{"photon": [{"lastseen": "2021-11-03T17:49:50", "description": "An update of {'python2', 'linux', 'openssl', 'linux-esx', 'tar', 'yarn', 'kubernetes', 'bash'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 4.2}, "published": "2019-10-01T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0252", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6711", "CVE-2016-6321", "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249", "CVE-2019-14835", "CVE-2019-1547", "CVE-2019-1563", "CVE-2019-16056", "CVE-2019-5448"], "modified": "2019-10-01T00:00:00", "id": "PHSA-2019-1.0-0252", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-252", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-12T18:50:28", "description": "Updates of ['binutils', 'kubernetes', 'python2'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-09-27T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2019-0031", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1010204", "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249", "CVE-2019-11253", "CVE-2019-16056"], "modified": "2019-09-27T00:00:00", "id": "PHSA-2019-0031", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-31", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-05-29T17:48:16", "description": "Updates of ['kubernetes', 'python2', 'binutils'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-09-28T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2019-3.0-0031", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1010204", "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249", "CVE-2019-11253", "CVE-2019-16056"], "modified": "2019-09-28T00:00:00", "id": "PHSA-2019-3.0-0031", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-31", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-11-03T08:58:11", "description": "An update of {'fuse', 'kubernetes', 'curl', 'openssl', 'python2'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-30T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-2.0-0177", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10906", "CVE-2019-11245", "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249", "CVE-2019-1547", "CVE-2019-1563", "CVE-2019-16056", "CVE-2019-5481", "CVE-2019-5482"], "modified": "2019-09-30T00:00:00", "id": "PHSA-2019-2.0-0177", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-177", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-30T15:25:17", "description": "Updates of ['fuse3', 'fuse', 'openssl', 'python2', 'kubernetes', 'curl'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-30T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0177", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10906", "CVE-2019-11245", "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249", "CVE-2019-1547", "CVE-2019-1563", "CVE-2019-16056", "CVE-2019-5481", "CVE-2019-5482"], "modified": "2019-09-30T00:00:00", "id": "PHSA-2019-0177", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-177", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-27T15:16:19", "description": "An update of {'python3', 'yarn'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-23T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-2.0-0176", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16056", "CVE-2019-5448"], "modified": "2019-09-23T00:00:00", "id": "PHSA-2019-2.0-0176", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-176", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-05-24T14:30:30", "description": "An update of the kubernetes package has been released.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Kubernetes PHSA-2019-1.0-0255", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:kubernetes", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0255_KUBERNETES.NASL", "href": "https://www.tenable.com/plugins/nessus/129682", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0255. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129682);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2019-11246\",\n \"CVE-2019-11247\",\n \"CVE-2019-11248\",\n \"CVE-2019-11249\"\n );\n\n script_name(english:\"Photon OS 1.0: Kubernetes PHSA-2019-1.0-0255\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the kubernetes package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-255.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-11248\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-debuginfo-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-kubeadm-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-kubectl-extras-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-pause-1.12.10-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:32", "description": "An update of the kubernetes package has been released.", "cvss3": {}, "published": "2019-10-11T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Kubernetes PHSA-2019-1.0-0252", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:kubernetes", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0252_KUBERNETES.NASL", "href": "https://www.tenable.com/plugins/nessus/129784", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0252. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129784);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2019-11246\",\n \"CVE-2019-11247\",\n \"CVE-2019-11248\",\n \"CVE-2019-11249\"\n );\n\n script_name(english:\"Photon OS 1.0: Kubernetes PHSA-2019-1.0-0252\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the kubernetes package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-252.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-11248\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-debuginfo-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-kubeadm-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-kubectl-extras-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-pause-1.12.10-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:04", "description": "An update of the kubernetes package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Kubernetes PHSA-2019-3.0-0031", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:kubernetes", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0031_KUBERNETES.NASL", "href": "https://www.tenable.com/plugins/nessus/130125", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0031. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130125);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2019-11246\",\n \"CVE-2019-11247\",\n \"CVE-2019-11248\",\n \"CVE-2019-11249\"\n );\n\n script_name(english:\"Photon OS 3.0: Kubernetes PHSA-2019-3.0-0031\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the kubernetes package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0031.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-11248\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-1.12.10-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-debuginfo-1.12.10-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-kubeadm-1.12.10-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-kubectl-extras-1.12.10-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-pause-1.12.10-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:30", "description": "An update of the kubernetes package has been released.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Kubernetes PHSA-2019-2.0-0177", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11245", "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:kubernetes", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0177_KUBERNETES.NASL", "href": "https://www.tenable.com/plugins/nessus/129691", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0177. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129691);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2019-11245\",\n \"CVE-2019-11246\",\n \"CVE-2019-11247\",\n \"CVE-2019-11248\",\n \"CVE-2019-11249\"\n );\n\n script_name(english:\"Photon OS 2.0: Kubernetes PHSA-2019-2.0-0177\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the kubernetes package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-177.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-11248\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_exists(rpm:\"kubernetes-1.12\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-1.13\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-1.13.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-1.14\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-1.14.6-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-debuginfo-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubeadm-1.12\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubeadm-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubeadm-1.13\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubeadm-1.13.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubeadm-1.14\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubeadm-1.14.6-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubectl-extras-1.12\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubectl-extras-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubectl-extras-1.13\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubectl-extras-1.13.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubectl-extras-1.14\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubectl-extras-1.14.6-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-pause-1.12\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-pause-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-pause-1.13\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-pause-1.13.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-pause-1.14\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-pause-1.14.6-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:07", "description": "Update to v1.15.2 + carry upstream #81330\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Fedora 30 : kubernetes (2019-2b8ef08c95)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1002101", "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249", "CVE-2019-11250"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kubernetes", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-2B8EF08C95.NASL", "href": "https://www.tenable.com/plugins/nessus/128127", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-2b8ef08c95.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128127);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2019-1002101\", \"CVE-2019-11246\", \"CVE-2019-11247\", \"CVE-2019-11248\", \"CVE-2019-11249\", \"CVE-2019-11250\");\n script_xref(name:\"FEDORA\", value:\"2019-2b8ef08c95\");\n\n script_name(english:\"Fedora 30 : kubernetes (2019-2b8ef08c95)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to v1.15.2 + carry upstream #81330\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-2b8ef08c95\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected kubernetes package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"kubernetes-1.15.2-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:46", "description": "Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation.\nIn order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).\n(CVE-2019-1547)\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).\nFixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1563)", "cvss3": {}, "published": "2020-03-26T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : openssl (ALAS-2020-1406)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl-libs", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1406.NASL", "href": "https://www.tenable.com/plugins/nessus/134897", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1406.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134897);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_xref(name:\"ALAS\", value:\"2020-1406\");\n\n script_name(english:\"Amazon Linux 2 : openssl (ALAS-2020-1406)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Normally in OpenSSL EC groups always have a co-factor present and this\nis used in side channel resistant code paths. However, in some cases,\nit is possible to construct a group using explicit parameters (instead\nof using a named curve). In those cases it is possible that such a\ngroup does not have the cofactor present. This can occur even where\nall the parameters match a known named curve. If such a curve is used\nthen OpenSSL falls back to non-side channel resistant code paths which\nmay result in full key recovery during an ECDSA signature operation.\nIn order to be vulnerable an attacker would have to have the ability\nto time the creation of a large number of signatures where explicit\nparameters with no co-factor present are in use by an application\nusing libcrypto. For the avoidance of doubt libssl is not vulnerable\nbecause explicit parameters are never used. Fixed in OpenSSL 1.1.1d\n(Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).\n(CVE-2019-1547)\n\nIn situations where an attacker receives automated notification of the\nsuccess or failure of a decryption attempt an attacker, after sending\na very large number of messages to be decrypted, can recover a\nCMS/PKCS7 transported encryption key or decrypt any RSA encrypted\nmessage that was encrypted with the public RSA key, using a\nBleichenbacher padding oracle attack. Applications are not affected if\nthey use a certificate together with the private RSA key to the\nCMS_decrypt or PKCS7_decrypt functions to select the correct recipient\ninfo to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).\nFixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL\n1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1563)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1406.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update openssl' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"openssl-1.0.2k-19.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-debuginfo-1.0.2k-19.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-devel-1.0.2k-19.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-libs-1.0.2k-19.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-perl-1.0.2k-19.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl-static-1.0.2k-19.amzn2.0.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:43", "description": "According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1563)\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1547)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-03-20T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2020-1274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2020-1274.NASL", "href": "https://www.tenable.com/plugins/nessus/134740", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134740);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2020-1274)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt. Fixed in OpenSSL 1.1.1d (Affected\n 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected\n 1.0.2-1.0.2s).(CVE-2019-1563)\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then OpenSSL\n falls back to non-side channel resistant code paths\n which may result in full key recovery during an ECDSA\n signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters\n are never used. Fixed in OpenSSL 1.1.1d (Affected\n 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected\n 1.0.2-1.0.2s).(CVE-2019-1547)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1274\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3b02cc26\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h7\",\n \"openssl-devel-1.0.2k-16.h7\",\n \"openssl-libs-1.0.2k-16.h7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:29:33", "description": "The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14171-1 advisory.\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1563)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : openssl1 (SUSE-SU-2019:14171-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl1-devel", "p-cpe:/a:novell:suse_linux:openssl1", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-32bit", "p-cpe:/a:novell:suse_linux:openssl1-doc", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-x86", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2019-14171-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150594", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2019:14171-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150594);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2019:14171-1\");\n script_xref(name:\"IAVA\", value:\"2019-A-0303-S\");\n\n script_name(english:\"SUSE SLES11 Security Update : openssl1 (SUSE-SU-2019:14171-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2019:14171-1 advisory.\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant\n code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead\n of using a named curve). In those cases it is possible that such a group does not have the cofactor\n present. This can occur even where all the parameters match a known named curve. If such a curve is used\n then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery\n during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability\n to time the creation of a large number of signatures where explicit parameters with no co-factor present\n are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because\n explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL\n 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number of messages to be decrypted, can recover a\n CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the\n public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a\n certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the\n correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL\n 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1563)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1150250\");\n # https://lists.suse.com/pipermail/sle-security-updates/2019-September/005926.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?21fe9e5b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl1-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP0\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'libopenssl1-devel-1.0.1g-0.58.21', 'sp':'0', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.3-0'},\n {'reference':'libopenssl1_0_0-1.0.1g-0.58.21', 'sp':'0', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.3-0'},\n {'reference':'libopenssl1_0_0-32bit-1.0.1g-0.58.21', 'sp':'0', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.3-0'},\n {'reference':'libopenssl1_0_0-32bit-1.0.1g-0.58.21', 'sp':'0', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.3-0'},\n {'reference':'openssl1-1.0.1g-0.58.21', 'sp':'0', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.3-0'},\n {'reference':'openssl1-doc-1.0.1g-0.58.21', 'sp':'0', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.3-0'},\n {'reference':'libopenssl1-devel-1.0.1g-0.58.21', 'sp':'0', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.3-0'},\n {'reference':'libopenssl1_0_0-1.0.1g-0.58.21', 'sp':'0', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.3-0'},\n {'reference':'libopenssl1_0_0-32bit-1.0.1g-0.58.21', 'sp':'0', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.3-0'},\n {'reference':'libopenssl1_0_0-32bit-1.0.1g-0.58.21', 'sp':'0', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.3-0'},\n {'reference':'openssl1-1.0.1g-0.58.21', 'sp':'0', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.3-0'},\n {'reference':'openssl1-doc-1.0.1g-0.58.21', 'sp':'0', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.3-0'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libopenssl1-devel / libopenssl1_0_0 / libopenssl1_0_0-32bit / openssl1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:29:34", "description": "The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14174-1 advisory.\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1563)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : openssl (SUSE-SU-2019:14174-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-32bit", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac-32bit", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2019-14174-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150664", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2019:14174-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150664);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2019:14174-1\");\n script_xref(name:\"IAVA\", value:\"2019-A-0303-S\");\n\n script_name(english:\"SUSE SLES11 Security Update : openssl (SUSE-SU-2019:14174-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2019:14174-1 advisory.\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant\n code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead\n of using a named curve). In those cases it is possible that such a group does not have the cofactor\n present. This can occur even where all the parameters match a known named curve. If such a curve is used\n then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery\n during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability\n to time the creation of a large number of signatures where explicit parameters with no co-factor present\n are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because\n explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL\n 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number of messages to be decrypted, can recover a\n CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the\n public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a\n certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the\n correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL\n 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1563)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1150250\");\n # https://lists.suse.com/pipermail/sle-security-updates/2019-September/005936.