memory leak in the zlib_stateful_finish function in\n crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and\n 1.0.0 Beta through Beta 4 allows remote attackers to\n cause a denial of service (memory consumption) via\n vectors that trigger incorrect calls to the\n CRYPTO_cleanup_all_ex_data function, as demonstrated by\n use of SSLv3 and PHP with the Apache HTTP Server, a\n related issue to CVE-2008-1678. (CVE-2009-4355)\n\n - The kssl_keytab_is_available function in ssl/kssl.c in\n OpenSSL before 0.9.8n, when Kerberos is enabled but\n Kerberos configuration files cannot be opened, does not\n check a certain return value, which allows remote\n attackers to cause a denial of service (NULL pointer\n dereference and daemon crash) via SSL cipher\n negotiation, as demonstrated by a chroot installation of\n Dovecot or stunnel without Kerberos configuration files\n inside the chroot. (CVE-2010-0433)\n\n - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c\n in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1\n before 1.0.1a does not properly interpret integer data,\n which allows remote attackers to conduct buffer overflow\n attacks, and cause a denial of service (memory\n corruption) or possibly have unspecified other impact,\n via crafted DER data, as demonstrated by an X.509\n certificate or an RSA public key. (CVE-2012-2110)\n\n - The TLS protocol 1.2 and earlier, as used in Mozilla\n Firefox, Google Chrome, Qt, and other products, can\n encrypt compressed data without properly obfuscating the\n length of the unencrypted data, which allows man-in-the-\n middle attackers to obtain plaintext HTTP headers by\n observing length differences during a series of guesses\n in which a string in an HTTP request potentially matches\n an unknown string in an HTTP header, aka a CRIME\n attack. (CVE-2012-4929)\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1\n before 1.0.1d does not properly perform signature\n verification for OCSP responses, which allows remote\n OCSP servers to cause a denial of service (NULL pointer\n dereference and application crash) via an invalid key.\n (CVE-2013-0166)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing side-\n channel attacks on a MAC check requirement during the\n processing of malformed CBC padding, which allows remote\n attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the Lucky\n Thirteen issue. (CVE-2013-0169)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0020\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl098e packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2009-3245\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(20, 119, 189, 310, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"openssl098e-0.9.8e-29.el7.centos.3\",\n \"openssl098e-debuginfo-0.9.8e-29.el7.centos.3\"\n ],\n \"CGSL MAIN 5.04\": [\n \"openssl098e-0.9.8e-29.el7.centos.3\",\n \"openssl098e-debuginfo-0.9.8e-29.el7.centos.3\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl098e\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:16:30", "description": "- Thu Sep 28 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8a-5.4\n\n - fix CVE-2006-2937 - mishandled error on ASN.1 parsing (#207276)\n\n - fix CVE-2006-2940 - parasitic public keys DoS (#207274)\n\n - fix CVE-2006-3738 - buffer overflow in SSL_get_shared_ciphers (#206940)\n\n - fix CVE-2006-4343 - sslv2 client DoS (#206940)\n\n - Sat Sep 9 2006 Tomas Mraz <tmraz at redhat.com> 0.9.8a-5.3\n\n - fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5 signatures (#205180)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2007-01-17T00:00:00", "type": "nessus", "title": "Fedora Core 5 : openssl-0.9.8a-5.4 (2006-1004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "p-cpe:/a:fedoraproject:fedora:openssl-debuginfo", "p-cpe:/a:fedoraproject:fedora:openssl-devel", "p-cpe:/a:fedoraproject:fedora:openssl-perl", "cpe:/o:fedoraproject:fedora_core:5"], "id": "FEDORA_2006-1004.NASL", "href": "https://www.tenable.com/plugins/nessus/24028", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-1004.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24028);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2006-1004\");\n\n script_name(english:\"Fedora Core 5 : openssl-0.9.8a-5.4 (2006-1004)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Sep 28 2006 Tomas Mraz <tmraz at redhat.com>\n 0.9.8a-5.4\n\n - fix CVE-2006-2937 - mishandled error on ASN.1 parsing\n (#207276)\n\n - fix CVE-2006-2940 - parasitic public keys DoS\n (#207274)\n\n - fix CVE-2006-3738 - buffer overflow in\n SSL_get_shared_ciphers (#206940)\n\n - fix CVE-2006-4343 - sslv2 client DoS (#206940)\n\n - Sat Sep 9 2006 Tomas Mraz <tmraz at redhat.com>\n 0.9.8a-5.3\n\n - fix CVE-2006-4339 - prevent attack on PKCS#1 v1.5\n signatures (#205180)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2006-September/000636.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7928ca04\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"openssl-0.9.8a-5.4\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"openssl-debuginfo-0.9.8a-5.4\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"openssl-devel-0.9.8a-5.4\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"openssl-perl-0.9.8a-5.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-18T15:28:49", "description": "A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4339 and CVE-2006-4343.", "cvss3": {}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : compat-openssl097g (compat-openssl097g-2171)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:compat-openssl097g", "p-cpe:/a:novell:opensuse:compat-openssl097g-32bit", "cpe:/o:novell:opensuse:10.1"], "id": "SUSE_COMPAT-OPENSSL097G-2171.NASL", "href": "https://www.tenable.com/plugins/nessus/27187", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update compat-openssl097g-2171.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27187);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\");\n\n script_name(english:\"openSUSE 10 Security Update : compat-openssl097g (compat-openssl097g-2171)\");\n script_summary(english:\"Check for the compat-openssl097g-2171 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow condition within the SSL_get_shared_ciphers()\nfunction and a DoS condition known as 'parasitic public keys' have\nbeen fixed. The later problem allowed attackers to trick the OpenSSL\nengine to spend an extraordinary amount of time to process public\nkeys. The following CAN numbers have been assigned: CVE-2006-2937,\nCVE-2006-2940, CVE-2006-3738, CVE-2006-4339 and CVE-2006-4343.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected compat-openssl097g packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl097g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:compat-openssl097g-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"compat-openssl097g-0.9.7g-13.5\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-13.5\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openssl097g\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:03:03", "description": "Updated OpenSSL packages are now available to correct several security issues. \n\nThis update has been rated as having important security impact by the Red Hat Security Response Team. \n\nThe OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. \n\nThese vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain backported patches to correct these issues.\n\nNote: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.\n\n\nFrom Red Hat Security Advisory 2006:0695 :\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\n\nFrom Red Hat Security Advisory 2006:0661 :\n\nDaniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature.\n\nThe Google Security Team discovered that OpenSSL is vulnerable to this attack. This issue affects applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5.\n(CVE-2006-4339)\n\nThis errata also resolves a problem where a customized ca-bundle.crt file was overwritten when the openssl package was upgraded.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : openssl (ELSA-2006-0695 / ELSA-2006-0661)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl096b", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2006-0661.NASL", "href": "https://www.tenable.com/plugins/nessus/67405", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisories ELSA-2006-0695 / \n# ELSA-2006-0661.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67405);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\");\n script_bugtraq_id(19849);\n script_xref(name:\"RHSA\", value:\"2006:0661\");\n script_xref(name:\"RHSA\", value:\"2006:0695\");\n\n script_name(english:\"Oracle Linux 4 : openssl (ELSA-2006-0695 / ELSA-2006-0661)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated OpenSSL packages are now available to correct several security\nissues. \n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team. \n\nThe OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and protocols. \n\nThese vulnerabilities can affect applications which use OpenSSL to\nparse ASN.1 data from untrusted sources, including SSL servers which\nenable client authentication and S/MIME applications.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\nNote: After installing this update, users are advised to either\nrestart all services that use OpenSSL or restart their system.\n\n\nFrom Red Hat Security Advisory 2006:0695 :\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nbuffer overflow in the SSL_get_shared_ciphers() utility function. An\nattacker could send a list of ciphers to an application that used this\nfunction and overrun a buffer (CVE-2006-3738). Few applications make\nuse of this vulnerable function and generally it is used only when\napplications are compiled for debugging.\n\nTavis Ormandy and Will Drewry of the Google Security Team discovered a\nflaw in the SSLv2 client code. When a client application used OpenSSL\nto create an SSLv2 connection to a malicious server, that server could\ncause the client to crash. (CVE-2006-4343)\n\nDr S. N. Henson of the OpenSSL core team and Open Network Security\nrecently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk)\nwhich uncovered denial of service vulnerabilities :\n\n* Certain public key types can take disproportionate amounts of time\nto process, leading to a denial of service. (CVE-2006-2940)\n\n* During parsing of certain invalid ASN.1 structures an error\ncondition was mishandled. This can result in an infinite loop which\nconsumed system memory (CVE-2006-2937). This issue does not affect the\nOpenSSL version distributed in Red Hat Enterprise Linux 2.1.\n\n\nFrom Red Hat Security Advisory 2006:0661 :\n\nDaniel Bleichenbacher recently described an attack on PKCS #1 v1.5\nsignatures. Where an RSA key with exponent 3 is used it may be\npossible for an attacker to forge a PKCS #1 v1.5 signature that would\nbe incorrectly verified by implementations that do not check for\nexcess data in the RSA exponentiation result of the signature.\n\nThe Google Security Team discovered that OpenSSL is vulnerable to this\nattack. This issue affects applications that use OpenSSL to verify\nX.509 certificates as well as other uses of PKCS #1 v1.5.\n(CVE-2006-4339)\n\nThis errata also resolves a problem where a customized ca-bundle.crt\nfile was overwritten when the openssl package was upgraded.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2006-November/000009.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 310, 399);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl096b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openssl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openssl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openssl-devel-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openssl-devel-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openssl-perl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openssl-perl-0.9.7a-43.14\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-22.46\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-18T15:30:55", "description": "A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937 / CVE-2006-2940 / CVE-2006-3738 / CVE-2006-4339 / CVE-2006-4343.", "cvss3": {}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 2163)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-2937", "CVE-2006-2940", "CVE-2006-3738", "CVE-2006-4339", "CVE-2006-4343"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_COMPAT-OPENSSL097G-2163.NASL", "href": "https://www.tenable.com/plugins/nessus/29405", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29405);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-2937\", \"CVE-2006-2940\", \"CVE-2006-3738\", \"CVE-2006-4339\", \"CVE-2006-4343\");\n\n script_name(english:\"SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 2163)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow condition within the SSL_get_shared_ciphers()\nfunction and a DoS condition known as 'parasitic public keys' have\nbeen fixed. The later problem allowed attackers to trick the OpenSSL\nengine to spend an extraordinary amount of time to process public\nkeys. The following CAN numbers have been assigned: CVE-2006-2937 /\nCVE-2006-2940 / CVE-2006-3738 / CVE-2006-4339 / CVE-2006-4343.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-2937.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-2940.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-3738.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4339.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-4343.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 2163.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"compat-openssl097g-0.9.7g-13.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:0, cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-13.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, reference:\"compat-openssl097g-0.9.7g-13.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-13.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-30T14:47:23", "description": "OpenSSL has been updated to fix various security issues :\n\n - A segmentation fault in ASN1_TYPE_cmp was fixed that could be exploited by attackers when e.g. client authentication is used. This could be exploited over SSL connections. (CVE-2015-0286)\n\n - A ASN.1 structure reuse memory corruption was fixed.\n This problem can not be exploited over regular SSL connections, only if specific client programs use specific ASN.1 routines. (CVE-2015-0287)\n\n - A X509_to_X509_REQ NULL pointer dereference was fixed, which could lead to crashes. This function is not commonly used, and not reachable over SSL methods.\n (CVE-2015-0288)\n\n - Several PKCS7 NULL pointer dereferences were fixed, which could lead to crashes of programs using the PKCS7 APIs. The SSL apis do not use those by default.\n (CVE-2015-0289)\n\n - Various issues in base64 decoding were fixed, which could lead to crashes with memory corruption, for instance by using attacker supplied PEM data.\n (CVE-2015-0292)\n\n - Denial of service via reachable assert in SSLv2 servers, could be used by remote attackers to terminate the server process. Note that this requires SSLv2 being allowed, which is not the default. (CVE-2015-0293)", "cvss3": {}, "published": "2015-03-20T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 10470)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:compat-openssl097g", "p-cpe:/a:novell:suse_linux:11:compat-openssl097g-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_COMPAT-OPENSSL097G-150317.NASL", "href": "https://www.tenable.com/plugins/nessus/81970", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81970);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n\n script_name(english:\"SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 10470)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL has been updated to fix various security issues :\n\n - A segmentation fault in ASN1_TYPE_cmp was fixed that\n could be exploited by attackers when e.g. client\n authentication is used. This could be exploited over SSL\n connections. (CVE-2015-0286)\n\n - A ASN.1 structure reuse memory corruption was fixed.\n This problem can not be exploited over regular SSL\n connections, only if specific client programs use\n specific ASN.1 routines. (CVE-2015-0287)\n\n - A X509_to_X509_REQ NULL pointer dereference was fixed,\n which could lead to crashes. This function is not\n commonly used, and not reachable over SSL methods.\n (CVE-2015-0288)\n\n - Several PKCS7 NULL pointer dereferences were fixed,\n which could lead to crashes of programs using the PKCS7\n APIs. The SSL apis do not use those by default.\n (CVE-2015-0289)\n\n - Various issues in base64 decoding were fixed, which\n could lead to crashes with memory corruption, for\n instance by using attacker supplied PEM data.\n (CVE-2015-0292)\n\n - Denial of service via reachable assert in SSLv2 servers,\n could be used by remote attackers to terminate the\n server process. Note that this requires SSLv2 being\n allowed, which is not the default. (CVE-2015-0293)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=922488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=922496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=922499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=922500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=922501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-0286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-0287.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-0288.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-0289.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-0292.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-0293.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 10470.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:compat-openssl097g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:compat-openssl097g-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"compat-openssl097g-0.9.7g-146.22.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"compat-openssl097g-0.9.7g-146.22.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"compat-openssl097g-32bit-0.9.7g-146.22.