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e8df511a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'libopenssl0_9_8-0.9.8j-0.106.25', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'libopenssl0_9_8-32bit-0.9.8j-0.106.25', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'libopenssl0_9_8-32bit-0.9.8j-0.106.25', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'libopenssl0_9_8-hmac-0.9.8j-0.106.25', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.25', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.25', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'openssl-0.9.8j-0.106.25', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'openssl-doc-0.9.8j-0.106.25', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'libopenssl0_9_8-0.9.8j-0.106.25', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'libopenssl0_9_8-32bit-0.9.8j-0.106.25', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'libopenssl0_9_8-32bit-0.9.8j-0.106.25', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'libopenssl0_9_8-hmac-0.9.8j-0.106.25', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.25', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.25', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'openssl-0.9.8j-0.106.25', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'openssl-doc-0.9.8j-0.106.25', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libopenssl0_9_8 / libopenssl0_9_8-32bit / libopenssl0_9_8-hmac / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:01", "description": "The remote host is affected by the vulnerability described in GLSA-201911-04 (OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "GLSA-201911-04 : OpenSSL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201911-04.NASL", "href": "https://www.tenable.com/plugins/nessus/130636", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201911-04.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130636);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_xref(name:\"GLSA\", value:\"201911-04\");\n\n script_name(english:\"GLSA-201911-04 : OpenSSL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201911-04\n(OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201911-04\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All OpenSSL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.0.2t'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 1.0.2t\"), vulnerable:make_list(\"lt 1.0.2t\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:43", "description": "According to the versions of the openssl1.1.0f packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.(CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : openssl1.1.0f (EulerOS-SA-2019-2254)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl110f", "p-cpe:/a:huawei:euleros:openssl110f-devel", "p-cpe:/a:huawei:euleros:openssl110f-libs", "p-cpe:/a:huawei:euleros:openssl110f-static", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2254.NASL", "href": "https://www.tenable.com/plugins/nessus/130716", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130716);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS 2.0 SP3 : openssl1.1.0f (EulerOS-SA-2019-2254)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl1.1.0f packages installed,\nthe EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then OpenSSL\n falls back to non-side channel resistant code paths\n which may result in full key recovery during an ECDSA\n signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters\n are never used.(CVE-2019-1547)\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt.(CVE-2019-1563)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2254\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?63c0629c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl1.1.0f packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110f\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110f-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110f-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110f-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl110f-1.1.0f-5.h9\",\n \"openssl110f-devel-1.1.0f-5.h9\",\n \"openssl110f-libs-1.1.0f-5.h9\",\n \"openssl110f-static-1.1.0f-5.h9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl1.1.0f\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:15", "description": "According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.(CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-2264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2264.NASL", "href": "https://www.tenable.com/plugins/nessus/130726", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130726);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-2264)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then OpenSSL\n falls back to non-side channel resistant code paths\n which may result in full key recovery during an ECDSA\n signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters\n are never used.(CVE-2019-1547)\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt.(CVE-2019-1563)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2264\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d3df59f1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h9\",\n \"openssl-devel-1.0.2k-16.h9\",\n \"openssl-libs-1.0.2k-16.h9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:51", "description": "This update for openssl fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance (bsc#1150003).\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-23T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : openssl (SUSE-SU-2019:2413-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-devel", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2413-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129155", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2413-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129155);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"SUSE SLES12 Security Update : openssl (SUSE-SU-2019:2413-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack\navoidance (bsc#1150003).\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7\nencryption transported key (bsc#1150250).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192413-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?45ff189d\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2019-2413=1\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2019-2413=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-2413=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2019-2413=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-2413=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-2413=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2019-2413=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-2413=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-2413=1\n\nSUSE Enterprise Storage 5:zypper in -t patch\nSUSE-Storage-5-2019-2413=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2019-2413=1\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2019-2413=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl-devel-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-32bit-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-debuginfo-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-hmac-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"openssl-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"openssl-debuginfo-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"openssl-debugsource-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl-devel-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-32bit-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-debuginfo-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-hmac-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"openssl-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"openssl-debuginfo-1.0.2j-60.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"openssl-debugsource-1.0.2j-60.55.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:08", "description": "This update for openssl-1_1 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-19T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:2403-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel", "p-cpe:/a:novell:suse_linux:libopenssl1_1", "p-cpe:/a:novell:suse_linux:libopenssl1_1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2403-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129047", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2403-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129047);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:2403-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl-1_1 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack\navoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7\nencryption transported key (bsc#1150250)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192403-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?58ef7799\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2403=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-2403=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl-1_1-devel-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl1_1-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl1_1-debuginfo-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl1_1-hmac-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"openssl-1_1-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"openssl-1_1-debuginfo-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"openssl-1_1-debugsource-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libopenssl-1_1-devel-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libopenssl1_1-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libopenssl1_1-debuginfo-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libopenssl1_1-hmac-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"openssl-1_1-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"openssl-1_1-debuginfo-1.1.0i-14.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"openssl-1_1-debugsource-1.1.0i-14.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_1\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:30", "description": "This update for openssl-1_0_0 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nIn addition fixed invalid curve attacks by validating that an EC point lies on the curve (bsc#1131291).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2019:2561-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-1_0_0-devel", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-steam", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-steam-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-steam-debuginfo", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-1_0_0-cavs", "p-cpe:/a:novell:suse_linux:openssl-1_0_0-cavs-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_0_0-debugsource", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2561-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129676", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2561-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129676);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2019:2561-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl-1_0_0 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack\navoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7\nencryption transported key (bsc#1150250)\n\nIn addition fixed invalid curve attacks by validating that an EC point\nlies on the curve (bsc#1131291).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192561-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?716bd657\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2561=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2561=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Legacy-15-SP1-2019-2561=1\n\nSUSE Linux Enterprise Module for Legacy Software 15:zypper in -t patch\nSUSE-SLE-Module-Legacy-15-2019-2561=1\n\nSUSE Enterprise Storage 6:zypper in -t patch\nSUSE-Storage-6-2019-2561=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_0_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-steam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-steam-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-steam-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_0_0-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_0_0-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_0_0-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl-1_0_0-devel-32bit-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-steam-32bit-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl-1_0_0-devel-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl1_0_0-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl1_0_0-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl1_0_0-hmac-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl1_0_0-steam-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libopenssl1_0_0-steam-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"openssl-1_0_0-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"openssl-1_0_0-cavs-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"openssl-1_0_0-cavs-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"openssl-1_0_0-debugsource-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl-1_0_0-devel-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_0_0-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_0_0-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_0_0-hmac-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_0_0-steam-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_0_0-steam-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_0_0-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_0_0-cavs-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_0_0-cavs-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_0_0-debugsource-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl-1_0_0-devel-32bit-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-steam-32bit-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libopenssl1_0_0-hmac-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libopenssl1_0_0-steam-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libopenssl1_0_0-steam-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"openssl-1_0_0-cavs-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"openssl-1_0_0-cavs-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"openssl-1_0_0-debugsource-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_0_0-hmac-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_0_0-steam-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_0_0-steam-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_0_0-cavs-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_0_0-cavs-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_0_0-debugsource-1.0.2p-3.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_0_0\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:09", "description": "This update for compat-openssl098 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance (bsc#1150003).\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2019:2558-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:compat-openssl098-debugsource", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8", "p-cpe:/a:novell:suse_linux:libopenssl0_9_8-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2558-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129674", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2558-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129674);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2019:2558-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for compat-openssl098 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack\navoidance (bsc#1150003).\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7\nencryption transported key (bsc#1150250).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192558-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d2fe402\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP4:zypper in -t patch\nSUSE-SLE-SAP-12-SP4-2019-2558=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2019-2558=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-2558=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-2558=1\n\nSUSE Linux Enterprise Module for Legacy Software 12:zypper in -t patch\nSUSE-SLE-Module-Legacy-12-2019-2558=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2558=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:compat-openssl098-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl0_9_8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"compat-openssl098-debugsource-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-32bit-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-debuginfo-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"compat-openssl098-debugsource-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-0.9.8j-106.15.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl0_9_8-debuginfo-32bit-0.9.8j-106.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openssl098\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:14", "description": "This update for openssl fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed a Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-19T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : openssl (SUSE-SU-2019:2397-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2397-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129044", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2397-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129044);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"SUSE SLES12 Security Update : openssl (SUSE-SU-2019:2397-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack\navoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed a Bleichenbacher attack against cms/pkcs7\nencryption transported key (bsc#1150250)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192397-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?780c154c\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-2397=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-2397=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-1.0.1i-54.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-32bit-1.0.1i-54.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-debuginfo-1.0.1i-54.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1i-54.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-hmac-1.0.1i-54.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.1i-54.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"openssl-1.0.1i-54.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"openssl-debuginfo-1.0.1i-54.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"openssl-debugsource-1.0.1i-54.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:58", "description": "This update for openssl-1_1 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-23T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:2410-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel", "p-cpe:/a:novell:suse_linux:libopenssl1_1", "p-cpe:/a:novell:suse_linux:libopenssl1_1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2410-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129153", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2410-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129153);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:2410-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl-1_1 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack\navoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7\nencryption transported key (bsc#1150250)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192410-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f1d449ca\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2410=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-2410=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl-1_1-devel-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_1-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_1-debuginfo-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libopenssl1_1-hmac-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_1-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_1-debuginfo-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"openssl-1_1-debugsource-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl-1_1-devel-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_1-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_1-debuginfo-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libopenssl1_1-hmac-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_1-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_1-debuginfo-1.1.0i-4.24.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"openssl-1_1-debugsource-1.1.0i-4.24.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_1\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:52", "description": "This update for openssl-1_0_0 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nIn addition fixed invalid curve attacks by validating that an EC point lies on the curve (bsc#1131291).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2019:2504-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl-1_0_0-devel", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-1_0_0-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_0_0-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2504-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129528", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2504-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129528);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2019:2504-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for openssl-1_0_0 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\nCVE-2019-1547: Added EC_GROUP_set_generator side channel attack\navoidance. (bsc#1150003)\n\nCVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7\nencryption transported key (bsc#1150250)\n\nIn addition fixed invalid curve attacks by validating that an EC point\nlies on the curve (bsc#1131291).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1547/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1563/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192504-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?501bfe00\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2504=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2504=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2504=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl-1_0_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_0_0-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl-1_0_0-devel-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-32bit-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-debuginfo-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-hmac-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_0_0-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_0_0-debugsource-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl-1_0_0-devel-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1_0_0-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-3.11.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"openssl-1_0_0-debugsource-1.0.2p-3.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_0_0\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:30", "description": "An update of the openssl package has been released.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Openssl PHSA-2019-1.0-0255", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:openssl", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0255_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/129684", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0255. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129684);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"Photon OS 1.0: Openssl PHSA-2019-1.0-0255\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openssl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-255.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-1.0.2t-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-debuginfo-1.0.2t-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-devel-1.0.2t-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-perl-1.0.2t-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:14", "description": "An update of the openssl package has been released.", "cvss3": {}, "published": "2019-10-11T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Openssl PHSA-2019-1.0-0252", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:openssl", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0252_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/129786", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0252. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129786);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"Photon OS 1.0: Openssl PHSA-2019-1.0-0252\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openssl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-252.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-1.0.2t-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-debuginfo-1.0.2t-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-devel-1.0.2t-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openssl-perl-1.0.2t-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:10", "description": "An update of the openssl package has been released.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Openssl PHSA-2019-2.0-0177", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:openssl", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0177_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/129692", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0177. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129692);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"Photon OS 2.0: Openssl PHSA-2019-2.0-0177\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openssl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-177.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"openssl-1.0.2t-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"openssl-debuginfo-1.0.2t-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"openssl-devel-1.0.2t-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"openssl-perl-1.0.2t-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:04", "description": "An update of the openssl package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Openssl PHSA-2019-3.0-0032", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:openssl", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0032_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/130113", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0032. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130113);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"Photon OS 3.0: Openssl PHSA-2019-3.0-0032\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openssl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0032.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"openssl-1.0.2t-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"openssl-debuginfo-1.0.2t-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"openssl-devel-1.0.2t-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"openssl-perl-1.0.2t-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:26", "description": "Two security issues were discovered in OpenSSL: A timing attack against ECDSA and a padding oracle in PKCS7_dataDecode() and CMS_decrypt_set1_pkey().", "cvss3": {}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "Debian DSA-4540-1 : openssl1.0 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl1.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4540.NASL", "href": "https://www.tenable.com/plugins/nessus/129507", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4540. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129507);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_xref(name:\"DSA\", value:\"4540\");\n\n script_name(english:\"Debian DSA-4540-1 : openssl1.0 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Two security issues were discovered in OpenSSL: A timing attack\nagainst ECDSA and a padding oracle in PKCS7_dataDecode() and\nCMS_decrypt_set1_pkey().\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl1.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openssl1.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4540\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the openssl1.0 packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 1.0.2t-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.0-dev\", reference:\"1.0.2t-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.0.2\", reference:\"1.0.2t-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:54", "description": "New openssl packages are available for Slackware 14.2 and -current to fix security issues.", "cvss3": {}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "Slackware 14.2 / current : openssl (SSA:2019-254-03)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:openssl", "p-cpe:/a:slackware:slackware_linux:openssl-solibs", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2019-254-03.NASL", "href": "https://www.tenable.com/plugins/nessus/128751", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-254-03. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128751);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_xref(name:\"SSA\", value:\"2019-254-03\");\n\n script_name(english:\"Slackware 14.2 / current : openssl (SSA:2019-254-03)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New openssl packages are available for Slackware 14.2 and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.428772\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a95338ad\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected openssl and / or openssl-solibs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:openssl-solibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"openssl\", pkgver:\"1.0.2t\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"openssl-solibs\", pkgver:\"1.0.2t\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.0.2t\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.0.2t\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"openssl\", pkgver:\"1.1.1d\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"openssl-solibs\", pkgver:\"1.1.1d\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl\", pkgver:\"1.1.1d\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"openssl-solibs\", pkgver:\"1.1.1d\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:32", "description": "This update for openssl-1_1 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\n - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\n - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {}, "published": "2019-09-24T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl-1_1 (openSUSE-2019-2158)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-1_1-devel", "p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_1", "p-cpe:/a:novell:opensuse:libopenssl1_1-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_1-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl-1_1", "p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_1-debugsource", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2158.NASL", "href": "https://www.tenable.com/plugins/nessus/129281", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2158.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129281);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"openSUSE Security Update : openssl-1_1 (openSUSE-2019-2158)\");\n script_summary(english:\"Check for the openSUSE-2019-2158 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for openssl-1_1 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\n - CVE-2019-1547: Added EC_GROUP_set_generator side channel\n attack avoidance. (bsc#1150003)\n\n - CVE-2019-1563: Fixed Bleichenbacher attack against\n cms/pkcs7 encryption transported key (bsc#1150250)\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150250\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected openssl-1_1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl-1_1-devel-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl1_1-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl1_1-debuginfo-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl1_1-hmac-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"openssl-1_1-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"openssl-1_1-debuginfo-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"openssl-1_1-debugsource-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-lp151.8.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:09", "description": "This update for openssl-1_0_0 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\n - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\n - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nIn addition fixed invalid curve attacks by validating that an EC point lies on the curve (bsc#1131291).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-2269)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-1_0_0-devel", "p-cpe:/a:novell:opensuse:libopenssl-1_0_0-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_0_0", "p-cpe:/a:novell:opensuse:openssl-1_0_0-cavs", "p-cpe:/a:novell:opensuse:openssl-1_0_0-cavs-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_0_0-debugsource", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2269.NASL", "href": "https://www.tenable.com/plugins/nessus/129670", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2269.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129670);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-2269)\");\n script_summary(english:\"Check for the openSUSE-2019-2269 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for openssl-1_0_0 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\n - CVE-2019-1547: Added EC_GROUP_set_generator side channel\n attack avoidance. (bsc#1150003)\n\n - CVE-2019-1563: Fixed Bleichenbacher attack against\n cms/pkcs7 encryption transported key (bsc#1150250)\n\nIn addition fixed invalid curve attacks by validating that an EC point\nlies on the curve (bsc#1131291).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150250\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected openssl-1_0_0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_0_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_0_0-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl-1_0_0-devel-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl1_0_0-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl1_0_0-debuginfo-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl1_0_0-hmac-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl1_0_0-steam-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libopenssl1_0_0-steam-debuginfo-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"openssl-1_0_0-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"openssl-1_0_0-cavs-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"openssl-1_0_0-cavs-debuginfo-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"openssl-1_0_0-debugsource-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl-1_0_0-devel-32bit-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-debuginfo-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-steam-32bit-1.0.2p-lp151.5.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-lp151.5.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-1_0_0-devel / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:13", "description": "This update for openssl-1_0_0 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\n - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\n - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nIn addition fixed invalid curve attacks by validating that an EC point lies on the curve (bsc#1131291).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-2268)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-1_0_0-devel", "p-cpe:/a:novell:opensuse:libopenssl-1_0_0-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_0_0", "p-cpe:/a:novell:opensuse:openssl-1_0_0-cavs", "p-cpe:/a:novell:opensuse:openssl-1_0_0-cavs-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_0_0-debugsource", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2268.NASL", "href": "https://www.tenable.com/plugins/nessus/129669", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2268.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129669);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-2268)\");\n script_summary(english:\"Check for the openSUSE-2019-2268 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl-1_0_0 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\n - CVE-2019-1547: Added EC_GROUP_set_generator side channel\n attack avoidance. (bsc#1150003)\n\n - CVE-2019-1563: Fixed Bleichenbacher attack against\n cms/pkcs7 encryption transported key (bsc#1150250)\n\nIn addition fixed invalid curve attacks by validating that an EC point\nlies on the curve (bsc#1131291).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150250\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl-1_0_0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_0_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_0_0-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-steam-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0-cavs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0-cavs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_0_0-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl-1_0_0-devel-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_0_0-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_0_0-debuginfo-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_0_0-hmac-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_0_0-steam-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_0_0-steam-debuginfo-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_0_0-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_0_0-cavs-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_0_0-cavs-debuginfo-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_0_0-debuginfo-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_0_0-debugsource-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl-1_0_0-devel-32bit-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-debuginfo-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-hmac-32bit-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-steam-32bit-1.0.2p-lp150.2.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-lp150.2.19.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-1_0_0-devel / libopenssl1_0_0 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:21:41", "description": "Two security vulnerabilities were found in OpenSSL, the Secure Sockets Layer toolkit.\n\nCVE-2019-1547\n\nNormally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation.\nIn order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.\n\nCVE-2019-1563\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.0.1t-1+deb8u12.\n\nWe recommend that you upgrade your openssl packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-26T00:00:00", "type": "nessus", "title": "Debian DLA-1932-1 : openssl security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libcrypto1.0.0-udeb", "p-cpe:/a:debian:debian_linux:libssl-dev", "p-cpe:/a:debian:debian_linux:libssl-doc", "p-cpe:/a:debian:debian_linux:libssl1.0.0", "p-cpe:/a:debian:debian_linux:libssl1.0.0-dbg", "p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1932.NASL", "href": "https://www.tenable.com/plugins/nessus/129362", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1932-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129362);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"Debian DLA-1932-1 : openssl security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two security vulnerabilities were found in OpenSSL, the Secure Sockets\nLayer toolkit.\n\nCVE-2019-1547\n\nNormally in OpenSSL EC groups always have a co-factor present and this\nis used in side channel resistant code paths. However, in some cases,\nit is possible to construct a group using explicit parameters (instead\nof using a named curve). In those cases it is possible that such a\ngroup does not have the cofactor present. This can occur even where\nall the parameters match a known named curve. If such a curve is used\nthen OpenSSL falls back to non-side channel resistant code paths which\nmay result in full key recovery during an ECDSA signature operation.\nIn order to be vulnerable an attacker would have to have the ability\nto time the creation of a large number of signatures where explicit\nparameters with no co-factor present are in use by an application\nusing libcrypto. For the avoidance of doubt libssl is not vulnerable\nbecause explicit parameters are never used.\n\nCVE-2019-1563\n\nIn situations where an attacker receives automated notification of the\nsuccess or failure of a decryption attempt an attacker, after sending\na very large number of messages to be decrypted, can recover a\nCMS/PKCS7 transported encryption key or decrypt any RSA encrypted\nmessage that was encrypted with the public RSA key, using a\nBleichenbacher padding oracle attack. Applications are not affected if\nthey use a certificate together with the private RSA key to the\nCMS_decrypt or PKCS7_decrypt functions to select the correct recipient\ninfo to decrypt.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.0.1t-1+deb8u12.\n\nWe recommend that you upgrade your openssl packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/openssl\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcrypto1.0.0-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libssl1.0.0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libcrypto1.0.0-udeb\", reference:\"1.0.1t-1+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl-dev\", reference:\"1.0.1t-1+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl-doc\", reference:\"1.0.1t-1+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl1.0.0\", reference:\"1.0.1t-1+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libssl1.0.0-dbg\", reference:\"1.0.1t-1+deb8u12\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openssl\", reference:\"1.0.1t-1+deb8u12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:21:42", "description": "This update for openssl-1_1 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\n - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)\n\n - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-09-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl-1_1 (openSUSE-2019-2189)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-1_1-devel", "p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_1", "p-cpe:/a:novell:opensuse:libopenssl1_1-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_1-hmac", "p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit", "p-cpe:/a:novell:opensuse:openssl-1_1", "p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo", "p-cpe:/a:novell:opensuse:openssl-1_1-debugsource", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2189.NASL", "href": "https://www.tenable.com/plugins/nessus/129380", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2189.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129380);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"openSUSE Security Update : openssl-1_1 (openSUSE-2019-2189)\");\n script_summary(english:\"Check for the openSUSE-2019-2189 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for openssl-1_1 fixes the following issues :\n\nOpenSSL Security Advisory [10 September 2019]\n\n - CVE-2019-1547: Added EC_GROUP_set_generator side channel\n attack avoidance. (bsc#1150003)\n\n - CVE-2019-1563: Fixed Bleichenbacher attack against\n cms/pkcs7 encryption transported key (bsc#1150250)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150250\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl-1_1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-1_1-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_1-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl-1_1-devel-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-debuginfo-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libopenssl1_1-hmac-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-debuginfo-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"openssl-1_1-debugsource-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl-1_1-devel-32bit-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-32bit-debuginfo-1.1.0i-lp150.3.