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-30T14:53:33", "description": "The self-reported SGOS version of the remote Blue Coat ProxySG device is 6.2.x prior to 6.2.16.4, 6.5.x prior to 6.5.7.5, or 6.6.x prior to 6.6.2.1. Therefore, it contains a bundled version of OpenSSL that is affected by multiple vulnerabilities :\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate sent to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service. (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the X509_to_X509_REQ() function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)\n\n - An integer underflow condition exists in the EVP_DecodeUpdate() function due to improper validation of base64 encoded input when decoding. This allows a remote attacker, using maliciously crafted base64 data, to cause a segmentation fault or memory corruption, resulting in a denial of service or possibly the execution of arbitrary code. (CVE-2015-0292)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)", "cvss3": {}, "published": "2015-06-25T00:00:00", "type": "nessus", "title": "Blue Coat ProxySG 6.2.x < 6.2.16.4 / 6.5.x < 6.5.7.5 / 6.6.x < 6.6.2.1 Multiple OpenSSL Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/o:bluecoat:sgos"], "id": "BLUECOAT_PROXY_SG_6_5_7_5.NASL", "href": "https://www.tenable.com/plugins/nessus/84400", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84400);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/06/27 18:42:25\");\n\n script_cve_id(\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-0288\",\n \"CVE-2015-0289\",\n \"CVE-2015-0292\",\n \"CVE-2015-0293\"\n );\n script_bugtraq_id(\n 73225,\n 73227,\n 73228,\n 73231,\n 73232,\n 73237\n );\n\n script_name(english:\"Blue Coat ProxySG 6.2.x < 6.2.16.4 / 6.5.x < 6.5.7.5 / 6.6.x < 6.6.2.1 Multiple OpenSSL Vulnerabilities\");\n script_summary(english:\"Checks the Blue Coat ProxySG SGOS version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The self-reported SGOS version of the remote Blue Coat ProxySG device\nis 6.2.x prior to 6.2.16.4, 6.5.x prior to 6.5.7.5, or 6.6.x prior to\n6.6.2.1. Therefore, it contains a bundled version of OpenSSL that is\naffected by multiple vulnerabilities :\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp()\n function due to improperly performed boolean-type\n comparisons. A remote attacker can exploit this, via a\n crafted X.509 certificate sent to an endpoint that uses\n the certificate-verification feature, to cause an\n invalid read operation, resulting in a denial of\n service. (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to\n a failure to reinitialize 'CHOICE' and 'ADB' data\n structures when reusing a structure in ASN.1 parsing.\n This allows a remote attacker to cause an invalid write\n operation and memory corruption, resulting in a denial\n of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the\n X509_to_X509_REQ() function due to improper processing\n of certificate keys. This allows a remote attacker, via\n a crafted X.509 certificate, to cause a denial of\n service. (CVE-2015-0288)\n\n - A NULL pointer dereference flaw exists in the PKCS#7\n parsing code due to incorrect handling of missing outer\n ContentInfo. This allows a remote attacker, using an\n application that processes arbitrary PKCS#7 data and\n providing malformed data with ASN.1 encoding, to cause\n a denial of service. (CVE-2015-0289)\n\n - An integer underflow condition exists in the\n EVP_DecodeUpdate() function due to improper validation\n of base64 encoded input when decoding. This allows a\n remote attacker, using maliciously crafted base64 data,\n to cause a segmentation fault or memory corruption,\n resulting in a denial of service or possibly the\n execution of arbitrary code. (CVE-2015-0292)\n\n - A flaw exists in servers that both support SSLv2 and\n enable export cipher suites due to improper\n implementation of SSLv2. A remote attacker can exploit\n this, via a crafted CLIENT-MASTER-KEY message, to cause\n a denial of service. (CVE-2015-0293)\");\n script_set_attribute(attribute:\"see_also\",value:\"https://bto.bluecoat.com/security-advisory/sa92\");\n script_set_attribute(attribute:\"solution\",value:\n\"Upgrade to SGOS version 6.2.16.4 / 6.5.7.5 / 6.6.2.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2014/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/25\");\n\n script_set_attribute(attribute:\"plugin_type\",value:\"local\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/o:bluecoat:sgos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"bluecoat_proxy_sg_version.nasl\");\n script_require_keys(\"Host/BlueCoat/ProxySG/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Host/BlueCoat/ProxySG/Version\");\nui_version = get_kb_item(\"Host/BlueCoat/ProxySG/UI_Version\");\n\nif(version !~ \"^6\\.([652])\\.\")\n audit(AUDIT_HOST_NOT, \"Blue Coat ProxySG 6.6.x / 6.5.x / 6.2.x\");\n\nreport_fix = NULL;\n\n# Select version for report\nif (isnull(ui_version)) report_ver = version;\nelse report_ver = ui_version;\n\nif(version =~ \"^6\\.6\\.\" && ver_compare(ver:version, fix:\"6.6.2.1\", strict:FALSE) == -1)\n{\n fix = '6.6.2.1';\n ui_fix = '6.6.2.1 Build 0';\n}\nelse if(version =~ \"^6\\.5\\.\" && ver_compare(ver:version, fix:\"6.5.7.5\", strict:FALSE) == -1)\n{\n fix = '6.5.7.5';\n ui_fix = '6.5.7.5 Build 0';\n}\nelse if(version =~ \"^6\\.2\\.\" && ver_compare(ver:version,fix:\"6.2.16.4\",strict:FALSE) == -1)\n{\n fix = '6.2.16.4';\n ui_fix = '6.2.16.4 Build 0';\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, 'Blue Coat ProxySG', version);\n\n# Select fixed version for report\nif (isnull(ui_version)) report_fix = fix;\nelse report_fix = ui_fix;\n\nreport =\n '\\n Installed version : ' + report_ver +\n '\\n Fixed version : ' + report_fix +\n '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:18:49", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - update fix for CVE-2015-0287 to what was released upstream\n\n - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey\n\n - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison\n\n - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption\n\n - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data\n\n - fix CVE-2015-0292 - integer underflow in base64 decoder\n\n - fix CVE-2015-0293 - triggerable assert in SSLv2 server", "cvss3": {}, "published": "2015-03-25T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : openssl (OVMSA-2015-0039)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0289", "CVE-2015-0292", "CVE-2015-0293"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:openssl", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2015-0039.NASL", "href": "https://www.tenable.com/plugins/nessus/82066", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0039.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82066);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0289\", \"CVE-2015-0292\", \"CVE-2015-0293\");\n script_bugtraq_id(73196, 73225, 73227, 73228, 73231, 73232, 73239);\n\n script_name(english:\"OracleVM 3.3 : openssl (OVMSA-2015-0039)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - update fix for CVE-2015-0287 to what was released\n upstream\n\n - fix CVE-2015-0209 - potential use after free in\n d2i_ECPrivateKey\n\n - fix CVE-2015-0286 - improper handling of ASN.1 boolean\n comparison\n\n - fix CVE-2015-0287 - ASN.1 structure reuse decoding\n memory corruption\n\n - fix CVE-2015-0289 - NULL dereference decoding invalid\n PKCS#7 data\n\n - fix CVE-2015-0292 - integer underflow in base64 decoder\n\n - fix CVE-2015-0293 - triggerable assert in SSLv2 server\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2015-March/000291.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58e10343\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"openssl-1.0.1e-30.el6_6.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T14:38:55", "description": "A use-after-free flaw was found in the way OpenSSL importrf certain Elliptic Curve private keys. An attacker could use this flaw to crash OpenSSL, if a specially crafted certificate was imported.\n(CVE-2015-0209)\n\nA denial of service flaw was found in the way OpenSSL handled certain SSLv2 messages. A malicious client could send a specially crafted SSLv2 CLIENT-MASTER-KEY message that would cause an OpenSSL server that both supports SSLv2 and enables EXPORT-grade cipher suites to crash. (CVE-2015-0293)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287)\n\nA flaw was found in the the ASN (Abstract Syntax Notation) parsing code of OpenSSL. An attacker could present a specially crafted certificate, which when verified by an OpenSSL client or server could cause it to crash. (CVE-2015-0286)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 blobs. An attacker could cause OpenSSL to crash, when applications verify, decrypt or parsed these ASN.1 encoded PKCS#7 blobs. OpenSSL clients and servers are not affected. (CVE-2015-0289)\n\nA NULL pointer dereference flaw was found in OpenSSL's x509 certificate handling implementation. A remote attacker could use this flaw to crash an OpenSSL server using an invalid certificate key.\n(CVE-2015-0288)", "cvss3": {}, "published": "2015-03-25T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : openssl (ALAS-2015-498)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-498.NASL", "href": "https://www.tenable.com/plugins/nessus/82047", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-498.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82047);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_xref(name:\"ALAS\", value:\"2015-498\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2015-498)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free flaw was found in the way OpenSSL importrf certain\nElliptic Curve private keys. An attacker could use this flaw to crash\nOpenSSL, if a specially crafted certificate was imported.\n(CVE-2015-0209)\n\nA denial of service flaw was found in the way OpenSSL handled certain\nSSLv2 messages. A malicious client could send a specially crafted\nSSLv2 CLIENT-MASTER-KEY message that would cause an OpenSSL server\nthat both supports SSLv2 and enables EXPORT-grade cipher suites to\ncrash. (CVE-2015-0293)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused\ncertain ASN.1 structures. A remote attacker could use a specially\ncrafted ASN.1 structure that, when parsed by an application, would\ncause that application to crash. (CVE-2015-0287)\n\nA flaw was found in the the ASN (Abstract Syntax Notation) parsing\ncode of OpenSSL. An attacker could present a specially crafted\ncertificate, which when verified by an OpenSSL client or server could\ncause it to crash. (CVE-2015-0286)\n\nA NULL pointer dereference was found in the way OpenSSL handled\ncertain PKCS#7 blobs. An attacker could cause OpenSSL to crash, when\napplications verify, decrypt or parsed these ASN.1 encoded PKCS#7\nblobs. OpenSSL clients and servers are not affected. (CVE-2015-0289)\n\nA NULL pointer dereference flaw was found in OpenSSL's x509\ncertificate handling implementation. A remote attacker could use this\nflaw to crash an OpenSSL server using an invalid certificate key.