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libopenssl1_1-hmac-32bit-1.1.0i-lp150.3.25.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:24", "description": "According to the versions of the compat-openssl10 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fix(es):OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the\n --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).Not found.(CVE-2019-1552)In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1563)Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve).\n In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).\n Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1547)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.5.0 : compat-openssl10 (EulerOS-SA-2020-1061)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1552", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:compat-openssl10", "cpe:/o:huawei:euleros:uvp:3.0.5.0"], "id": "EULEROS_SA-2020-1061.NASL", "href": "https://www.tenable.com/plugins/nessus/132815", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132815);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.5.0 : compat-openssl10 (EulerOS-SA-2020-1061)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the compat-openssl10 package installed,\nthe EulerOS Virtualization for ARM 64 installation on the remote host\nis affected by the following vulnerabilities :\n\n - The OpenSSL toolkit provides support for secure\n communications between machines. This version of\n OpenSSL package contains only the libraries and is\n provided for compatibility with previous releases and\n software that does not support compilation with\n OpenSSL-1.1. Security Fix(es):OpenSSL has internal\n defaults for a directory tree where it can find a\n configuration file as well as certificates used for\n verification in TLS. This directory is most commonly\n referred to as OPENSSLDIR, and is configurable with the\n --prefix / --openssldir configuration options. For\n OpenSSL versions 1.1.0 and 1.1.1, the mingw\n configuration targets assume that resulting programs\n and libraries are installed in a Unix-like environment\n and the default prefix for program installation as well\n as for OPENSSLDIR should be '/usr/local'. However,\n mingw programs are Windows programs, and as such, find\n themselves looking at sub-directories of\n 'C:/usr/local', which may be world writable, which\n enables untrusted users to modify OpenSSL's default\n configuration, insert CA certificates, modify (or even\n replace) existing engine modules, etc. For OpenSSL\n 1.0.2, '/usr/local/ssl' is used as default for\n OPENSSLDIR on all Unix and Windows targets, including\n Visual C builds. However, some build instructions for\n the diverse Windows targets on 1.0.2 encourage you to\n specify your own --prefix. OpenSSL versions 1.1.1,\n 1.1.0 and 1.0.2 are affected by this issue. Due to the\n limited scope of affected deployments this has been\n assessed as low severity and therefore we are not\n creating new releases at this time. Fixed in OpenSSL\n 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l\n (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t\n (Affected 1.0.2-1.0.2s).Not found.(CVE-2019-1552)In\n situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt. Fixed in OpenSSL 1.1.1d (Affected\n 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected\n 1.0.2-1.0.2s).(CVE-2019-1563)Normally in OpenSSL EC\n groups always have a co-factor present and this is used\n in side channel resistant code paths. However, in some\n cases, it is possible to construct a group using\n explicit parameters (instead of using a named curve).\n In those cases it is possible that such a group does\n not have the cofactor present. This can occur even\n where all the parameters match a known named curve. If\n such a curve is used then OpenSSL falls back to\n non-side channel resistant code paths which may result\n in full key recovery during an ECDSA signature\n operation. In order to be vulnerable an attacker would\n have to have the ability to time the creation of a\n large number of signatures where explicit parameters\n with no co-factor present are in use by an application\n using libcrypto. For the avoidance of doubt libssl is\n not vulnerable because explicit parameters are never\n used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).\n Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed\n in OpenSSL 1.0.2t (Affected\n 1.0.2-1.0.2s).(CVE-2019-1547)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1061\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?49af0d0a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected compat-openssl10 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:compat-openssl10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.5.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.5.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.5.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"compat-openssl10-1.0.2o-3.h8.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openssl10\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:58", "description": "According to the versions of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1563)\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1547)\n\n - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1552)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-03-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : openssl (EulerOS-SA-2020-1221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1552", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1221.NASL", "href": "https://www.tenable.com/plugins/nessus/134510", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134510);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : openssl (EulerOS-SA-2020-1221)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt. Fixed in OpenSSL 1.1.1d (Affected\n 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected\n 1.0.2-1.0.2s).(CVE-2019-1563)\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then OpenSSL\n falls back to non-side channel resistant code paths\n which may result in full key recovery during an ECDSA\n signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters\n are never used. Fixed in OpenSSL 1.1.1d (Affected\n 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected\n 1.0.2-1.0.2s).(CVE-2019-1547)\n\n - OpenSSL has internal defaults for a directory tree\n where it can find a configuration file as well as\n certificates used for verification in TLS. This\n directory is most commonly referred to as OPENSSLDIR,\n and is configurable with the --prefix / --openssldir\n configuration options. For OpenSSL versions 1.1.0 and\n 1.1.1, the mingw configuration targets assume that\n resulting programs and libraries are installed in a\n Unix-like environment and the default prefix for\n program installation as well as for OPENSSLDIR should\n be '/usr/local'. However, mingw programs are Windows\n programs, and as such, find themselves looking at\n sub-directories of 'C:/usr/local', which may be world\n writable, which enables untrusted users to modify\n OpenSSL's default configuration, insert CA\n certificates, modify (or even replace) existing engine\n modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is\n used as default for OPENSSLDIR on all Unix and Windows\n targets, including Visual C builds. However, some build\n instructions for the diverse Windows targets on 1.0.2\n encourage you to specify your own --prefix. OpenSSL\n versions 1.1.1, 1.1.0 and 1.0.2 are affected by this\n issue. Due to the limited scope of affected deployments\n this has been assessed as low severity and therefore we\n are not creating new releases at this time. Fixed in\n OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in\n OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in\n OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1552)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1221\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?276d23a3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h8\",\n \"openssl-devel-1.0.2k-16.h8\",\n \"openssl-libs-1.0.2k-16.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:55", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1840 advisory.\n\n - openssl: side-channel weak encryption vulnerability (CVE-2019-1547)\n\n - openssl: information disclosure in fork() (CVE-2019-1549)\n\n - openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : openssl (CESA-2020:1840)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-libs", "p-cpe:/a:centos:centos:openssl-perl"], "id": "CENTOS8_RHSA-2020-1840.NASL", "href": "https://www.tenable.com/plugins/nessus/145975", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1840. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145975);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1549\", \"CVE-2019-1563\");\n script_xref(name:\"RHSA\", value:\"2020:1840\");\n\n script_name(english:\"CentOS 8 : openssl (CESA-2020:1840)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:1840 advisory.\n\n - openssl: side-channel weak encryption vulnerability (CVE-2019-1547)\n\n - openssl: information disclosure in fork() (CVE-2019-1549)\n\n - openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1840\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1549\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'openssl-1.1.1c-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-1.1.1c-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-devel-1.1.1c-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-devel-1.1.1c-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-libs-1.1.1c-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-libs-1.1.1c-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-perl-1.1.1c-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openssl-perl-1.1.1c-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl / openssl-devel / openssl-libs / openssl-perl');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:05:06", "description": "In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).\nFixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1563)\n\nNormally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation.\nIn order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).\n(CVE-2019-1547)\n\nOpenSSL 1.1.1 introduced a rewritten random number generator (RNG).\nThis was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). (CVE-2019-1549)", "cvss3": {}, "published": "2020-07-20T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : openssl11 (ALAS-2020-1456)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2020-07-22T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl11", "p-cpe:/a:amazon:linux:openssl11-debuginfo", "p-cpe:/a:amazon:linux:openssl11-devel", "p-cpe:/a:amazon:linux:openssl11-libs", "p-cpe:/a:amazon:linux:openssl11-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1456.NASL", "href": "https://www.tenable.com/plugins/nessus/138622", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1456.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138622);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/22\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1549\", \"CVE-2019-1563\");\n script_xref(name:\"ALAS\", value:\"2020-1456\");\n\n script_name(english:\"Amazon Linux 2 : openssl11 (ALAS-2020-1456)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"In situations where an attacker receives automated notification of the\nsuccess or failure of a decryption attempt an attacker, after sending\na very large number of messages to be decrypted, can recover a\nCMS/PKCS7 transported encryption key or decrypt any RSA encrypted\nmessage that was encrypted with the public RSA key, using a\nBleichenbacher padding oracle attack. Applications are not affected if\nthey use a certificate together with the private RSA key to the\nCMS_decrypt or PKCS7_decrypt functions to select the correct recipient\ninfo to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).\nFixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL\n1.0.2t (Affected 1.0.2-1.0.2s). (CVE-2019-1563)\n\nNormally in OpenSSL EC groups always have a co-factor present and this\nis used in side channel resistant code paths. However, in some cases,\nit is possible to construct a group using explicit parameters (instead\nof using a named curve). In those cases it is possible that such a\ngroup does not have the cofactor present. This can occur even where\nall the parameters match a known named curve. If such a curve is used\nthen OpenSSL falls back to non-side channel resistant code paths which\nmay result in full key recovery during an ECDSA signature operation.\nIn order to be vulnerable an attacker would have to have the ability\nto time the creation of a large number of signatures where explicit\nparameters with no co-factor present are in use by an application\nusing libcrypto. For the avoidance of doubt libssl is not vulnerable\nbecause explicit parameters are never used. Fixed in OpenSSL 1.1.1d\n(Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).\n(CVE-2019-1547)\n\nOpenSSL 1.1.1 introduced a rewritten random number generator (RNG).\nThis was intended to include protection in the event of a fork()\nsystem call in order to ensure that the parent and child processes did\nnot share the same RNG state. However this protection was not being\nused in the default case. A partial mitigation for this issue is that\nthe output from a high precision timer is mixed into the RNG state so\nthe likelihood of a parent and child process sharing state is\nsignificantly reduced. If an application already calls\nOPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this\nproblem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected\n1.1.1-1.1.1c). (CVE-2019-1549)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1456.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update openssl11' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl11-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl11-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"openssl11-1.1.1c-15.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl11-debuginfo-1.1.1c-15.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl11-devel-1.1.1c-15.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl11-libs-1.1.1c-15.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"openssl11-static-1.1.1c-15.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl11 / openssl11-debuginfo / openssl11-devel / openssl11-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:32:10", "description": "According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1563)\n\n - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1552)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-04T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : openssl (EulerOS-SA-2019-2464)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1552", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2464.NASL", "href": "https://www.tenable.com/plugins/nessus/131617", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131617);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS 2.0 SP2 : openssl (EulerOS-SA-2019-2464)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then OpenSSL\n falls back to non-side channel resistant code paths\n which may result in full key recovery during an ECDSA\n signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters\n are never used. Fixed in OpenSSL 1.1.1d (Affected\n 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected\n 1.0.2-1.0.2s).(CVE-2019-1547)\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt. Fixed in OpenSSL 1.1.1d (Affected\n 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected\n 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected\n 1.0.2-1.0.2s).(CVE-2019-1563)\n\n - OpenSSL has internal defaults for a directory tree\n where it can find a configuration file as well as\n certificates used for verification in TLS. This\n directory is most commonly referred to as OPENSSLDIR,\n and is configurable with the --prefix / --openssldir\n configuration options. For OpenSSL versions 1.1.0 and\n 1.1.1, the mingw configuration targets assume that\n resulting programs and libraries are installed in a\n Unix-like environment and the default prefix for\n program installation as well as for OPENSSLDIR should\n be '/usr/local'. However, mingw programs are Windows\n programs, and as such, find themselves looking at\n sub-directories of 'C:/usr/local', which may be world\n writable, which enables untrusted users to modify\n OpenSSL's default configuration, insert CA\n certificates, modify (or even replace) existing engine\n modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is\n used as default for OPENSSLDIR on all Unix and Windows\n targets, including Visual C builds. However, some build\n instructions for the diverse Windows targets on 1.0.2\n encourage you to specify your own --prefix. OpenSSL\n versions 1.1.1, 1.1.0 and 1.0.2 are affected by this\n issue. Due to the limited scope of affected deployments\n this has been assessed as low severity and therefore we\n are not creating new releases at this time. Fixed in\n OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in\n OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in\n OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1552)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2464\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a8696a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h8\",\n \"openssl-devel-1.0.2k-16.h8\",\n \"openssl-libs-1.0.2k-16.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:48", "description": "According to the versions of the compat-openssl10 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. (CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\n\n - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time.(CVE-2019-1552)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : compat-openssl10 (EulerOS-SA-2019-2098)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1552", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:compat-openssl10", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2098.NASL", "href": "https://www.tenable.com/plugins/nessus/130807", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130807);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS 2.0 SP8 : compat-openssl10 (EulerOS-SA-2019-2098)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the compat-openssl10 package installed,\nthe EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then OpenSSL\n falls back to non-side channel resistant code paths\n which may result in full key recovery during an ECDSA\n signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters\n are never used. (CVE-2019-1547)\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt.(CVE-2019-1563)\n\n - OpenSSL has internal defaults for a directory tree\n where it can find a configuration file as well as\n certificates used for verification in TLS. This\n directory is most commonly referred to as OPENSSLDIR,\n and is configurable with the --prefix / --openssldir\n configuration options. For OpenSSL versions 1.1.0 and\n 1.1.1, the mingw configuration targets assume that\n resulting programs and libraries are installed in a\n Unix-like environment and the default prefix for\n program installation as well as for OPENSSLDIR should\n be '/usr/local'. However, mingw programs are Windows\n programs, and as such, find themselves looking at\n sub-directories of 'C:/usr/local', which may be world\n writable, which enables untrusted users to modify\n OpenSSL's default configuration, insert CA\n certificates, modify (or even replace) existing engine\n modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is\n used as default for OPENSSLDIR on all Unix and Windows\n targets, including Visual C builds. However, some build\n instructions for the diverse Windows targets on 1.0.2\n encourage you to specify your own --prefix. OpenSSL\n versions 1.1.1, 1.1.0 and 1.0.2 are affected by this\n issue. Due to the limited scope of affected deployments\n this has been assessed as low severity and therefore we\n are not creating new releases at this\n time.(CVE-2019-1552)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2098\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e311cb98\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected compat-openssl10 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:compat-openssl10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"compat-openssl10-1.0.2o-3.h6.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openssl10\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:10", "description": "According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.(CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\n\n - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix.\n (CVE-2019-1552)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-2216)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1552", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-devel", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2216.NASL", "href": "https://www.tenable.com/plugins/nessus/130678", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130678);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-2216)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then OpenSSL\n falls back to non-side channel resistant code paths\n which may result in full key recovery during an ECDSA\n signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters\n are never used.(CVE-2019-1547)\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt.(CVE-2019-1563)\n\n - OpenSSL has internal defaults for a directory tree\n where it can find a configuration file as well as\n certificates used for verification in TLS. This\n directory is most commonly referred to as OPENSSLDIR,\n and is configurable with the --prefix / --openssldir\n configuration options. For OpenSSL versions 1.1.0 and\n 1.1.1, the mingw configuration targets assume that\n resulting programs and libraries are installed in a\n Unix-like environment and the default prefix for\n program installation as well as for OPENSSLDIR should\n be '/usr/local'. However, mingw programs are Windows\n programs, and as such, find themselves looking at\n sub-directories of 'C:/usr/local', which may be world\n writable, which enables untrusted users to modify\n OpenSSL's default configuration, insert CA\n certificates, modify (or even replace) existing engine\n modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is\n used as default for OPENSSLDIR on all Unix and Windows\n targets, including Visual C builds. However, some build\n instructions for the diverse Windows targets on 1.0.2\n encourage you to specify your own --prefix.\n (CVE-2019-1552)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2216\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?68eaefae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.0.2k-16.h8.eulerosv2r7\",\n \"openssl-devel-1.0.2k-16.h8.eulerosv2r7\",\n \"openssl-libs-1.0.2k-16.h8.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:01", "description": "According to the versions of the openssl110h packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).(CVE-2018-0734)\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.(CVE-2019-1547)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-2218)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0734", "CVE-2019-1547", "CVE-2019-1563"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl110h", "p-cpe:/a:huawei:euleros:openssl110h-devel", "p-cpe:/a:huawei:euleros:openssl110h-libs", "p-cpe:/a:huawei:euleros:openssl110h-static", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2218.NASL", "href": "https://www.tenable.com/plugins/nessus/130680", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130680);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_name(english:\"EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-2218)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl110h packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The OpenSSL DSA signature algorithm has been shown to\n be vulnerable to a timing side channel attack. An\n attacker could use variations in the signing algorithm\n to recover the private key. Fixed in OpenSSL 1.1.1a\n (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected\n 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected\n 1.0.2-1.0.2p).(CVE-2018-0734)\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then OpenSSL\n falls back to non-side channel resistant code paths\n which may result in full key recovery during an ECDSA\n signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters\n are never used.(CVE-2019-1547)\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt.(CVE-2019-1563)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2218\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df17cae3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl110h packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-0734\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110h\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110h-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110h-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl110h-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl110h-1.1.0h-3.h11.eulerosv2r7\",\n \"openssl110h-devel-1.1.0h-3.h11.eulerosv2r7\",\n \"openssl110h-libs-1.1.0h-3.h11.eulerosv2r7\",\n \"openssl110h-static-1.1.0h-3.h11.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl110h\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:16", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. (CVE-2019-1547)\n\n - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options.\n For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix.\n OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time.\n (CVE-2019-1552)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. (CVE-2019-1563)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-23T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1552", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_2T.NASL", "href": "https://www.tenable.com/plugins/nessus/128115", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128115);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n script_xref(name:\"IAVA\", value:\"2019-A-0303-S\");\n\n script_name(english:\"OpenSSL 1.0.2 < 1.0.2t Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior\nto tested version. It is, therefore, affected by multiple\nvulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then\n OpenSSL falls back to non-side channel resistant code\n paths which may result in full key recovery during an\n ECDSA signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters are\n never used. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are\n affected by this issue. (CVE-2019-1547)\n\n - OpenSSL has internal defaults for a directory tree where\n it can find a configuration file as well as certificates\n used for verification in TLS. This directory is most\n commonly referred to as OPENSSLDIR, and is configurable\n with the --prefix / --openssldir configuration options.\n For OpenSSL versions 1.1.0 and 1.1.1, the mingw\n configuration targets assume that resulting programs and\n libraries are installed in a Unix-like environment and\n the default prefix for program installation as well as\n for OPENSSLDIR should be '/usr/local'. However, mingw\n programs are Windows programs, and as such, find\n themselves looking at sub-directories of 'C:/usr/local',\n which may be world writable, which enables untrusted\n users to modify OpenSSL's default configuration, insert\n CA certificates, modify (or even replace) existing\n engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl'\n is used as default for OPENSSLDIR on all Unix and\n Windows targets, including Visual C builds. However,\n some build instructions for the diverse Windows targets\n on 1.0.2 encourage you to specify your own --prefix.\n OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by\n this issue. Due to the limited scope of affected\n deployments this has been assessed as low severity and\n therefore we are not creating new releases at this time.\n (CVE-2019-1552)\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt. (CVE-2019-1563)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://github.com/openssl/openssl/commit/d333ebaf9c77332754a9d5e111e2f53e1de54fdd\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?27ebc9b1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20190910.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20190730.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL version 1.0.2t or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:\"1.0.2t\", min:\"1.0.2\", severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:24:40", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1840 advisory.\n\n - openssl: side-channel weak encryption vulnerability (CVE-2019-1547)\n\n - openssl: information disclosure in fork() (CVE-2019-1549)\n\n - openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-18T00:00:00", "type": "nessus", "title": "RHEL 8 : openssl (RHSA-2020:1840)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl-devel", "p-cpe:/a:redhat:enterprise_linux:openssl-libs", "p-cpe:/a:redhat:enterprise_linux:openssl-perl"], "id": "REDHAT-RHSA-2020-1840.NASL", "href": "https://www.tenable.com/plugins/nessus/143010", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1840. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143010);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1549\", \"CVE-2019-1563\");\n script_xref(name:\"IAVA\", value:\"2019-A-0303-S\");\n script_xref(name:\"RHSA\", value:\"2020:1840\");\n\n script_name(english:\"RHEL 8 : openssl (RHSA-2020:1840)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1840 advisory.\n\n - openssl: side-channel weak encryption vulnerability (CVE-2019-1547)\n\n - openssl: information disclosure in fork() (CVE-2019-1549)\n\n - openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1547\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1752090\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1752095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1752100\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1549\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 602);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'openssl-1.1.1c-15.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-devel-1.1.1c-15.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-libs-1.1.1c-15.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-perl-1.1.1c-15.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'openssl-1.1.1c-15.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-devel-1.1.1c-15.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-libs-1.1.1c-15.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-perl-1.1.1c-15.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'openssl-1.1.1c-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-devel-1.1.1c-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-libs-1.1.1c-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-perl-1.1.1c-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'openssl-1.1.1c-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-devel-1.1.1c-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-libs-1.1.1c-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'openssl-perl-1.1.1c-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl / openssl-devel / openssl-libs / openssl-perl');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:10", "description": "Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode() and CMS_decrypt_set1_pkey() and it was discovered that a feature of the random number generator (RNG) intended to protect against shared RNG state between parent and child processes in the event of a fork() syscall was not used by default.", "cvss3": {}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "Debian DSA-4539-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4539.NASL", "href": "https://www.tenable.com/plugins/nessus/129506", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4539. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129506);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1549\", \"CVE-2019-1563\");\n script_xref(name:\"DSA\", value:\"4539\");\n\n script_name(english:\"Debian DSA-4539-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Three security issues were discovered in OpenSSL: A timing attack\nagainst ECDSA, a padding oracle in PKCS7_dataDecode() and\nCMS_decrypt_set1_pkey() and it was discovered that a feature of the\nrandom number generator (RNG) intended to protect against shared RNG\nstate between parent and child processes in the event of a fork()\nsyscall was not used by default.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4539\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 1.1.0l-1~deb9u1.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1.1.1d-0+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libcrypto1.1-udeb\", reference:\"1.1.1d-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl-dev\", reference:\"1.1.1d-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl-doc\", reference:\"1.1.1d-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl1.1\", reference:\"1.1.1d-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl1.1-udeb\", reference:\"1.1.1d-0+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"openssl\", reference:\"1.1.1d-0+deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcrypto1.1-udeb\", reference:\"1.1.0l-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl-dev\", reference:\"1.1.0l-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl-doc\", reference:\"1.1.0l-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.1\", reference:\"1.1.0l-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.1-udeb\", reference:\"1.1.0l-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openssl\", reference:\"1.1.0l-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:56", "description": "Minor update release 1.1.1d with low impact security fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-25T00:00:00", "type": "nessus", "title": "Fedora 30 : 1:openssl (2019-d15aac6c4e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-12-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:openssl", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-D15AAC6C4E.NASL", "href": "https://www.tenable.com/plugins/nessus/129327", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-d15aac6c4e.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129327);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/24\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1549\", \"CVE-2019-1563\");\n script_xref(name:\"FEDORA\", value:\"2019-d15aac6c4e\");\n\n script_name(english:\"Fedora 30 : 1:openssl (2019-d15aac6c4e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor update release 1.1.1d with low impact security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-d15aac6c4e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"openssl-1.1.1d-1.fc30\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:53", "description": "Minor update release 1.1.1d with low impact security fixes.\n\n----\n\nFix for TLS non-compliance causing server interoperability problems with golang TLS client.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "Fedora 29 : 1:openssl (2019-d51641f152)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:openssl", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-D51641F152.NASL", "href": "https://www.tenable.com/plugins/nessus/129513", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-d51641f152.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129513);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1549\", \"CVE-2019-1563\");\n script_xref(name:\"FEDORA\", value:\"2019-d51641f152\");\n\n script_name(english:\"Fedora 29 : 1:openssl (2019-d51641f152)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor update release 1.1.1d with low impact security fixes.\n\n----\n\nFix for TLS non-compliance causing server interoperability problems\nwith golang TLS client.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-d51641f152\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"openssl-1.1.1d-1.fc29\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:16", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by the following vulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present.\n This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. (CVE-2019-1547)\n\n - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options.\n For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix.\n OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time.\n (CVE-2019-1552)\n\n - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. (CVE-2019-1563)\n\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-23T00:00:00", "type": "nessus", "title": "OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1552", "CVE-2019-1563"], "modified": "2022-05-19T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_1_0L.NASL", "href": "https://www.tenable.com/plugins/nessus/128117", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128117);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n script_xref(name:\"IAVA\", value:\"2019-A-0303-S\");\n\n script_name(english:\"OpenSSL 1.1.0 < 1.1.0l Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior\nto tested version. It is, therefore, affected by the following\nvulnerabilities :\n\n - Normally in OpenSSL EC groups always have a co-factor\n present and this is used in side channel resistant code\n paths. However, in some cases, it is possible to\n construct a group using explicit parameters (instead of\n using a named curve). In those cases it is possible\n that such a group does not have the cofactor present.\n This can occur even where all the parameters match a\n known named curve. If such a curve is used then\n OpenSSL falls back to non-side channel resistant code\n paths which may result in full key recovery during an\n ECDSA signature operation. In order to be vulnerable an\n attacker would have to have the ability to time the\n creation of a large number of signatures where explicit\n parameters with no co-factor present are in use by an\n application using libcrypto. For the avoidance of doubt\n libssl is not vulnerable because explicit parameters are\n never used. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are\n affected by this issue. (CVE-2019-1547)\n\n - OpenSSL has internal defaults for a directory tree where\n it can find a configuration file as well as certificates\n used for verification in TLS. This directory is most\n commonly referred to as OPENSSLDIR, and is configurable\n with the --prefix / --openssldir configuration options.\n For OpenSSL versions 1.1.0 and 1.1.1, the mingw\n configuration targets assume that resulting programs and\n libraries are installed in a Unix-like environment and\n the default prefix for program installation as well as\n for OPENSSLDIR should be '/usr/local'. However, mingw\n programs are Windows programs, and as such, find\n themselves looking at sub-directories of 'C:/usr/local',\n which may be world writable, which enables untrusted\n users to modify OpenSSL's default configuration, insert\n CA certificates, modify (or even replace) existing\n engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl'\n is used as default for OPENSSLDIR on all Unix and\n Windows targets, including Visual C builds. However,\n some build instructions for the diverse Windows targets\n on 1.0.2 encourage you to specify your own --prefix.\n OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by\n this issue. Due to the limited scope of affected\n deployments this has been assessed as low severity and\n therefore we are not creating new releases at this time.\n (CVE-2019-1552)\n\n - In situations where an attacker receives automated\n notification of the success or failure of a decryption\n attempt an attacker, after sending a very large number\n of messages to be decrypted, can recover a CMS/PKCS7\n transported encryption key or decrypt any RSA encrypted\n message that was encrypted with the public RSA key,\n using a Bleichenbacher padding oracle attack.\n Applications are not affected if they use a certificate\n together with the private RSA key to the CMS_decrypt or\n PKCS7_decrypt functions to select the correct recipient\n info to decrypt. (CVE-2019-1563)\n\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://github.com/openssl/openssl/commit/b15a19c148384e73338aa7c5b12652138e35ed28\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?98eccc7c\");\n # https://github.com/openssl/openssl/commit/e32bc855a81a2d48d215c506bdeb4f598045f7e9\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?39d1f723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20190730.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20190910.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL version 1.1.0l or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1563\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-1547\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:\"1.1.0l\", min:\"1.1.0\", severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:56", "description": "Minor update release 1.1.1d with low impact security fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:openssl (2019-9ab7ee6309)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-12-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:openssl", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-9AB7EE6309.NASL", "href": "https://www.tenable.com/plugins/nessus/129635", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-9ab7ee6309.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129635);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/20\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1549\", \"CVE-2019-1563\");\n script_xref(name:\"FEDORA\", value:\"2019-9ab7ee6309\");\n\n script_name(english:\"Fedora 31 : 1:openssl (2019-9ab7ee6309)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor update release 1.1.1d with low impact security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-9ab7ee6309\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"openssl-1.1.1d-1.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:07", "description": "According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the `echo -e` built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process.(CVE-2012-6711)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : bash (EulerOS-SA-2019-1911)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:2.0", "p-cpe:/a:huawei:euleros:bash"], "id": "EULEROS_SA-2019-1911.NASL", "href": "https://www.tenable.com/plugins/nessus/128834", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128834);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2012-6711\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : bash (EulerOS-SA-2019-1911)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the bash package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A heap-based buffer overflow was discovered in bash\n when wide characters, not supported by the current\n locale set in LC_CTYPE environment variable, are\n printed through the echo built-in function. A local\n attacker, who can provide data to print through the\n `echo -e` built-in function, may use this flaw to crash\n a script or execute code with the privileges of the\n bash process.(CVE-2012-6711)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1911\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?36c57f2e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bash-4.2.46-30.h8.