\n(CVE-2015-0288)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-498.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.1k-1.84.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.1k-1.84.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.1k-1.84.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.1k-1.84.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.1k-1.84.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-03T15:11:13", "description": "Update to OpenSSL 1.0.2a which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-04T00:00:00", "type": "nessus", "title": "Fedora 22 : mingw-openssl-1.0.2a-1.fc22 (2015-6951)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-openssl", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-6951.NASL", "href": "https://www.tenable.com/plugins/nessus/83216", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6951.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83216);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_xref(name:\"FEDORA\", value:\"2015-6951\");\n\n script_name(english:\"Fedora 22 : mingw-openssl-1.0.2a-1.fc22 (2015-6951)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to OpenSSL 1.0.2a which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1203855\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?49165297\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"mingw-openssl-1.0.2a-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-openssl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:21:00", "description": "Update to OpenSSL 1.0.2a which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-05T00:00:00", "type": "nessus", "title": "Fedora 21 : mingw-openssl-1.0.2a-1.fc21 (2015-6855)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-openssl", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-6855.NASL", "href": "https://www.tenable.com/plugins/nessus/83238", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6855.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83238);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_xref(name:\"FEDORA\", value:\"2015-6855\");\n\n script_name(english:\"Fedora 21 : mingw-openssl-1.0.2a-1.fc21 (2015-6855)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to OpenSSL 1.0.2a which fixes various CVE's\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1203855\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?520fec37\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"mingw-openssl-1.0.2a-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-openssl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:20:26", "description": "OpenSSL was updated to fix various security issues.\n\nFollowing security issues were fixed :\n\n - CVE-2015-0209: A Use After Free following d2i_ECPrivatekey error was fixed which could lead to crashes for attacker supplied Elliptic Curve keys. This could be exploited over SSL connections with client supplied keys.\n\n - CVE-2015-0286: A segmentation fault in ASN1_TYPE_cmp was fixed that could be exploited by attackers when e.g.\n client authentication is used. This could be exploited over SSL connections.\n\n - CVE-2015-0287: A ASN.1 structure reuse memory corruption was fixed. This problem can not be exploited over regular SSL connections, only if specific client programs use specific ASN.1 routines.\n\n - CVE-2015-0288: A X509_to_X509_REQ NULL pointer dereference was fixed, which could lead to crashes. This function is not commonly used, and not reachable over SSL methods.\n\n - CVE-2015-0289: Several PKCS7 NULL pointer dereferences were fixed, which could lead to crashes of programs using the PKCS7 APIs. The SSL apis do not use those by default.\n\n - CVE-2015-0293: Denial of service via reachable assert in SSLv2 servers, could be used by remote attackers to terminate the server process. Note that this requires SSLv2 being allowed, which is not the default.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:0541-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2015-0541-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83703", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0541-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83703);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_bugtraq_id(73196, 73225, 73227, 73231, 73232, 73237, 73239);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:0541-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL was updated to fix various security issues.\n\nFollowing security issues were fixed :\n\n - CVE-2015-0209: A Use After Free following\n d2i_ECPrivatekey error was fixed which could lead to\n crashes for attacker supplied Elliptic Curve keys. This\n could be exploited over SSL connections with client\n supplied keys.\n\n - CVE-2015-0286: A segmentation fault in ASN1_TYPE_cmp was\n fixed that could be exploited by attackers when e.g.\n client authentication is used. This could be exploited\n over SSL connections.\n\n - CVE-2015-0287: A ASN.1 structure reuse memory corruption\n was fixed. This problem can not be exploited over\n regular SSL connections, only if specific client\n programs use specific ASN.1 routines.\n\n - CVE-2015-0288: A X509_to_X509_REQ NULL pointer\n dereference was fixed, which could lead to crashes. This\n function is not commonly used, and not reachable over\n SSL methods.\n\n - CVE-2015-0289: Several PKCS7 NULL pointer dereferences\n were fixed, which could lead to crashes of programs\n using the PKCS7 APIs. The SSL apis do not use those by\n default.\n\n - CVE-2015-0293: Denial of service via reachable assert in\n SSLv2 servers, could be used by remote attackers to\n terminate the server process. Note that this requires\n SSLv2 being allowed, which is not the default.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=919648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=920236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0209/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0286/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0287/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0288/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0289/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0293/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150541-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce7c4e1f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-133=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-133=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-133=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-hmac-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-debuginfo-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"openssl-debugsource-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-32bit-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1i-20.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"openssl-debugsource-1.0.1i-20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-03T15:08:38", "description": "OpenSSL was updated to fix various security issues.\n\nFollowing security issues were fixed :\n\n - CVE-2015-0209: A Use After Free following d2i_ECPrivatekey error was fixed which could lead to crashes for attacker supplied Elliptic Curve keys. This could be exploited over SSL connections with client supplied keys.\n\n - CVE-2015-0286: A segmentation fault in ASN1_TYPE_cmp was fixed that could be exploited by attackers when e.g.\n client authentication is used. This could be exploited over SSL connections.\n\n - CVE-2015-0287: A ASN.1 structure reuse memory corruption was fixed. This problem can not be exploited over regular SSL connections, only if specific client programs use specific ASN.1 routines.\n\n - CVE-2015-0288: A X509_to_X509_REQ NULL pointer dereference was fixed, which could lead to crashes. This function is not commonly used, and not reachable over SSL methods.\n\n - CVE-2015-0289: Several PKCS7 NULL pointer dereferences were fixed, which could lead to crashes of programs using the PKCS7 APIs. The SSL apis do not use those by default.\n\n - CVE-2015-0293: Denial of service via reachable assert in SSLv2 servers, could be used by remote attackers to terminate the server process. Note that this requires SSLv2 being allowed, which is not the default.", "cvss3": {}, "published": "2015-03-23T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl (openSUSE-2015-247)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debugsource", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-247.NASL", "href": "https://www.tenable.com/plugins/nessus/81995", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-247.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81995);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0293\");\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-2015-247)\");\n script_summary(english:\"Check for the openSUSE-2015-247 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL was updated to fix various security issues.\n\nFollowing security issues were fixed :\n\n - CVE-2015-0209: A Use After Free following\n d2i_ECPrivatekey error was fixed which could lead to\n crashes for attacker supplied Elliptic Curve keys. This\n could be exploited over SSL connections with client\n supplied keys.