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:32", "description": "An update of the bash package has been released.", "cvss3": {}, "published": "2019-10-11T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Bash PHSA-2019-1.0-0252", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:bash", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0252_BASH.NASL", "href": "https://www.tenable.com/plugins/nessus/129783", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0252. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129783);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2012-6711\");\n\n script_name(english:\"Photon OS 1.0: Bash PHSA-2019-1.0-0252\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the bash package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-252.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-6711\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"bash-4.3.48-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"bash-debuginfo-4.3.48-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"bash-lang-4.3.48-4.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:50", "description": "This update for bash fixes the following issues :\n\nCVE-2012-6711: Fixed a heap-based buffer overflow during echo of unsupported characters (bsc#1138676).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-15T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : bash (SUSE-SU-2019:2976-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bash", "p-cpe:/a:novell:suse_linux:bash-debuginfo", "p-cpe:/a:novell:suse_linux:bash-debugsource", "p-cpe:/a:novell:suse_linux:libreadline6", "p-cpe:/a:novell:suse_linux:libreadline6-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2976-1.NASL", "href": "https://www.tenable.com/plugins/nessus/131071", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2976-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131071);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2012-6711\");\n\n script_name(english:\"SUSE SLES12 Security Update : bash (SUSE-SU-2019:2976-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for bash fixes the following issues :\n\nCVE-2012-6711: Fixed a heap-based buffer overflow during echo of\nunsupported characters (bsc#1138676).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-6711/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192976-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1fba2497\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-2976=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-2976=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bash-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bash-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreadline6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreadline6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bash-4.2-83.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bash-debuginfo-4.2-83.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"bash-debugsource-4.2-83.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libreadline6-32bit-6.2-83.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libreadline6-6.2-83.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libreadline6-debuginfo-32bit-6.2-83.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libreadline6-debuginfo-6.2-83.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:37", "description": "A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function.\nA local attacker, who can provide data to print through the 'echo -e' built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv(). (CVE-2012-6711)\n\nImpact\n\nA local attacker can perform a buffer-overflow attack, which can lead to data corruption, allow the malicious code to be run, or cause the program to terminate.", "cvss3": {}, "published": "2022-04-11T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Bash vulnerability (K05122252)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2022-04-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting"], "id": "F5_BIGIP_SOL05122252.NASL", "href": "https://www.tenable.com/plugins/nessus/159629", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K05122252.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(159629);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/28\");\n\n script_cve_id(\"CVE-2012-6711\");\n\n script_name(english:\"F5 Networks BIG-IP : Bash vulnerability (K05122252)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A heap-based buffer overflow exists in GNU Bash before 4.3 when wide\ncharacters, not supported by the current locale set in the LC_CTYPE\nenvironment variable, are printed through the echo built-in function.\nA local attacker, who can provide data to print through the 'echo -e'\nbuilt-in function, may use this flaw to crash a script or execute code\nwith the privileges of the bash process. This occurs because\nansicstr() in lib/sh/strtrans.c mishandles u32cconv(). (CVE-2012-6711)\n\nImpact\n\nA local attacker can perform a buffer-overflow attack, which can lead\nto data corruption, allow the malicious code to be run, or cause the\nprogram to terminate.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K05122252\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K05122252.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-6711\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K05122252\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"16.0.0-16.1.2\",\"15.0.0-15.1.5\",\"14.1.0-14.1.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"17.0.0\",\"16.1.2.2\",\"15.1.5.1\",\"14.1.4.6\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:25", "description": "According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the 'echo -e' built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().(CVE-2012-6711)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-04-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : bash (EulerOS-SA-2021-1765)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2021-05-04T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bash", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-1765.NASL", "href": "https://www.tenable.com/plugins/nessus/149116", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149116);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/04\");\n\n script_cve_id(\n \"CVE-2012-6711\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : bash (EulerOS-SA-2021-1765)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the bash package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A heap-based buffer overflow exists in GNU Bash before\n 4.3 when wide characters, not supported by the current\n locale set in the LC_CTYPE environment variable, are\n printed through the echo built-in function. A local\n attacker, who can provide data to print through the\n 'echo -e' built-in function, may use this flaw to crash\n a script or execute code with the privileges of the\n bash process. This occurs because ansicstr() in\n lib/sh/strtrans.c mishandles u32cconv().(CVE-2012-6711)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1765\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?692d9384\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bash-4.2.46-28.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:02:35", "description": "According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the 'echo -e' built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().(CVE-2012-6711)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : bash (EulerOS-SA-2020-1638)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bash", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1638.NASL", "href": "https://www.tenable.com/plugins/nessus/137480", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137480);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2012-6711\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : bash (EulerOS-SA-2020-1638)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the bash package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A heap-based buffer overflow exists in GNU Bash before\n 4.3 when wide characters, not supported by the current\n locale set in the LC_CTYPE environment variable, are\n printed through the echo built-in function. A local\n attacker, who can provide data to print through the\n 'echo -e' built-in function, may use this flaw to crash\n a script or execute code with the privileges of the\n bash process. This occurs because ansicstr() in\n lib/sh/strtrans.c mishandles u32cconv().(CVE-2012-6711)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1638\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7b485665\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"bash-4.2.46-28.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:50", "description": "According to the version of the bash package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :\n\n - A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the `echo -e` built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process.(CVE-2012-6711)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-17T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : bash (EulerOS-SA-2019-1942)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.0", "p-cpe:/a:huawei:euleros:bash"], "id": "EULEROS_SA-2019-1942.NASL", "href": "https://www.tenable.com/plugins/nessus/128945", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128945);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2012-6711\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : bash (EulerOS-SA-2019-1942)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the bash package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerability :\n\n - A heap-based buffer overflow was discovered in bash\n when wide characters, not supported by the current\n locale set in LC_CTYPE environment variable, are\n printed through the echo built-in function. A local\n attacker, who can provide data to print through the\n `echo -e` built-in function, may use this flaw to crash\n a script or execute code with the privileges of the\n bash process.(CVE-2012-6711)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1942\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?69c4d82b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"bash-4.2.46-30.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:09", "description": "An update of the bash package has been released.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Bash PHSA-2019-1.0-0255", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:bash", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0255_BASH.NASL", "href": "https://www.tenable.com/plugins/nessus/129681", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0255. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129681);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2012-6711\");\n\n script_name(english:\"Photon OS 1.0: Bash PHSA-2019-1.0-0255\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the bash package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-255.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-6711\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"bash-4.3.48-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"bash-debuginfo-4.3.48-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"bash-lang-4.3.48-4.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:10", "description": "An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nSecurity Fix(es) :\n\n* kubernetes: YAML parsing vulnerable to 'Billion Laughs' attack, allowing for remote denial of service (CVE-2019-11253)\n\n* kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal (CVE-2019-11249)\n\n* kube-apiserver: DoS with crafted patch of type json-patch (CVE-2019-1002100)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "RHEL 7 : OpenShift Container Platform 3.10 atomic-openshift (RHSA-2019:3239)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1002100", "CVE-2019-1002101", "CVE-2019-11246", "CVE-2019-11249", "CVE-2019-11253"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:atomic-openshift", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hyperkube", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hypershift", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-template-service-broker", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3239.NASL", "href": "https://www.tenable.com/plugins/nessus/130384", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3239. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130384);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-1002100\", \"CVE-2019-11249\", \"CVE-2019-11253\");\n script_xref(name:\"RHSA\", value:\"2019:3239\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.10 atomic-openshift (RHSA-2019:3239)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for atomic-openshift is now available for Red Hat OpenShift\nContainer Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nSecurity Fix(es) :\n\n* kubernetes: YAML parsing vulnerable to 'Billion Laughs' attack,\nallowing for remote denial of service (CVE-2019-11253)\n\n* kubernetes: Incomplete fixes for CVE-2019-1002101 and\nCVE-2019-11246, kubectl cp potential directory traversal\n(CVE-2019-11249)\n\n* kube-apiserver: DoS with crafted patch of type json-patch\n(CVE-2019-1002100)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1002100\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11249\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hyperkube\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hypershift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-template-service-broker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3239\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"atomic-openshift-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-redistributable-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-redistributable-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-docker-excluder-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-docker-excluder-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-excluder-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-excluder-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-hyperkube-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-hyperkube-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-hypershift-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-hypershift-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-master-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-master-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-pod-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-pod-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-sdn-ovs-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-sdn-ovs-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-template-service-broker-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-template-service-broker-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-tests-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-tests-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-openshift / atomic-openshift-clients / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:03", "description": "An update for openshift is now available for Red Hat OpenShift Container Platform 4.1.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nSecurity Fix(es) :\n\n* kubernetes: API server allows access to cluster-scoped custom resources as if resources were namespaced (CVE-2019-11247)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "RHEL 7 / 8 : OpenShift Container Platform 4.1.11 openshift (RHSA-2019:2504)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11247"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openshift-clients", "p-cpe:/a:redhat:enterprise_linux:openshift-clients-redistributable", "p-cpe:/a:redhat:enterprise_linux:openshift-hyperkube", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-2504.NASL", "href": "https://www.tenable.com/plugins/nessus/127990", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2504. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127990);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-11247\");\n script_xref(name:\"RHSA\", value:\"2019:2504\");\n\n script_name(english:\"RHEL 7 / 8 : OpenShift Container Platform 4.1.11 openshift (RHSA-2019:2504)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for openshift is now available for Red Hat OpenShift\nContainer Platform 4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nSecurity Fix(es) :\n\n* kubernetes: API server allows access to cluster-scoped custom\nresources as if resources were namespaced (CVE-2019-11247)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11247\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected openshift-clients,\nopenshift-clients-redistributable and / or openshift-hyperkube\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-hyperkube\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x / 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2504\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-clients-4.1.10-201908060758.git.0.d81afa6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-clients-redistributable-4.1.10-201908060758.git.0.d81afa6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-hyperkube-4.1.10-201908060758.git.0.d81afa6.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-clients-4.1.10-201908060758.git.0.d81afa6.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-clients-redistributable-4.1.10-201908060758.git.0.d81afa6.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-hyperkube-4.1.10-201908060758.git.0.d81afa6.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openshift-clients / openshift-clients-redistributable / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:59", "description": "The version of Kubernetes installed on the remote host is a version prior to 1.12.9, or 1.13.x prior to 1.13.6, or 1.14.x prior to 1.14.2. It is, therefore, affected by a directory traversal vulnerability in the kubectl cp command due to mishandling of symlinks when copying files from a running container. An unauthenticated, remote attacker can exploit this, by convincing a user to use kubectl cp with a malicious container to overwrite arbitrary files on the remote host.", "cvss3": {}, "published": "2019-07-04T00:00:00", "type": "nessus", "title": "Kubernetes 1.12.x < 1.12.9 / 1.13.x < 1.13.6 / 1.14.x < 1.14.2 kubectl directory traversal", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11246"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:kubernetes:kubernetes", "cpe:/a:google:kubernetes"], "id": "KUBERNETES_1_14_2_DIRECTORY_TRAVERSAL.NASL", "href": "https://www.tenable.com/plugins/nessus/126468", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126468);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2019-11246\");\n script_bugtraq_id(108866);\n\n script_name(english:\"Kubernetes 1.12.x < 1.12.9 / 1.13.x < 1.13.6 / 1.14.x < 1.14.2 kubectl directory traversal\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application affected by a directory traversal vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Kubernetes installed on the remote host is a version prior to 1.12.9, or 1.13.x prior to 1.13.6, or\n1.14.x prior to 1.14.2. It is, therefore, affected by a directory traversal vulnerability in the kubectl cp command due\nto mishandling of symlinks when copying files from a running container. An unauthenticated, remote attacker can exploit\nthis, by convincing a user to use kubectl cp with a malicious container to overwrite arbitrary files on the remote host.\");\n # https://cloud.google.com/kubernetes-engine/docs/security-bulletins#june-25-2019\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?77d7634b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Kubernetes 1.12.9, 1.13.6, 1.14.2 or later, please refer to the vendor advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11246\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:kubernetes:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:kubernetes\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kube_detect.nbin\");\n script_require_keys(\"installed_sw/Kubernetes\");\n script_require_ports(\"Services/ssh\", 22);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('global_settings.inc');\n\napp_name = 'Kubernetes';\napp_info = vcf::get_app_info(app:app_name);\n\nvcf::check_all_backporting(app_info:app_info);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'min_version' : '1.12.0', 'fixed_version' : '1.12.9' },\n { 'min_version' : '1.13.0', 'fixed_version' : '1.13.6' },\n { 'min_version' : '1.14.0', 'fixed_version' : '1.14.2' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "fedora": [{"lastseen": "2021-07-28T18:41:38", "description": "Container cluster management ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 4.2}, "published": "2019-08-26T00:53:13", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: kubernetes-1.15.2-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1002101", "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249", "CVE-2019-11250"], "modified": "2019-08-26T00:53:13", "id": "FEDORA:AB57A605B47C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-09-25T01:09:01", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: openssl-1.1.1d-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-09-25T01:09:01", "id": "FEDORA:E5CE8640A272", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-10-02T01:41:39", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: openssl-1.1.1d-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-10-02T01:41:39", "id": "FEDORA:A3E68610D7CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-09-21T00:04:27", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: openssl-1.1.1d-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-09-21T00:04:27", "id": "FEDORA:DDF27606E7CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O3J7YOHCAH4WTCHQOCXWGZZUYVH22S6P/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2019-09-09T14:46:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for kubernetes FEDORA-2019-2b8ef08c95", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11249", "CVE-2019-11247", "CVE-2019-11246", "CVE-2019-11250", "CVE-2019-1002101", "CVE-2019-11248"], "modified": "2019-09-09T00:00:00", "id": "OPENVAS:1361412562310876720", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876720", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876720\");\n script_version(\"2019-09-09T06:54:37+0000\");\n script_cve_id(\"CVE-2019-11250\", \"CVE-2019-1002101\", \"CVE-2019-11248\", \"CVE-2019-11249\", \"CVE-2019-11246\", \"CVE-2019-11247\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-09-09 06:54:37 +0000 (Mon, 09 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-27 02:32:41 +0000 (Tue, 27 Aug 2019)\");\n script_name(\"Fedora Update for kubernetes FEDORA-2019-2b8ef08c95\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-2b8ef08c95\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kubernetes'\n package(s) announced via the FEDORA-2019-2b8ef08c95 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Container cluster management\");\n\n script_tag(name:\"affected\", value:\"'kubernetes' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes\", rpm:\"kubernetes~1.15.2~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:29:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-26T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for openssl (DLA-1932-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891932", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891932", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891932\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-26 02:00:39 +0000 (Thu, 26 Sep 2019)\");\n script_name(\"Debian LTS: Security Advisory for openssl (DLA-1932-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1932-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the DLA-1932-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Two security vulnerabilities were found in OpenSSL, the Secure Sockets\nLayer toolkit.\n\nCVE-2019-1547\n\nNormally in OpenSSL EC groups always have a co-factor present and\nthis is used in side channel resistant code paths. However, in some\ncases, it is possible to construct a group using explicit parameters\n(instead of using a named curve). In those cases it is possible that\nsuch a group does not have the cofactor present. This can occur even\nwhere all the parameters match a known named curve. If such a curve\nis used then OpenSSL falls back to non-side channel resistant code\npaths which may result in full key recovery during an ECDSA\nsignature operation. In order to be vulnerable an attacker\nwould have to have the ability to time the creation of a large\nnumber of signatures where explicit parameters with no co-factor\npresent are in use by an application using libcrypto. For the\navoidance of doubt libssl is not vulnerable because explicit\nparameters are never used.\n\nCVE-2019-1563\n\nIn situations where an attacker receives automated notification of\nthe success or failure of a decryption attempt an attacker, after\nsending a very large number of messages to be decrypted, can recover\na CMS/PKCS7 transported encryption key or decrypt any RSA encrypted\nmessage that was encrypted with the public RSA key, using a\nBleichenbacher padding oracle attack. Applications are not affected\nif they use a certificate together with the private RSA key to the\nCMS_decrypt or PKCS7_decrypt functions to select the correct\nrecipient info to decrypt.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.0.1t-1+deb8u12.\n\nWe recommend that you upgrade your openssl packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.0.1t-1+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.0.1t-1+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1t-1+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.0-dbg\", ver:\"1.0.1t-1+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openssl\", ver:\"1.0.1t-1+deb8u12\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-23T14:56:33", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-19T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2020-1274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2020-03-19T00:00:00", "id": "OPENVAS:1361412562311220201274", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201274", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1274\");\n script_version(\"2020-03-19T13:43:24+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-19 13:43:24 +0000 (Thu, 19 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-19 13:43:24 +0000 (Thu, 19 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2020-1274)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1274\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1274\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2020-1274 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1563)\n\nNormally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1547)\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T16:29:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2019:2158-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852927", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852927", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852927\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:46:12 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2019:2158-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2158-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl-1_1'\n package(s) announced via the openSUSE-SU-2019:2158-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl-1_1 fixes the following issues:\n\n OpenSSL Security Advisory [10 September 2019]\n\n * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack\n avoidance. (bsc#1150003)\n\n * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption\n transported key (bsc#1150250)\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2158=1\");\n\n script_tag(name:\"affected\", value:\"'openssl-1_1' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_1-devel\", rpm:\"libopenssl-1_1-devel~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1\", rpm:\"libopenssl1_1~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-debuginfo\", rpm:\"libopenssl1_1-debuginfo~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-hmac\", rpm:\"libopenssl1_1-hmac~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1\", rpm:\"openssl-1_1~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-debuginfo\", rpm:\"openssl-1_1-debuginfo~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-debugsource\", rpm:\"openssl-1_1-debugsource~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_1-devel-32bit\", rpm:\"libopenssl-1_1-devel-32bit~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-32bit\", rpm:\"libopenssl1_1-32bit~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-32bit-debuginfo\", rpm:\"libopenssl1_1-32bit-debuginfo~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-hmac-32bit\", rpm:\"libopenssl1_1-hmac-32bit~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-doc\", rpm:\"openssl-1_1-doc~1.1.0i~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T16:48:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2019:2189-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852713", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852713", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852713\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-26 02:01:30 +0000 (Thu, 26 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for openssl-1_1 (openSUSE-SU-2019:2189-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2189-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl-1_1'\n package(s) announced via the openSUSE-SU-2019:2189-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl-1_1 fixes the following issues:\n\n OpenSSL Security Advisory [10 September 2019]\n\n * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack\n avoidance. (bsc#1150003)\n\n * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption\n transported key (bsc#1150250)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2189=1\");\n\n script_tag(name:\"affected\", value:\"'openssl-1_1' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_1-devel\", rpm:\"libopenssl-1_1-devel~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1\", rpm:\"libopenssl1_1~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-debuginfo\", rpm:\"libopenssl1_1-debuginfo~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-hmac\", rpm:\"libopenssl1_1-hmac~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1\", rpm:\"openssl-1_1~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-debuginfo\", rpm:\"openssl-1_1-debuginfo~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-debugsource\", rpm:\"openssl-1_1-debugsource~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_1-doc\", rpm:\"openssl-1_1-doc~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_1-devel-32bit\", rpm:\"libopenssl-1_1-devel-32bit~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-32bit\", rpm:\"libopenssl1_1-32bit~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-32bit-debuginfo\", rpm:\"libopenssl1_1-32bit-debuginfo~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_1-hmac-32bit\", rpm:\"libopenssl1_1-hmac-32bit~1.1.0i~lp150.3.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:35:52", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-2264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192264", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192264", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2264\");\n script_version(\"2020-01-23T12:43:15+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:43:15 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:43:15 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-2264)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2264\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2264\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2019-2264 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.(CVE-2019-1547)\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-10-07T14:46:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4540-1 (openssl1.0 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2019-10-03T00:00:00", "id": "OPENVAS:1361412562310704540", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704540", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704540\");\n script_version(\"2019-10-03T02:00:05+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-10-03 02:00:05 +0000 (Thu, 03 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-03 02:00:05 +0000 (Thu, 03 Oct 2019)\");\n script_name(\"Debian Security Advisory DSA 4540-1 (openssl1.0 - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4540.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4540-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl1.0'\n package(s) announced via the DSA-4540-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Two security issues were discovered in OpenSSL: A timing attack against\nECDSA and a padding oracle in PKCS7_dataDecode() and\nCMS_decrypt_set1_pkey().\");\n\n script_tag(name:\"affected\", value:\"'openssl1.0' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 1.0.2t-1~deb9u1.\n\nWe recommend that you upgrade your openssl1.0 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0-dev\", ver:\"1.0.2t-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.2\", ver:\"1.0.2t-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:39:17", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl1.1.0f (EulerOS-SA-2019-2254)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192254", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2254\");\n script_version(\"2020-01-23T12:43:01+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:43:01 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:43:01 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl1.1.0f (EulerOS-SA-2019-2254)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2254\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2254\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl1.1.0f' package(s) announced via the EulerOS-SA-2019-2254 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.(CVE-2019-1547)\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\");\n\n script_tag(name:\"affected\", value:\"'openssl1.1.0f' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl110f\", rpm:\"openssl110f~1.1.0f~5.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl110f-devel\", rpm:\"openssl110f-devel~1.1.0f~5.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl110f-libs\", rpm:\"openssl110f-libs~1.1.0f~5.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl110f-static\", rpm:\"openssl110f-static~1.1.0f~5.h9\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-09-17T14:26:14", "description": "OpenSSL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-09-16T00:00:00", "type": "openvas", "title": "OpenSSL 1.0.2, 1.1.0, 1.1.1 Multiple Vulnerabilities - Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2019-09-16T00:00:00", "id": "OPENVAS:1361412562310142887", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142887", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142887\");\n script_version(\"2019-09-16T07:30:49+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-16 07:30:49 +0000 (Mon, 16 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-16 06:44:14 +0000 (Mon, 16 Sep 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"OpenSSL 1.0.2, 1.1.0, 1.1.1 Multiple Vulnerabilities - Linux\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"OpenSSL is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL is prone to multiple vulnerabilities:\n\n - ECDSA remote timing attack (CVE-2019-1547)\n\n - Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions 1.0.2 - 1.0.2s, 1.1.0 - 1.1.0k and 1.1.1 - 1.1.1c.\");\n\n script_tag(name:\"solution\", value:\"Update to version 1.0.2t, 1.1.0l, 1.1.1d or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20190910.txt\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_in_range(version: version, test_version: \"1.0.2\", test_version2: \"1.0.2s\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"1.0.2t\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"1.1.0\", test_version2: \"1.1.0k\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"1.1.0l\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"1.1.1\", test_version2: \"1.1.1c\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"1.1.1d\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T16:28:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl-1_0_0 (openSUSE-SU-2019:2269-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852886", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852886", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852886\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:41:24 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for openssl-1_0_0 (openSUSE-SU-2019:2269-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2269-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl-1_0_0'\n package(s) announced via the openSUSE-SU-2019:2269-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl-1_0_0 fixes the following issues:\n\n OpenSSL Security Advisory [10 September 2019]\n\n * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack\n avoidance. (bsc#1150003)\n\n * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption\n transported key (bsc#1150250)\n\n In addition fixed invalid curve attacks by validating that an EC point\n lies on the curve (bsc#1131291).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2269=1\");\n\n script_tag(name:\"affected\", value:\"'openssl-1_0_0' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_0_0-devel\", rpm:\"libopenssl-1_0_0-devel~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-steam\", rpm:\"libopenssl1_0_0-steam~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-steam-debuginfo\", rpm:\"libopenssl1_0_0-steam-debuginfo~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0\", rpm:\"openssl-1_0_0~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-cavs\", rpm:\"openssl-1_0_0-cavs~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-cavs-debuginfo\", rpm:\"openssl-1_0_0-cavs-debuginfo~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-debuginfo\", rpm:\"openssl-1_0_0-debuginfo~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-debugsource\", rpm:\"openssl-1_0_0-debugsource~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_0_0-devel-32bit\", rpm:\"libopenssl-1_0_0-devel-32bit~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit-debuginfo\", rpm:\"libopenssl1_0_0-32bit-debuginfo~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-steam-32bit\", rpm:\"libopenssl1_0_0-steam-32bit~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-steam-32bit-debuginfo\", rpm:\"libopenssl1_0_0-steam-32bit-debuginfo~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-doc\", rpm:\"openssl-1_0_0-doc~1.0.2p~lp151.5.10.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T16:51:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for openssl-1_0_0 (openSUSE-SU-2019:2268-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852728", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852728", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852728\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-07 02:01:21 +0000 (Mon, 07 Oct 2019)\");\n script_name(\"openSUSE: Security Advisory for openssl-1_0_0 (openSUSE-SU-2019:2268-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2268-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl-1_0_0'\n package(s) announced via the openSUSE-SU-2019:2268-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for openssl-1_0_0 fixes the following issues:\n\n OpenSSL Security Advisory [10 September 2019]\n\n * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack\n avoidance. (bsc#1150003)\n\n * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption\n transported key (bsc#1150250)\n\n In addition fixed invalid curve attacks by validating that an EC point\n lies on the curve (bsc#1131291).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2268=1\");\n\n script_tag(name:\"affected\", value:\"'openssl-1_0_0' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_0_0-devel\", rpm:\"libopenssl-1_0_0-devel~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0\", rpm:\"libopenssl1_0_0~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-debuginfo\", rpm:\"libopenssl1_0_0-debuginfo~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac\", rpm:\"libopenssl1_0_0-hmac~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-steam\", rpm:\"libopenssl1_0_0-steam~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-steam-debuginfo\", rpm:\"libopenssl1_0_0-steam-debuginfo~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0\", rpm:\"openssl-1_0_0~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-cavs\", rpm:\"openssl-1_0_0-cavs~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-cavs-debuginfo\", rpm:\"openssl-1_0_0-cavs-debuginfo~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-debuginfo\", rpm:\"openssl-1_0_0-debuginfo~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-debugsource\", rpm:\"openssl-1_0_0-debugsource~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl-1_0_0-devel-32bit\", rpm:\"libopenssl-1_0_0-devel-32bit~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit\", rpm:\"libopenssl1_0_0-32bit~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-32bit-debuginfo\", rpm:\"libopenssl1_0_0-32bit-debuginfo~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-hmac-32bit\", rpm:\"libopenssl1_0_0-hmac-32bit~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-steam-32bit\", rpm:\"libopenssl1_0_0-steam-32bit~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libopenssl1_0_0-steam-32bit-debuginfo\", rpm:\"libopenssl1_0_0-steam-32bit-debuginfo~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-1_0_0-doc\", rpm:\"openssl-1_0_0-doc~1.0.2p~lp150.2.19.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-09-17T14:26:14", "description": "OpenSSL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-09-16T00:00:00", "type": "openvas", "title": "OpenSSL 1.0.2, 1.1.0, 1.1.1 Multiple Vulnerabilities - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563"], "modified": "2019-09-16T00:00:00", "id": "OPENVAS:1361412562310142888", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142888", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142888\");\n script_version(\"2019-09-16T07:30:49+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-16 07:30:49 +0000 (Mon, 16 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-16 07:22:38 +0000 (Mon, 16 Sep 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1563\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"OpenSSL 1.0.2, 1.1.0, 1.1.1 Multiple Vulnerabilities - Windows\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"OpenSSL is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL is prone to multiple vulnerabilities:\n\n - ECDSA remote timing attack (CVE-2019-1547)\n\n - Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions 1.0.2 - 1.0.2s, 1.1.0 - 1.1.0k and 1.1.1 - 1.1.1c.\");\n\n script_tag(name:\"solution\", value:\"Update to version 1.0.2t, 1.1.0l, 1.1.1d or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20190910.txt\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_in_range(version: version, test_version: \"1.0.2\", test_version2: \"1.0.2s\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"1.0.2t\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"1.1.0\", test_version2: \"1.1.0k\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"1.1.0l\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"1.1.1\", test_version2: \"1.1.1c\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"1.1.1d\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:39:02", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-2216)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563", "CVE-2019-1552"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192216", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192216", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2216\");\n script_version(\"2020-01-23T12:40:14+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:40:14 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:40:14 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-2216)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2216\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2216\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2019-2216 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.(CVE-2019-1547)\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\n\nOpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. (CVE-2019-1552)\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:35:26", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for compat-openssl10 (EulerOS-SA-2020-1061)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563", "CVE-2019-1552"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220201061", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201061", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1061\");\n script_version(\"2020-01-23T13:18:34+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:18:34 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:18:34 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for compat-openssl10 (EulerOS-SA-2020-1061)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1061\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1061\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'compat-openssl10' package(s) announced via the EulerOS-SA-2020-1061 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).Not found.(CVE-2019-1552)\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1563)\n\nNormally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'compat-openssl10' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl10\", rpm:\"compat-openssl10~1.0.2o~3.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-14T14:48:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2019-9ab7ee6309", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877171", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877171", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877171\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-1563\", \"CVE-2019-1549\", \"CVE-2019-1547\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:30:07 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for openssl FEDORA-2019-9ab7ee6309\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-9ab7ee6309\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3J7YOHCAH4WTCHQOCXWGZZUYVH22S6P\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2019-9ab7ee6309 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1d~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:41:13", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for compat-openssl10 (EulerOS-SA-2019-2098)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563", "CVE-2019-1552"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192098", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192098", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2098\");\n script_version(\"2020-01-23T12:34:17+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:34:17 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:34:17 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for compat-openssl10 (EulerOS-SA-2019-2098)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2098\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2098\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'compat-openssl10' package(s) announced via the EulerOS-SA-2019-2098 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. (CVE-2019-1547)\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\n\nOpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time.(CVE-2019-1552)\");\n\n script_tag(name:\"affected\", value:\"'compat-openssl10' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"compat-openssl10\", rpm:\"compat-openssl10~1.0.2o~3.h6.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-10-04T18:40:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-04T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2019-d51641f152", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-10-04T00:00:00", "id": "OPENVAS:1361412562310876866", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876866", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876866\");\n script_version(\"2019-10-04T07:25:00+0000\");\n script_cve_id(\"CVE-2019-1563\", \"CVE-2019-1549\", \"CVE-2019-1547\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-10-04 07:25:00 +0000 (Fri, 04 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-04 02:28:12 +0000 (Fri, 04 Oct 2019)\");\n script_name(\"Fedora Update for openssl FEDORA-2019-d51641f152\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-d51641f152\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2019-d51641f152 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1d~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:34:33", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-2464)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563", "CVE-2019-1552"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192464", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192464", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2464\");\n script_version(\"2020-01-23T12:59:31+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:59:31 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:59:31 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-2464)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2464\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2464\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2019-2464 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1547)\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1563)\n\nOpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as de ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h8\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h8\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h8\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-09-27T12:34:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-26T00:00:00", "type": "openvas", "title": "Fedora Update for openssl FEDORA-2019-d15aac6c4e", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-09-27T00:00:00", "id": "OPENVAS:1361412562310876847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876847", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876847\");\n script_version(\"2019-09-27T07:41:55+0000\");\n script_cve_id(\"CVE-2019-1563\", \"CVE-2019-1549\", \"CVE-2019-1547\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-09-27 07:41:55 +0000 (Fri, 27 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-26 02:32:43 +0000 (Thu, 26 Sep 2019)\");\n script_name(\"Fedora Update for openssl FEDORA-2019-d15aac6c4e\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-d15aac6c4e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2019-d15aac6c4e advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1d~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-10-07T14:47:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4539-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563"], "modified": "2019-10-03T00:00:00", "id": "OPENVAS:1361412562310704539", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704539", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704539\");\n script_version(\"2019-10-03T02:00:07+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1549\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-10-03 02:00:07 +0000 (Thu, 03 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-03 02:00:07 +0000 (Thu, 03 Oct 2019)\");\n script_name(\"Debian Security Advisory DSA 4539-1 (openssl - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|10)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4539.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4539-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the DSA-4539-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Three security issues were discovered in OpenSSL: A timing attack against\nECDSA, a padding oracle in PKCS7_dataDecode() and CMS_decrypt_set1_pkey()\nand it was discovered that a feature of the random number generator (RNG)\nintended to protect against shared RNG state between parent and child\nprocesses in the event of a fork() syscall was not used by default.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 1.1.0l-1~deb9u1.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.1.1d-0+deb10u1.\n\nWe recommend that you upgrade your openssl packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.1.0l-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.1.0l-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.1\", ver:\"1.1.0l-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openssl\", ver:\"1.1.0l-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.1.1d-0+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.1.1d-0+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.1\", ver:\"1.1.1d-0+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openssl\", ver:\"1.1.1d-0+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-14T16:53:33", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-13T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2020-1221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2019-1563", "CVE-2019-1552"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201221", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201221", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1221\");\n script_version(\"2020-03-13T07:15:33+0000\");\n script_cve_id(\"CVE-2019-1547\", \"CVE-2019-1552\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:15:33 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:15:33 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2020-1221)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1221\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1221\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2020-1221 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1563)\n\nNormally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).(CVE-2019-1547)\n\nOpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/us ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:39:05", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl110h (EulerOS-SA-2019-2218)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1547", "CVE-2018-0734", "CVE-2019-1563"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192218", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192218", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2218\");\n script_version(\"2020-01-23T12:40:24+0000\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2019-1547\", \"CVE-2019-1563\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:40:24 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:40:24 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl110h (EulerOS-SA-2019-2218)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2218\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2218\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl110h' package(s) announced via the EulerOS-SA-2019-2218 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).(CVE-2018-0734)\n\nNormally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used.(CVE-2019-1547)\n\nIn situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.(CVE-2019-1563)\");\n\n script_tag(name:\"affected\", value:\"'openssl110h' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl110h\", rpm:\"openssl110h~1.1.0h~3.h11.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl110h-devel\", rpm:\"openssl110h-devel~1.1.0h~3.h11.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl110h-libs\", rpm:\"openssl110h-libs~1.1.0h~3.h11.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl110h-static\", rpm:\"openssl110h-static~1.1.0h~3.h11.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:35:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for bash (EulerOS-SA-2019-1942)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191942", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191942", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1942\");\n script_version(\"2020-01-23T12:28:10+0000\");\n script_cve_id(\"CVE-2012-6711\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:28:10 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:28:10 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for bash (EulerOS-SA-2019-1942)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1942\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1942\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'bash' package(s) announced via the EulerOS-SA-2019-1942 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the `echo -e` built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process.(CVE-2012-6711)\");\n\n script_tag(name:\"affected\", value:\"'bash' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bash\", rpm:\"bash~4.2.46~30.h8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-17T15:49:37", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for bash (EulerOS-SA-2020-1638)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2020-06-16T00:00:00", "id": "OPENVAS:1361412562311220201638", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201638", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1638\");\n script_version(\"2020-06-16T05:47:45+0000\");\n script_cve_id(\"CVE-2012-6711\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-16 05:47:45 +0000 (Tue, 16 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-16 05:47:45 +0000 (Tue, 16 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for bash (EulerOS-SA-2020-1638)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1638\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1638\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'bash' package(s) announced via the EulerOS-SA-2020-1638 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the 'echo -e' built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().(CVE-2012-6711)\");\n\n script_tag(name:\"affected\", value:\"'bash' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bash\", rpm:\"bash~4.2.46~28.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for bash (EulerOS-SA-2019-1911)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6711"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191911", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191911", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1911\");\n script_version(\"2020-01-23T12:26:28+0000\");\n script_cve_id(\"CVE-2012-6711\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:26:28 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:26:28 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for bash (EulerOS-SA-2019-1911)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1911\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1911\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'bash' package(s) announced via the EulerOS-SA-2019-1911 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the `echo -e` built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process.(CVE-2012-6711)\");\n\n script_tag(name:\"affected\", value:\"'bash' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bash\", rpm:\"bash~4.2.46~30.h8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:34:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2019-2673)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6321"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192673", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192673", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2673\");\n script_version(\"2020-01-23T13:13:23+0000\");\n script_cve_id(\"CVE-2016-6321\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:13:23 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:13:23 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2019-2673)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2673\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2673\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tar' package(s) announced via the EulerOS-SA-2019-2673 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.(CVE-2016-6321)\");\n\n script_tag(name:\"affected\", value:\"'tar' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tar\", rpm:\"tar~1.26~29.h3\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-14T16:50:55", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-13T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2020-1245)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6321"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201245", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201245", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1245\");\n script_version(\"2020-03-13T07:17:54+0000\");\n script_cve_id(\"CVE-2016-6321\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:17:54 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:17:54 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2020-1245)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1245\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1245\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tar' package(s) announced via the EulerOS-SA-2020-1245 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.(CVE-2016-6321)\");\n\n script_tag(name:\"affected\", value:\"'tar' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tar\", rpm:\"tar~1.26~34.h3\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for tar USN-3132-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6321"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for tar USN-3132-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842955\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-22 05:37:59 +0100 (Tue, 22 Nov 2016)\");\n script_cve_id(\"CVE-2016-6321\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for tar USN-3132-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tar'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Harry Sintonen discovered that tar incorrectly\n handled extracting files when path names are specified on the command line. If a\n user or automated system were tricked into processing a specially crafted archive,\n an attacker could possibly overwrite arbitrary files.\");\n script_tag(name:\"affected\", value:\"tar on Ubuntu 16.04 LTS,\n Ubuntu 16.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3132-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3132-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|16\\.04 LTS|16\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"tar\", ver:\"1.27.1-1ubuntu0.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"tar\", ver:\"1.26-4ubuntu1.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"tar\", ver:\"1.28-2.1ubuntu0.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"tar\", ver:\"1.29b-1ubuntu0.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:41", "description": "Harry Sintonen discovered that GNU tar\ndoes not properly handle member names containing ", "cvss3": {}, "published": "2016-11-08T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3702-1 (tar - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6321"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703702", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703702", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3702.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3702-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703702\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-6321\");\n script_name(\"Debian Security Advisory DSA 3702-1 (tar - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-08 15:52:38 +0530 (Tue, 08 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3702.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"tar on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 1.27.1-2+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.29b-1.1.\n\nWe recommend that you upgrade your tar packages.\");\n script_tag(name:\"summary\", value:\"Harry Sintonen discovered that GNU tar\ndoes not properly handle member names containing '..', thus allowing an attacker\nto bypass the path names specified on the command line and replace files and\ndirectories in the target directory.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"tar\", ver:\"1.27.1-2+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tar-scripts\", ver:\"1.27.1-2+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:36:56", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2019-2423)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6321"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192423", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192423", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2423\");\n script_version(\"2020-01-23T12:54:37+0000\");\n script_cve_id(\"CVE-2016-6321\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:54:37 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:54:37 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2019-2423)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2423\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2423\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tar' package(s) announced via the EulerOS-SA-2019-2423 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.(CVE-2016-6321)\");\n\n script_tag(name:\"affected\", value:\"'tar' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tar\", rpm:\"tar~1.26~29.h3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "attackerkb": [{"lastseen": "2021-07-20T20:16:27", "description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0.\n\n \n**Recent assessments:** \n \n**kevthehermit** at April 23, 2020 8:59pm UTC reported:\n\nThere are a lot of moving parts to be able to exploit this. But if successful will give an attacker a container escape on to the kube host. \nAn attacker must already have shell access to a container and there must be a process running from the host that u
Important Photon OS Security Update - PHSA-2019-0252