\n\n - CVE-2015-0286: A segmentation fault in ASN1_TYPE_cmp was\n fixed that could be exploited by attackers when e.g.\n client authentication is used. This could be exploited\n over SSL connections.\n\n - CVE-2015-0287: A ASN.1 structure reuse memory corruption\n was fixed. This problem can not be exploited over\n regular SSL connections, only if specific client\n programs use specific ASN.1 routines.\n\n - CVE-2015-0288: A X509_to_X509_REQ NULL pointer\n dereference was fixed, which could lead to crashes. This\n function is not commonly used, and not reachable over\n SSL methods.\n\n - CVE-2015-0289: Several PKCS7 NULL pointer dereferences\n were fixed, which could lead to crashes of programs\n using the PKCS7 APIs. The SSL apis do not use those by\n default.\n\n - CVE-2015-0293: Denial of service via reachable assert in\n SSLv2 servers, could be used by remote attackers to\n terminate the server process. Note that this requires\n SSLv2 being allowed, which is not the default.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=919648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=920236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922500\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl-devel-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl1_0_0-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libopenssl1_0_0-debuginfo-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-debuginfo-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openssl-debugsource-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1k-11.68.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl-devel-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-debuginfo-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libopenssl1_0_0-hmac-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-debuginfo-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"openssl-debugsource-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1k-2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1k-2.20.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-devel / libopenssl-devel-32bit / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T14:17:43", "description": "Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues :\n\n - CVE-2015-0286 Stephen Henson discovered that the ASN1_TYPE_cmp() function can be crashed, resulting in denial of service.\n\n - CVE-2015-0287 Emilia Kaesper discovered a memory corruption in ASN.1 parsing.\n\n - CVE-2015-0289 Michal Zalewski discovered a NULL pointer dereference in the PKCS#7 parsing code, resulting in denial of service.\n\n - CVE-2015-0292 It was discovered that missing input sanitising in base64 decoding might result in memory corruption.\n\n - CVE-2015-0209 It was discovered that a malformed EC private key might result in memory corruption.\n\n - CVE-2015-0288 It was discovered that missing input sanitising in the X509_to_X509_REQ() function might result in denial of service.", "cvss3": {}, "published": "2015-03-20T00:00:00", "type": "nessus", "title": "Debian DSA-3197-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0292"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3197.NASL", "href": "https://www.tenable.com/plugins/nessus/81955", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3197. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81955);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0292\");\n script_bugtraq_id(73225, 73227, 73228, 73231, 73237, 73239);\n script_xref(name:\"DSA\", value:\"3197\");\n\n script_name(english:\"Debian DSA-3197-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in OpenSSL, a Secure\nSockets Layer toolkit. The Common Vulnerabilities and Exposures\nproject identifies the following issues :\n\n - CVE-2015-0286\n Stephen Henson discovered that the ASN1_TYPE_cmp()\n function can be crashed, resulting in denial of service.\n\n - CVE-2015-0287\n Emilia Kaesper discovered a memory corruption in ASN.1\n parsing.\n\n - CVE-2015-0289\n Michal Zalewski discovered a NULL pointer dereference in\n the PKCS#7 parsing code, resulting in denial of service.\n\n - CVE-2015-0292\n It was discovered that missing input sanitising in\n base64 decoding might result in memory corruption.\n\n - CVE-2015-0209\n It was discovered that a malformed EC private key might\n result in memory corruption.\n\n - CVE-2015-0288\n It was discovered that missing input sanitising in the\n X509_to_X509_REQ() function might result in denial of\n service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3197\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 1.0.1e-2+deb7u15. In this update the export ciphers are\nremoved from the default cipher list.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libssl-dev\", reference:\"1.0.1e-2+deb7u15\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl-doc\", reference:\"1.0.1e-2+deb7u15\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl1.0.0\", reference:\"1.0.1e-2+deb7u15\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libssl1.0.0-dbg\", reference:\"1.0.1e-2+deb7u15\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openssl\", reference:\"1.0.1e-2+deb7u15\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T14:40:05", "description": "New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.", "cvss3": {}, "published": "2015-04-22T00:00:00", "type": "nessus", "title": "Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-111-09)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2015-111-09.NASL", "href": "https://www.tenable.com/plugins/nessus/82922", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2015-111-09. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82922);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-0209\", \"CVE-2015-0286\", \"CVE-2015-0287\", \"CVE-2015-0288\", \"CVE-2015-0289\", \"CVE-2015-0293\");\n script_xref(name:\"SSA\", value:\"2015-111-09\");\n\n script_name(english:\"Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-111-09)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New openssl packages are available for Slackware 13.0, 13.1, 13.37,\n14.0, 14.1, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.756101\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93541373\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.0\", pkgname:\"openssl\", pkgver:\"0.9.8zf\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zf\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8zf\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zf\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"openssl\", pkgver:\"0.9.8zf\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zf\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8zf\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zf\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"openssl\", pkgver:\"0.9.8zf\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zf\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"0.9.8zf\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"0.9.8zf\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"openssl\", pkgver:\"1.0.1m\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1m\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1m\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1m\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"openssl\", pkgver:\"1.0.1m\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1m\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1m\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1m\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"1.0.1m\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1m\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.1m\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.1m\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:11", "description": "The remote host is running a version of OpenSSL which is potentially affected by the following vulnerabilities : \n\n - A use-after-free condition exists in the d2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)\n\n - An invalid read flaw exists in the ASN1_TYPE_cmp() function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service. (CVE-2015-0286)\n\n - A flaw exists in the ASN1_item_ex_d2i() function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing. This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer ContentInfo. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0288)\n\n - The PKCS#7 implementation does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding. (CVE-2015-0289)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)", "cvss3": {}, "published": "2015-03-19T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8zf / 1.0.0r / 1.0.1m / 1.0.2a Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293"], "modified": "2015-03-19T00:00:00", "cpe": [], "id": "801937.PRM", "href": "https://www.tenable.com/plugins/lce/801937", "sourceData": "Binary data 801937.prm", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:20:11", "description": "OpenSSL before 0.9.8zf, 1.0.0r, or 1.0.1m are unpatched for the following vulnerabilities :\n\n - An invalid read flaw exists in the 'ASN1_TYPE_cmp()' function due to improperly performed boolean-type comparisons. A remote attacker can exploit this, via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature, to cause an invalid read operation, resulting in a denial of service. (CVE-2015-0286)\n\n - A flaw exists in the 'ASN1_item_ex_d2i()' function due to a failure to reinitialize 'CHOICE' and 'ADB' data structures when reusing a structure in ASN.1 parsing. This allows a remote attacker to cause an invalid write operation and memory corruption, resulting in a denial of service. (CVE-2015-0287)\n\n - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing outer 'ContentInfo'. This allows a remote attacker, using an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, to cause a denial of service. (CVE-2015-0289)\n\n - A flaw exists in servers that both support SSLv2 and enable export cipher suites due to improper implementation of SSLv2. A remote attacker can exploit this, via a crafted CLIENT-MASTER-KEY message, to cause a denial of service. (CVE-2015-0293)\n\n - A NULL pointer dereference flaw exists in the 'X509_to_X509_REQ()' function due to improper processing of certificate keys. This allows a remote attacker, via a crafted X.509 certificate, to cause a denial of service. (CVE-2015-0288)\n\n - A use-after-free condition exists in the 'd2i_ECPrivateKey() function due to improper processing of malformed EC private key files during import. A remote attacker can exploit this to dereference or free already freed memory, resulting in a denial of service or other unspecified impact. (CVE-2015-0209)", "cvss3": {}, "published": "2015-03-27T00:00:00", "type": "nessus", "title": "OpenSSL 0.9.8 < 0.9.8zf / 1.0.0 < 1.0.0r / 1.0.1 < 1.0.1m Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "8662.PRM", "href": "https://www.tenable.com/plugins/nnm/8662", "sourceData": "Binary data 8662.prm", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:35:39", "description": "The version of VMware Horizon View installed on the remote Windows host is version 5.3.x prior to 5.3.2 or 5.3.x prior to 5.3 Feature Pack 3. It is, therefore, affected by multiple vulnerabilities in the bundled OpenSSL library :\n\n - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note this issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-07-31T00:00:00", "type": "nessus", "title": "VMware Horizon View Multiple Vulnerabilities (VMSA-2014-0006)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:vmware:horizon_view"], "id": "VMWARE_HORIZON_VIEW_VMSA-2014-0006.NASL", "href": "https://www.tenable.com/plugins/nessus/76945", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76945);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2010-5298\",\n \"CVE-2014-0195\",\n \"CVE-2014-0198\",\n \"CVE-2014-0221\",\n \"CVE-2014-0224\",\n \"CVE-2014-3470\"\n );\n script_bugtraq_id(\n 66801,\n 67193,\n 67898,\n 67899,\n 67900,\n 67901\n );\n script_xref(name:\"CERT\", value:\"978508\");\n script_xref(name:\"VMSA\", value:\"2014-0006\");\n\n script_name(english:\"VMware Horizon View Multiple Vulnerabilities (VMSA-2014-0006)\");\n script_summary(english:\"Checks the version of VMware Horizon View.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application installed that is affected\nby multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of VMware Horizon View installed on the remote Windows\nhost is version 5.3.x prior to 5.3.2 or 5.3.x prior to 5.3 Feature\nPack 3. It is, therefore, affected by multiple vulnerabilities in the\nbundled OpenSSL library :\n\n - An error exists in the function 'ssl3_read_bytes'\n that could allow data to be injected into other\n sessions or allow denial of service attacks. Note\n this issue is only exploitable if\n 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS\n fragment handling that could lead to execution of\n arbitrary code. Note this issue only affects OpenSSL\n when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that\n could allow a NULL pointer to be dereferenced leading\n to denial of service attacks. Note this issue is\n exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is\n enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that\n could lead to denial of service attacks. Note this\n issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an\n attacker to cause usage of weak keying material\n leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH\n cipher suites that could allow denial of service\n attacks. Note this issue only affects OpenSSL TLS\n clients. (CVE-2014-3470)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.vmware.com/pipermail/security-announce/2014/000259.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.vmware.com/security/advisories/VMSA-2014-0006.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140605.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to VMware Horizon View 5.3.2 / 5.3 Feature Pack 3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:vmware:horizon_view\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"vmware_horizon_view_installed.nbin\");\n script_require_keys(\"installed_sw/VMware Horizon View\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"VMware Horizon View\";\nget_install_count(app_name:\"VMware Horizon View\", exit_if_zero:TRUE);\nreport = NULL;\n\ninstall = get_single_install(app_name:\"VMware Horizon View\");\n\npath = install['path'];\nversion = install['version'];\n\nif (\"Server\" >< install['Install type'])\n{\n fix = \"5.3.2\";\n if (ver_compare(ver:version, fix:fix, strict:FALSE) == -1)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n }\n}\nelse if (\"Agent\" >< install['Install type'])\n{\n fp_version = install['Feature pack'];\n if (version =~ \"^5\\.\" && !isnull(fp_version))\n {\n fix = \"5.3\";\n fp_fix = \"3.0.9231\";\n if (\n ver_compare(ver:version, fix:fix, strict:FALSE) == -1 ||\n ver_compare(ver:fp_version, fix:fp_fix, strict:FALSE) == -1\n )\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version + \" Feature Pack \" + fp_version +\n '\\n Fixed version : ' + fix + \" Feature Pack \" + fp_fix +\n '\\n';\n }\n }\n}\n\nif (!isnull(report))\n{\n port = get_kb_item(\"SMB/transport\");\n if (isnull(port)) port = 445;\n\n if (report_verbosity > 0) security_warning(extra:report, port:port);\n else security_warning(port:port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:40:17", "description": "Updated openssl packages that fix multiple security issues are now available for Red Hat Storage 2.1.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nIt was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.\n(CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Juri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Grobert and Ivan Fratric of Google as the original reporters of CVE-2014-3470.\n\nAll OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 : Storage Server (RHSA-2014:0628)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2014-0628.NASL", "href": "https://www.tenable.com/plugins/nessus/79026", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0628. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79026);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-5298\", \"CVE-2014-0195\", \"CVE-2014-0198\", \"CVE-2014-0221\", \"CVE-2014-0224\", \"CVE-2014-3470\");\n script_xref(name:\"RHSA\", value:\"2014:0628\");\n\n script_name(english:\"RHEL 6 : Storage Server (RHSA-2014:0628)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Storage 2.1.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to\ndecrypt and modify traffic between a client and a server.\n(CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client\nmust be using a vulnerable version of OpenSSL; the server must be\nusing OpenSSL version 1.0.1 and above, and the client must be using\nany version of OpenSSL. For more information about this flaw, refer\nto: https://access.redhat.com/site/articles/904433\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid\nDTLS packet fragments. A remote attacker could possibly use this flaw\nto execute arbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write\nbuffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL\nclient or server using OpenSSL could crash or unexpectedly drop\nconnections when processing certain SSL traffic. (CVE-2010-5298,\nCVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain\nDTLS ServerHello requests. A specially crafted DTLS handshake packet\ncould cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A\nspecially crafted handshake packet could cause a TLS/SSL client that\nhas the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these\nissues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the\noriginal reporter of CVE-2014-0224, Juri Aedla as the original\nreporter of CVE-2014-0195, Imre Rad of Search-Lab as the original\nreporter of CVE-2014-0221, and Felix Grobert and Ivan Fratric of\nGoogle as the original reporters of CVE-2014-3470.\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. For the\nupdate to take effect, all services linked to the OpenSSL library\n(such as httpd and other SSL-enabled services) must be restarted or\nthe system rebooted.\"\n );\n # https://access.redhat.com/site/articles/904433\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/904433\"\n );\n # https://access.redhat.com/site/solutions/906703\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/906703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-5298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3470\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0628\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"redhat-storage-server\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Storage Server\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-16.el6_5.14\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1e-16.el6_5.14\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-16.el6_5.14\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-16.el6_5.14\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-16.el6_5.14\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:37:19", "description": "According to its self-reported version number, the Apache Tomcat server running on the remote host is 8.0.x prior to 8.0.11. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL :\n\n - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note that this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to the execution of arbitrary code. Note that this issue only affects OpenSSL when used as a DTLS client or server.\n (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note that this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note that this issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note that this issue only affects OpenSSL TLS clients. (CVE-2014-3470)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-09-02T00:00:00", "type": "nessus", "title": "Apache Tomcat 8.0.x < 8.0.11 Multiple OpenSSL Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_8_0_11.NASL", "href": "https://www.tenable.com/plugins/nessus/77476", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77476);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2010-5298\",\n \"CVE-2014-0195\",\n \"CVE-2014-0198\",\n \"CVE-2014-0221\",\n \"CVE-2014-0224\",\n \"CVE-2014-3470\"\n );\n script_bugtraq_id(\n 66801,\n 67193,\n 67898,\n 67899,\n 67900,\n 67901\n );\n script_xref(name:\"CERT\", value:\"978508\");\n\n script_name(english:\"Apache Tomcat 8.0.x < 8.0.11 Multiple OpenSSL Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Apache Tomcat\nserver running on the remote host is 8.0.x prior to 8.0.11. It is,\ntherefore, affected by multiple vulnerabilities in the bundled version\nof OpenSSL :\n\n - An error exists in the function 'ssl3_read_bytes' that\n could allow data to be injected into other sessions or\n allow denial of service attacks. Note that this issue\n is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is\n enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS\n fragment handling that could lead to the execution of\n arbitrary code. Note that this issue only affects\n OpenSSL when used as a DTLS client or server.\n (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that\n could allow a NULL pointer to be dereferenced leading to\n denial of service attacks. Note that this issue is\n exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is\n enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that\n could lead to denial of service attacks. Note that this\n issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an attacker\n to cause usage of weak keying material leading to\n simplified man-in-the-middle attacks. (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH\n cipher suites that could allow denial of service\n attacks. Note that this issue only affects OpenSSL TLS\n clients. (CVE-2014-3470)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/download-80.cgi#8.0.11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bz.apache.org/bugzilla/show_bug.cgi?id=56596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140605.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Apache Tomcat version 8.0.11 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"os_fingerprint.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntc_paranoia = FALSE;\n\n# Only fire on Windows if low paranoia\nif (report_paranoia < 2)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Windows\" >!< os) audit(AUDIT_OS_NOT, \"Microsoft Windows\");\n tc_paranoia = TRUE;\n}\n\ntomcat_check_version(fixed:\"8.0.11\", min:\"8.0.0\", severity:SECURITY_WARNING, granularity_regex:\"^8(\\.0)?$\", paranoid:tc_paranoia);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:35:53", "description": "The version of VMware Horizon View Client installed on the remote host is a version prior to 3.0.0. It is, therefore, affected by multiple vulnerabilities in the bundled OpenSSL library :\n\n - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note this issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-08-01T00:00:00", "type": "nessus", "title": "VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:vmware:horizon_view_client"], "id": "VMWARE_HORIZON_VIEW_CLIENT_VMSA_2014_0006.NASL", "href": "https://www.tenable.com/plugins/nessus/76966", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76966);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2010-5298\",\n \"CVE-2014-0195\",\n \"CVE-2014-0198\",\n \"CVE-2014-0221\",\n \"CVE-2014-0224\",\n \"CVE-2014-3470\"\n );\n script_bugtraq_id(\n 66801,\n 67193,\n 67898,\n 67899,\n 67900,\n 67901\n );\n script_xref(name:\"CERT\", value:\"978508\");\n script_xref(name:\"VMSA\", value:\"2014-0006\");\n\n script_name(english:\"VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006)\");\n script_summary(english:\"Checks the VMware Horizon View Client version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a virtual desktop solution that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of VMware Horizon View Client installed on the remote host\nis a version prior to 3.0.0. It is, therefore, affected by multiple\nvulnerabilities in the bundled OpenSSL library :\n\n - An error exists in the function 'ssl3_read_bytes'\n that could allow data to be injected into other\n sessions or allow denial of service attacks. Note\n this issue is only exploitable if\n 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS\n fragment handling that could lead to execution of\n arbitrary code. Note this issue only affects OpenSSL\n when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that\n could allow a NULL pointer to be dereferenced leading\n to denial of service attacks. Note this issue is\n exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is\n enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that\n could lead to denial of service attacks. Note this\n issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an\n attacker to cause usage of weak keying material\n leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH\n cipher suites that could allow denial of service\n attacks. Note this issue only affects OpenSSL TLS\n clients. (CVE-2014-3470)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2014-0006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140605.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to VMware Horizon View Client 3.0.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:vmware:horizon_view_client\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"vmware_horizon_view_client_installed.nbin\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"installed_sw/VMware Horizon View Client\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\nappname = 'VMware Horizon View Client';\n\nget_install_count(app_name:appname, exit_if_zero:TRUE);\ninstall = get_single_install(app_name:appname);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nfix = '3.0.0';\nif (ver_compare(ver:version, fix:fix, strict:FALSE) < 0)\n{\n report =\n '\\n Product : ' + appname +\n '\\n Path : ' + path +\n '\\n Installed version : ' + version+\n '\\n Fixed version : ' + fix + '\\n';\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, appname, version, path);\n\nif (report_verbosity > 0) security_warning(port:port, extra:report);\nelse security_warning(port);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:33:39", "description": "It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.\n(CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to :\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nFor the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-06-06T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20140605)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "p-cpe:/a:fermilab:scientific_linux:openssl-static", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20140605_OPENSSL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/74350", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74350);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-5298\", \"CVE-2014-0195\", \"CVE-2014-0198\", \"CVE-2014-0221\", \"CVE-2014-0224\", \"CVE-2014-3470\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20140605)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to\ndecrypt and modify traffic between a client and a server.\n(CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client\nmust be using a vulnerable version of OpenSSL; the server must be\nusing OpenSSL version 1.0.1 and above, and the client must be using\nany version of OpenSSL. For more information about this flaw, refer \nto :\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid\nDTLS packet fragments. A remote attacker could possibly use this flaw\nto execute arbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write\nbuffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL\nclient or server using OpenSSL could crash or unexpectedly drop\nconnections when processing certain SSL traffic. (CVE-2010-5298,\nCVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain\nDTLS ServerHello requests. A specially crafted DTLS handshake packet\ncould cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A\nspecially crafted handshake packet could cause a TLS/SSL client that\nhas the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary (such as httpd and other SSL-enabled services) must be\nrestarted or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1406&L=scientific-linux-errata&T=0&P=953\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?62e5f710\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"openssl-1.0.1e-16.el6_5.14\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-debuginfo-1.0.1e-16.el6_5.14\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-devel-1.0.1e-16.el6_5.14\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-perl-1.0.1e-16.el6_5.14\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-static-1.0.1e-16.el6_5.14\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:36:34", "description": "The version of VMware vCenter Support Assistant installed on the remote host is 5.5.1.x prior to 5.5.1.1. It is, therefore, affected by multiple vulnerabilities in the bundled OpenSSL library :\n\n - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note this issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-08-04T00:00:00", "type": "nessus", "title": "VMware vCenter Support Assistant Multiple Vulnerabilities (VMSA-2014-0006)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2019-11-25T00:00:00", "cpe": [], "id": "VMWARE_VCENTER_SUPPORT_ASSISTANT_2014-0006.NASL", "href": "https://www.tenable.com/plugins/nessus/76994", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76994);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2010-5298\",\n \"CVE-2014-0195\",\n \"CVE-2014-0198\",\n \"CVE-2014-0221\",\n \"CVE-2014-0224\",\n \"CVE-2014-3470\"\n );\n script_bugtraq_id(\n 66801,\n 67193,\n 67898,\n 67899,\n 67900,\n 67901\n );\n script_xref(name:\"CERT\", value:\"978508\");\n script_xref(name:\"VMSA\", value:\"2014-0006\");\n\n script_name(english:\"VMware vCenter Support Assistant Multiple Vulnerabilities (VMSA-2014-0006)\");\n script_summary(english:\"Checks the version of VMware vCenter Support Assistant.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a support tool installed that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of VMware vCenter Support Assistant installed on the\nremote host is 5.5.1.x prior to 5.5.1.1. It is, therefore, affected by\nmultiple vulnerabilities in the bundled OpenSSL library :\n\n - An error exists in the function 'ssl3_read_bytes'\n that could allow data to be injected into other\n sessions or allow denial of service attacks. Note\n this issue is only exploitable if\n 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS\n fragment handling that could lead to execution of\n arbitrary code. Note this issue only affects OpenSSL\n when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that\n could allow a NULL pointer to be dereferenced leading\n to denial of service attacks. Note this issue is\n exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is\n enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that\n could lead to denial of service attacks. Note this\n issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an\n attacker to cause usage of weak keying material\n leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH\n cipher suites that could allow denial of service\n attacks. Note this issue only affects OpenSSL TLS\n clients. (CVE-2014-3470)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.vmware.com/security/advisories/VMSA-2014-0006.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140605.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to VMware vCenter Support Assistant 5.5.1.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/VMware vCenter Support Assistant/Version\", \"Host/VMware vCenter Support Assistant/Build\");\n script_require_ports(\"Services/ssh\", 22);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Host/VMware vCenter Support Assistant/Version\");\nbuild = get_kb_item_or_exit(\"Host/VMware vCenter Support Assistant/Build\");\n\nif (version =~ '^5\\\\.5\\\\.1([^0-9]|$)' && ver_compare(ver:version, fix:'5.5.1.1', strict:FALSE) == -1)\n{\n if (report_verbosity> 0)\n {\n report =\n '\\n Installed version : ' + version + ' Build ' + build +\n '\\n Fixed version : 5.5.1.1 Build 1929337\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, 'VMware vCenter Support Assistant', version + ' Build ' + build);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:34:58", "description": "The version of VMware Horizon View Client installed on the remote Mac OS X host is a version prior to 3.0.0. It is, therefore, affected by multiple vulnerabilities in the bundled OpenSSL library :\n\n - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS fragment handling that could lead to execution of arbitrary code. Note this issue only affects OpenSSL when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that could lead to denial of service attacks. Note this issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH cipher suites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-08-01T00:00:00", "type": "nessus", "title": "VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006) (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:vmware:horizon_view_client"], "id": "MACOSX_VMWARE_HORIZON_VIEW_CLIENT_VMSA_2014_0006.NASL", "href": "https://www.tenable.com/plugins/nessus/76965", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76965);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2010-5298\",\n \"CVE-2014-0195\",\n \"CVE-2014-0198\",\n \"CVE-2014-0221\",\n \"CVE-2014-0224\",\n \"CVE-2014-3470\"\n );\n script_bugtraq_id(\n 66801,\n 67193,\n 67898,\n 67899,\n 67900,\n 67901\n );\n script_xref(name:\"CERT\", value:\"978508\");\n script_xref(name:\"VMSA\", value:\"2014-0006\");\n\n script_name(english:\"VMware Horizon View Client < 3.0.0 Multiple SSL Vulnerabilities (VMSA-2014-0006) (Mac OS X)\");\n script_summary(english:\"Checks the VMware Horizon View Client version (Mac OS X).\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host has a virtual desktop solution that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of VMware Horizon View Client installed on the remote Mac\nOS X host is a version prior to 3.0.0. It is, therefore, affected by\nmultiple vulnerabilities in the bundled OpenSSL library :\n\n - An error exists in the function 'ssl3_read_bytes'\n that could allow data to be injected into other\n sessions or allow denial of service attacks. Note\n this issue is only exploitable if\n 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)\n\n - A buffer overflow error exists related to invalid DTLS\n fragment handling that could lead to execution of\n arbitrary code. Note this issue only affects OpenSSL\n when used as a DTLS client or server. (CVE-2014-0195)\n\n - An error exists in the function 'do_ssl3_write' that\n could allow a NULL pointer to be dereferenced leading\n to denial of service attacks. Note this issue is\n exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is\n enabled. (CVE-2014-0198)\n\n - An error exists related to DTLS handshake handling that\n could lead to denial of service attacks. Note this\n issue only affects OpenSSL when used as a DTLS client.\n (CVE-2014-0221)\n\n - An unspecified error exists that could allow an\n attacker to cause usage of weak keying material\n leading to simplified man-in-the-middle attacks.\n (CVE-2014-0224)\n\n - An unspecified error exists related to anonymous ECDH\n cipher suites that could allow denial of service\n attacks. Note this issue only affects OpenSSL TLS\n clients. (CVE-2014-3470)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2014-0006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20140605.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to VMware Horizon View Client 3.0.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:vmware:horizon_view_client\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_vmware_horizon_view_client_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/VMware Horizon View Client\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/MacOSX/Version\")) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nappname = 'VMware Horizon View Client';\n\nget_install_count(app_name:appname, exit_if_zero:TRUE);\ninstall = get_single_install(app_name:appname);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nfix = '3.0.0';\nif (ver_compare(ver:version, fix:fix, strict:FALSE) < 0)\n{\n report =\n '\\n Product : ' + appname +\n '\\n Path : ' + path +\n '\\n Installed version : ' + version+\n '\\n Fixed version : ' + fix + '\\n';\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, appname, version, path);\n\nif (report_verbosity > 0) security_warning(port:0, extra:report);\nelse security_warning(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-18T14:33:15", "description": "Major security update fixing multiple issues. Some of these fixes are quite important.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2014-06-06T00:00:00", "type": "nessus", "title": "Fedora 19 : openssl-1.0.1e-38.fc19 (2014-7101)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-7101.NASL", "href": "https://www.tenable.com/plugins/nessus/74340", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-7101.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74340);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-5298\", \"CVE-2014-0195\", \"CVE-2014-0198\", \"CVE-2014-0221\", \"CVE-2014-0224\", \"CVE-2014-3470\");\n script_bugtraq_id(66801, 67193, 67898, 67899, 67900, 67901);\n script_xref(name:\"FEDORA\", value:\"2014-7101\");\n\n script_name(english:\"Fedora 19 : openssl-1.0.1e-38.fc19 (2014-7101)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Major security update fixing multiple issues. Some of these fixes are\nquite important.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1087195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1093837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1103586\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1103593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1103598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1103600\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134011.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e15d430d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright