ID RHSA-2013:0587 Type redhat Reporter RedHat Modified 2018-06-06T20:24:09
Description
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.
It was discovered that OpenSSL leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-0169)
A NULL pointer dereference flaw was found in the OCSP response verification
in OpenSSL. A malicious OCSP server could use this flaw to crash
applications performing OCSP verification by sending a specially-crafted
response. (CVE-2013-0166)
It was discovered that the TLS/SSL protocol could leak information about
plain text when optional compression was used. An attacker able to control
part of the plain text sent over an encrypted TLS/SSL connection could
possibly use this flaw to recover other portions of the plain text.
(CVE-2012-4929)
Note: This update disables zlib compression, which was previously enabled
in OpenSSL by default. Applications using OpenSSL now need to explicitly
enable zlib compression to use it.
It was found that OpenSSL read certain environment variables even when used
by a privileged (setuid or setgid) application. A local attacker could use
this flaw to escalate their privileges. No application shipped with Red Hat
Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)
All OpenSSL users should upgrade to these updated packages, which contain
backported patches to resolve these issues. For the update to take effect,
all services linked to the OpenSSL library must be restarted, or the
system rebooted.
{"cve": [{"lastseen": "2020-10-03T12:06:10", "description": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "edition": 3, "cvss3": {}, "published": "2012-09-15T18:55:00", "title": "CVE-2012-4929", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2018-04-22T01:29:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:mozilla:firefox:*", "cpe:/a:google:chrome:*"], "id": "CVE-2012-4929", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:35", "description": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.\nPer http://www.openssl.org/news/vulnerabilities.html:\nFixed in OpenSSL 1.0.1d (Affected 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1) \nFixed in OpenSSL 1.0.0k (Affected 1.0.0j, 1.0.0i, 1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0) \nFixed in OpenSSL 0.9.8y (Affected 0.9.8x, 0.9.8w, 0.9.8v, 0.9.8u, 0.9.8t, 0.9.8s, 0.9.8r, 0.9.8q, 0.9.8p, 0.9.8o, 0.9.8n, 0.9.8m, 0.9.8l, 0.9.8k, 0.9.8j, 0.9.8i, 0.9.8h, 0.9.8g, 0.9.8f, 0.9.8d, 0.9.8c, 0.9.8b, 0.9.8a, 0.9.8)\n\nAffected users should upgrade to OpenSSL 1.0.1e, 1.0.0k or 0.9.8y\n(The fix in 1.0.1d wasn't complete, so please use 1.0.1e or later)", "edition": 8, "cvss3": {}, "published": "2013-02-08T19:55:00", "title": "CVE-2013-0169", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2019-10-09T23:06:00", "cpe": ["cpe:/a:polarssl:polarssl:0.11.0", "cpe:/a:oracle:openjdk:1.7.0", "cpe:/a:polarssl:polarssl:0.13.1", "cpe:/a:polarssl:polarssl:0.14.2", "cpe:/a:polarssl:polarssl:1.1.3", "cpe:/a:openssl:openssl:1.0.1d", "cpe:/a:polarssl:polarssl:1.0.0", "cpe:/a:polarssl:polarssl:1.1.0", "cpe:/a:oracle:openjdk:1.8.0", "cpe:/a:polarssl:polarssl:0.14.3", "cpe:/a:polarssl:polarssl:0.11.1", "cpe:/a:openssl:openssl:0.9.8x", "cpe:/a:polarssl:polarssl:0.14.0", "cpe:/a:polarssl:polarssl:0.99", "cpe:/a:polarssl:polarssl:1.1.4", "cpe:/a:polarssl:polarssl:0.12.0", "cpe:/a:polarssl:polarssl:0.12.1", "cpe:/a:polarssl:polarssl:1.1.2", "cpe:/a:openssl:openssl:1.0.0j", "cpe:/a:polarssl:polarssl:0.10.0", "cpe:/a:polarssl:polarssl:1.1.1", "cpe:/a:oracle:openjdk:1.6.0", "cpe:/a:polarssl:polarssl:0.10.1", "cpe:/a:oracle:openjdk:-"], "id": "CVE-2013-0169", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0169", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:polarssl:polarssl:0.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre4:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:rc0:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:-:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.3:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre1:*:*:*:*:*:*", "cpe:2.3:a:oracle:openjdk:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.2:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre3:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.99:pre5:*:*:*:*:*:*", "cpe:2.3:a:polarssl:polarssl:0.14.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:45:53", "description": "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.", "edition": 3, "cvss3": {}, "published": "2013-02-08T19:55:00", "title": "CVE-2013-0166", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0166"], "modified": "2018-08-09T01:29:00", "cpe": ["cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:1.0.1a", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/a:openssl:openssl:0.9.6e", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:redhat:openssl:0.9.7a-2", "cpe:/a:openssl:openssl:0.9.8u", "cpe:/a:openssl:openssl:1.0.1", "cpe:/a:openssl:openssl:0.9.8w", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/a:openssl:openssl:0.9.3a", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8t", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/a:redhat:openssl:0.9.6b-3", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:0.9.7c", "cpe:/a:openssl:openssl:0.9.7j", "cpe:/a:openssl:openssl:0.9.6", "cpe:/a:openssl:openssl:0.9.7g", "cpe:/a:openssl:openssl:0.9.6j", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0h", "cpe:/a:openssl:openssl:0.9.7a", "cpe:/a:openssl:openssl:0.9.3", "cpe:/a:openssl:openssl:0.9.7m", "cpe:/a:openssl:openssl:0.9.8x", "cpe:/a:openssl:openssl:0.9.1c", "cpe:/a:openssl:openssl:0.9.7h", "cpe:/a:openssl:openssl:0.9.7", "cpe:/a:openssl:openssl:1.0.1b", "cpe:/a:openssl:openssl:0.9.6k", "cpe:/a:openssl:openssl:0.9.5a", "cpe:/a:openssl:openssl:0.9.6a", "cpe:/a:openssl:openssl:0.9.8s", "cpe:/a:openssl:openssl:0.9.7d", "cpe:/a:openssl:openssl:0.9.6h", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:1.0.0i", "cpe:/a:openssl:openssl:0.9.5", "cpe:/a:openssl:openssl:0.9.4", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0f", "cpe:/a:openssl:openssl:0.9.7f", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/a:openssl:openssl:0.9.7b", "cpe:/a:openssl:openssl:1.0.1c", "cpe:/a:openssl:openssl:1.0.0e", "cpe:/a:openssl:openssl:1.0.0g", "cpe:/a:openssl:openssl:0.9.8r", "cpe:/a:openssl:openssl:0.9.6c", "cpe:/a:openssl:openssl:0.9.7l", "cpe:/a:openssl:openssl:0.9.6i", "cpe:/a:openssl:openssl:1.0.0j", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:0.9.6d", "cpe:/a:openssl:openssl:0.9.7i", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/a:openssl:openssl:0.9.8v", "cpe:/a:openssl:openssl:1.0.0d", "cpe:/a:openssl:openssl:0.9.7k", "cpe:/a:openssl:openssl:0.9.6g", "cpe:/a:openssl:openssl:0.9.6m", "cpe:/a:openssl:openssl:0.9.7e", "cpe:/a:openssl:openssl:0.9.6f", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/a:openssl:openssl:0.9.6b", "cpe:/a:openssl:openssl:0.9.2b", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/a:openssl:openssl:0.9.6l", "cpe:/a:openssl:openssl:0.9.8p", "cpe:/a:redhat:openssl:0.9.6-15"], "id": "CVE-2013-0166", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0166", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openssl:0.9.6-15:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2019-08-08T20:39:34", "bulletinFamily": "software", "cvelist": ["CVE-2012-4929"], "description": "\nF5 Product Development has assigned ID 397825 (BIG-IP and Enterprise Manager) and ID 384705 (ARX) to this vulnerability. To find out whether F5 has determined that your release is vulnerable and to obtain information about releases or hotfixes that resolve the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 \n9.0.0 - 9.4.8 | Configuration utility \nBIG-IP GTM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 11.3.0 - 11.6.3 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 \n9.2.2 - 9.4.8 | Configuration utility \nBIG-IP ASM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 \n9.2.0 - 9.4.8 | Configuration utility \nBIG-IP Link Controller | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 \n9.2.0 - 9.4.8 | Configuration utility \nBIG-IP WebAccelerator | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 11.3.0 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 \n9.2.0 - 9.4.8 | Configuration utility \nBIG-IP PSM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 \n9.2.0 - 9.4.8 | Configuration utility \nBIG-IP WOM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 11.3.0 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 \n9.2.0 - 9.4.8 | Configuration utility \nBIG-IP APM | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 \n9.2.0 - 9.4.8 | Configuration utility \nBIG-IP Edge Gateway | 11.0.0 - 11.2.1 \n10.1.0 - 10.2.4 | 11.3.0 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n10.2.4 HF6 \n10.0.0 - 10.0.1 | Configuration utility \nBIG-IP Analytics | 11.0.0 - 11.2.1 | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 | Configuration utility \nBIG-IP AFM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 | None \nBIG-IP PEM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 | None \nBIG-IP AAM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | None \nFirePass | None | 6.x \n7.x | None \nEnterprise Manager | 3.0.0 \n2.0.0 - 2.3.0 | 3.1.0 - 3.1.1 \n1.6.0 - 1.8.0 | Configuration utility \nARX | 6.0.0 - 6.4.0 \n5.0.0 - 5.3.1 | None | ARX Manager GUI\n\nTo eliminate this vulnerability, perform one of the following actions:\n\n * Upgrade to a software version that is listed in the **Versions known to be not vulnerable **column of the table.\n * Upgrade your client browser to a non-vulnerable version.\n\n * [K14059: CRIME vulnerability via the SPDY protocol CVE-2012-4929](<https://support.f5.com/csp/article/K14059>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n", "edition": 1, "modified": "2018-02-10T01:26:00", "published": "2012-12-06T01:46:00", "id": "F5:K14054", "href": "https://support.f5.com/csp/article/K14054", "title": "CRIME vulnerability via TLS 1.2 protocol CVE-2012-4929", "type": "f5", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-06-08T00:16:35", "bulletinFamily": "software", "cvelist": ["CVE-2013-0166"], "edition": 1, "description": "\nF5 Product Development has assigned ID 410850, ID 410734, ID 407706 (BIG-IP), ID 410613, ID 411980 (FirePass), and ID 410742 (ARX) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/services/customer-support/ihealth/>) may list Heuristic H413586 on the **Diagnostics **> **Identified **> **High **screen.\n\nTo find out whether F5 has determined that your release is vulnerable, and to obtain information about releases or hotfixes that resolve the vulnerability, refer to the following table: \n\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.0.0 - 9.6.1 \n \n| 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 \n| OCSP profiles \n \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | 11.3.0 | 11.4.0 \n11.3.0 HF2 \n| OCSP profiles \nBIG-IP Analytics | 11.0.0 - 11.3.0 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n| OCSP profiles \nBIG-IP APM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP ASM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.2.0 - 9.4.8 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP Edge Gateway \n| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n| OCSP profiles \nBIG-IP GTM | None | 11.0.0 - 11.4.0 \n10.0.0 - 10.2.4 \n9.2.2 - 9.4.8 | None \nBIG-IP Link Controller | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.2.2 - 9.4.8 \n| 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP PEM | 11.3.0 \n| 11.4.0 \n11.3.0 HF2 \n| OCSP profiles \nBIG-IP PSM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.4.5 - 9.4.8 | 11.4.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 \n9.4.0 - 9.4.8 | 11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | 11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | OCSP profiles \nARX | 6.0.0 - 6.4.0 \n5.0.0 - 5.3.1 | None | ARX GUI \n \nEnterprise Manager | None | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 - 3.1.1 | None \nFirePass | 7.0.0 \n6.0.0 - 6.1.0 | 7.0.0 HF-70-9 \n6.1.0 HF-610-11 | Administrative interface \nWebServices \n\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\n * [Common Vulnerabilities and Exposures (CVE-2013-0166)](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166>) \n\n\n**Note**: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K6845: Managing BIG-IP product hotfixes (9.x)](<https://support.f5.com/csp/article/K6845>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K10322: FirePass hotfix matrix](<https://support.f5.com/csp/article/K10322>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n * [K3430: Installing FirePass hotfixes](<https://support.f5.com/csp/article/K3430>)\n * [K6664: Obtaining and installing OPSWAT hotfixes](<https://support.f5.com/csp/article/K6664>)\n * [K10942: Installing OPSWAT hotfixes on BIG-IP APM systems](<https://support.f5.com/csp/article/K10942>)\n", "modified": "2016-01-09T02:30:00", "published": "2013-03-08T03:02:00", "id": "F5:K14261", "href": "https://support.f5.com/csp/article/K14261", "title": "OpenSSL OCSP vulnerability CVE-2013-0166", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:52", "bulletinFamily": "software", "cvelist": ["CVE-2012-4929"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nTo eliminate this vulnerability, perform one of the following actions:\n\n * Upgrade to a software version that is listed in the **Versions known to be Not Vulnerable** column of the table.\n * Upgrade your client browser to a non-vulnerable version.\n\nSupplemental Information\n\n * SOL14059: CRIME vulnerability via the SPDY protocol CVE-2012-4929\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * The following link will take you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge: \n \n[Common Vulnerabilities and Exposures (CVE-2012-4929)](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929>) \n \n\n", "modified": "2016-07-25T00:00:00", "published": "2012-12-05T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/000/sol14054.html", "id": "SOL14054", "title": "SOL14054 - CRIME vulnerability via TLS 1.2 protocol CVE-2012-4929", "type": "f5", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:18", "bulletinFamily": "software", "cvelist": ["CVE-2013-0166"], "edition": 1, "description": "Recommended action\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\nSupplemental Information\n\n * [Common Vulnerabilities and Exposures (CVE-2013-0166)](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166>) \n\n\n**Note**: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL6845: Managing BIG-IP product hotfixes (9.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL10322: FirePass hotfix matrix\n * SOL12766: ARX hotfix matrix\n * SOL3430: Installing FirePass hotfixes\n * SOL6664: Obtaining and installing OPSWAT hotfixes\n * SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems\n", "modified": "2014-04-03T00:00:00", "published": "2013-03-07T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/200/sol14261.html", "id": "SOL14261", "title": "SOL14261 - OpenSSL OCSP vulnerability CVE-2013-0166", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-04-06T22:40:29", "bulletinFamily": "software", "cvelist": ["CVE-2013-0169"], "description": "\nF5 Product Development has assigned ID 580596 and ID 407706 (BIG-IP), ID 594397 (BIG-IQ), ID 594400 Enterprise Manager, ID 410613 (FirePass), and ID 410742 (ARX) to this vulnerability. To find out whether F5 has determined that your release is vulnerable, and to obtain information about releases, point releases, or hotfixes that resolve the vulnerability, refer to the following table.\n\n**Note**: Subsequent hotfix releases for a given software version listed in **Versions known to be not vulnerable** are also not vulnerable, as hotfixes are cumulative. For example 11.6.1 HF1 is listed as not vulnerable; therefore, 11.6.1 HF2 is also not vulnerable.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.4.0 - 14.0.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \n12.1.0 - 12.1.0 HF1 \n12.0.0 - 12.0.0 HF3 \n11.6.1 \n11.6.0 - 11.6.0 HF7 \n11.5.2 - 11.5.4 HF1 \n11.5.1 - 11.5.1 HF10 \n11.4.1 - 11.4.1 HF10 \n11.2.1 - 11.2.1 HF15 \n10.0.0 - 10.2.4 | 12.1.1 - 14.0.0 \n12.1.0 HF2 \n12.0.0 HF4 \n11.6.1 HF1 \n11.6.0 HF8 \n11.5.4 HF2 \n11.5.1 HF11 \n11.4.1 HF11 \n11.2.1 HF16 | SSL/TLS virtual servers \nBIG-IP AAM | None | 11.4.0 - 14.0.0 | None (Configuration utility is not vulnerable) \n12.1.0 - 12.1.0 HF1 \n12.0.0 - 12.0.0 HF3 \n11.6.1 \n11.6.0 - 11.6.0 HF7 \n11.5.2 - 11.5.4 HF1 \n11.5.1 - 11.5.1 HF10 \n11.4.1 - 11.4.1 HF10 | 12.1.1 - 14.0.0 \n12.1.0 HF2 \n12.0.0 HF4 \n11.6.1 HF1 \n11.6.0 HF8 \n11.5.4 HF2 \n11.5.1 HF11 \n11.4.1 HF11 | SSL/TLS virtual servers \nBIG-IP AFM | 11.3.0 - 11.3.0 HF1 | 11.4.0 - 14.0.0 \n11.3.0 HF2 | Configuration utility \n12.1.0 - 12.1.0 HF1 \n12.0.0 - 12.0.0 HF3 \n11.6.1 \n11.6.0 - 11.6.0 HF7 \n11.5.2 - 11.5.4 HF1 \n11.5.1 - 11.5.1 HF10 \n11.4.1 - 11.4.1 HF10 | 12.1.1 - 14.0.0 \n12.1.0 HF2 \n12.0.0 HF4 \n11.6.1 HF1 \n11.6.0 HF8 \n11.5.4 HF2 \n11.5.1 HF11 \n11.4.1 HF11 | SSL/TLS virtual servers \nBIG-IP Analytics | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 | 11.4.0 - 14.0.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 | Configuration utility \n12.1.0 - 12.1.0 HF1 \n12.0.0 - 12.0.0 HF3 \n11.6.1 \n11.6.0 - 11.6.0 HF7 \n11.5.2 - 11.5.4 HF1 \n11.5.1 - 11.5.1 HF10 \n11.4.1 - 11.4.1 HF10 \n11.2.1 - 11.2.1 HF15 | 12.1.1 - 14.0.0 \n12.1.0 HF2 \n12.0.0 HF4 \n11.6.1 HF1 \n11.6.0 HF8 \n11.5.4 HF2 \n11.5.1 HF11 \n11.4.1 HF11 \n11.2.1 HF16 | SSL/TLS virtual servers \nBIG-IP APM | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.4.0 - 14.0.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \n12.1.0 - 12.1.0 HF1 \n12.0.0 - 12.0.0 HF3 \n11.6.1 \n11.6.0 - 11.6.0 HF7 \n11.5.2 - 11.5.4 HF1 \n11.5.1 - 11.5.1 HF10 \n11.4.1 - 11.4.1 HF10 \n11.2.1 - 11.2.1 HF15 \n10.0.0 - 10.2.4 | 12.1.1 - 14.0.0 \n12.1.0 HF2 \n12.0.0 HF4 \n11.6.1 HF1 \n11.6.0 HF8 \n11.5.4 HF2 \n11.5.1 HF11 \n11.4.1 HF11 \n11.2.1 HF16 | SSL/TLS virtual servers \nBIG-IP ASM | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.4.0 - 14.0.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \n12.1.0 - 12.1.0 HF1 \n12.0.0 - 12.0.0 HF3 \n11.6.1 \n11.6.0 - 11.6.0 HF7 \n11.5.2 - 11.5.4 HF1 \n11.5.1 - 11.5.1 HF10 \n11.4.1 - 11.4.1 HF10 \n11.2.1 - 11.2.1 HF15 \n10.0.0 - 10.2.4 | 12.1.1 - 14.0.0 \n12.1.0 HF2 \n12.0.0 HF4 \n11.6.1 HF1 \n11.6.0 HF8 \n11.5.4 HF2 \n11.5.1 HF11 \n11.4.1 HF11 \n11.2.1 HF16 | SSL/TLS virtual servers \nBIG-IP DNS | None | 12.0.0 - 14.0.0 | None (Configuration utility is not vulnerable) \nBIG-IP Edge Gateway | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \n11.3.0 \n11.2.1 - 11.2.1 HF15 \n10.2.1 - 10.2.4 | 11.2.1 HF16 | SSL/TLS virtual servers \nBIG-IP GTM | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.4.0 - 11.6.3 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \nBIG-IP Link Controller | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.4.0 - 14.0.0 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \n12.1.0 - 12.1.0 HF1 \n12.0.0 - 12.0.0 HF3 \n11.6.1 \n11.6.0 - 11.6.0 HF7 \n11.5.2 - 11.5.4 HF1 \n11.5.1 - 11.5.1 HF10 \n11.4.1 - 11.4.1 HF10 \n11.2.1 - 11.2.1 HF15 \n10.0.0 - 10.2.4 | 12.1.1 - 14.0.0 \n12.1.0 HF2 \n12.0.0 HF4 \n11.6.1 HF1 \n11.6.0 HF8 \n11.5.4 HF2 \n11.5.1 HF11 \n11.4.1 HF11 \n11.2.1 HF16 | SSL/TLS virtual servers \nBIG-IP PEM | 11.3.0 - 11.3.0 HF1 | 11.4.0 - 14.0.0 \n11.3.0 HF2 | Configuration utility \n12.1.0 - 12.1.0 HF1 \n12.0.0 - 12.0.0 HF3 \n11.6.1 \n11.6.0 - 11.6.0 HF7 \n11.5.2 - 11.5.4 HF1 \n11.5.1 - 11.5.1 HF10 \n11.4.1 - 11.4.1 HF10 | 12.1.1 - 14.0.0 \n12.1.0 HF2 \n12.0.0 HF4 \n11.6.1 HF1 \n11.6.0 HF8 \n11.5.4 HF2 \n11.5.1 HF11 \n11.4.1 HF11 | SSL/TLS virtual servers \nBIG-IP PSM | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.4.0 - 11.4.1 \n11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \n11.3.0 \n11.2.1 - 11.2.1 HF15 \n10.2.1 - 10.2.4 | 11.2.1 HF16 | SSL/TLS virtual servers \nBIG-IP WebAccelerator | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \n11.3.0 \n11.2.1 - 11.2.1 HF15 \n10.2.1 - 10.2.4 | 11.2.1 HF16 | SSL/TLS virtual servers \nBIG-IP WOM | 11.3.0 - 11.3.0 HF1 \n11.2.1 - 11.2.1 HF3 \n11.2.0 - 11.2.0 HF3 \n11.1.0 - 11.1.0 HF5 \n11.0.0 - 11.0.0 HF4 \n10.0.0 - 10.2.4 HF4 | 11.3.0 HF2 \n11.2.1 HF4 \n11.2.0 HF4 \n11.1.0 HF6 \n11.0.0 HF5 \n10.2.4 HF6 | Configuration utility \n11.3.0 \n11.2.1 - 11.2.1 HF15 \n10.2.1 - 10.2.4 | 11.2.1 HF16 | SSL/TLS virtual servers \nARX | 6.0.0 - 6.4.0 \n5.0.0 - 5.3.1 | None1 | ARX Manager GUI \n \nAPI (disabled by default) \nEnterprise Manager | 3.0.0 - 3.1.1 \n2.0.0 - 2.3.0 \n1.6.0 - 1.8.0 | None1 | Configuration utility \nFirePass | 7.0.0 \n6.0.0 - 6.1.0 | None1 | Administrative interface \n \nWebServices \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None1 | TMM \nBIG-IQ Device | 4.2.0 - 4.5.0 | None1 | TMM \nBIG-IQ Security | 4.0.0 - 4.5.0 | None1 | TMM \nBIG-IQ ADC | 4.5.0 | None1 | TMM \nBIG-IQ Centralized Management | 5.0.0 - 5.1.0 | 5.2.0 | TMM \nBIG-IQ Cloud and Orchestration | 1.0.0 | None1 | TMM \n \n1These products and versions have reached end of life.\n\n * [BIG-IP](<https://support.f5.com/csp/article/K14190#bigip>)\n * [FirePass](<https://support.f5.com/csp/article/K14190#firepass>)\n * [Enterprise Manager](<https://support.f5.com/csp/article/K14190#2.x>)\n * [ARX](<https://support.f5.com/csp/article/K14190#arx>)\n\n**BIG-IP**\n\nThe following section describes affected BIG-IP components and how to protect those components from potential exploit.\n\nMitigating the exploit for the MGMT interface and the Configuration utility\n\nThe BIG-IP Configuration utility is vulnerable. To mitigate potential exploit, F5 recommends that you limit network access to the management (MGMT) interface to a secure, management-only network.\n\nYou can change the default cipher string for the BIG-IP Configuration utility. For example, to change the cipher string for the Configuration utility to use the RC4-SHA cipher, refer to the following commands:\n\nBIG-IP 10.x - 11.x\n\ntmsh modify /sys httpd ssl-ciphersuite RC4-SHA\n\nMitigating the exploit for SSL/TLS virtual servers\n\nTo mitigate potential exploit for SSL/TLS virtual servers, you can configure the SSL profile to prefer non-CBC ciphers. To do so, perform the following steps:\n\n**Impact of workaround:** Changing the ciphers supported by the SSL profile may result in clients being unable to establish an SSL connection.\n\n 1. Log in to the Configuration utility.\n 2. Navigate to **Local Traffic** > **Profiles**.\n 3. In the **SSL** list, choose **Client**.\n 4. Click **Create**.\n 5. Type a name for the **SSL** profile.\n 6. In the **Parent Profile** list, choose **clientssl**.\n 7. In the **Configuration** list, choose **Advanced**.\n 8. Click the **Custom** box for **Ciphers**.\n 9. From the **Ciphers** box, delete the DEFAULT cipher string.\n 10. In the **Ciphers** box, enter the desired cipher string. \n\nFor BIG-IP 11.5.0 and later, configure the cipher string to prefer non-CBC ciphers. For example, the following string configures the SSL profile to prefer AES-GCM ciphers first, then RC4-SHA ciphers, before resorting to the DEFAULT string, which contains CBC ciphers:\n\nAES-GCM:RC4-SHA:DEFAULT\n\nFor BIG-IP 11.4.0 and earlier, the following cipher string configures the SSL profile to prefer RC4-SHA before resorting to the DEFAULT string, which contains CBC ciphers:\n\nRC4-SHA:DEFAULT\n\n 11. Click **Finished**.\n 12. You must now associate the SSL profile with the virtual server.\n\n**FirePass**\n\nTo protect the FirePass Controller Administrator interface from potential exploit, perform the following procedure:\n\n**Changing the cipher string for the FirePass Administrator interface**\n\n**Impact of procedure**: Changing the cipher string may prevent some connections to the Administrator interface.\n\n 1. Log in to the FirePass Administrator interface.\n 2. Navigate to **Device Management** >** Security** > **User Access Security page **> **SSL Cipher Security**.\n 3. Click **Medium-Grade Security**.\n 4. Click **Apply**.\n\n**Enterprise Manager**\n\nTo protect the Enterprise Manager Configuration utility from potential exploit, F5 recommends that you limit network access to the MGMT interface to a secure, management-only network.\n\nYou can also change the default cipher string for the Enterprise Manager Configuration utility. For example, to change the cipher string for the Configuration utility to use the RC4-SHA cipher, refer to the following commands:\n\nEnterprise Manager 3.x\n\ntmsh modify /sys httpd ssl-ciphersuite RC4-SHA\n\nEnterprise Manager 2.x\n\nbigpipe httpd sslciphersuite RC4-SHA\n\n**ARX**\n\nThe following section describes how to protect the ARX Manager GUI from potential exploit (6.2.0 and later).\n\n**Changing the ARX Manager GUI cipher string (6.2.0 and later)**\n\n**Impact of procedure:** Changing the cipher string may prevent some connections to the ARX Manager GUI.\n\n 1. Log in to the ARX CLI.\n 2. Enable privileged mode by typing the following command: \n\nenable\n\n 3. Enable config mode by typing the following command: \n\nconfig\n\n 4. Enter ssl mode by typing the following command: \n\nssl\n\n 5. Change the cipher string by typing the following command \n\ncipher ssl-rsa-with-rc4-128-sha \n\n 6. Exit the menu by typing the following command: \n\nend\n\nF5 would like to acknowledge Nadhem J. AlFardan and Kenneth G. Paterson of the Information Security Group Royal Holloway, University of London for bringing this issue to our attention, and for following the highest standards of responsible disclosure.\n\n * <http://www.isg.rhul.ac.uk/tls/>\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n * [K8802: Using SSL ciphers with BIG-IP Client SSL and Server SSL profiles](<https://support.f5.com/csp/article/K8802>)\n * [K13405: Restricting Configuration utility access to clients using high encryption SSL ciphers (11.x)](<https://support.f5.com/csp/article/K13405>)\n * [K6768: Restricting Configuration utility access to clients using high encryption SSL ciphers (9.x - 10.x)](<https://support.f5.com/csp/article/K6768>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K10322: FirePass hotfix matrix](<https://support.f5.com/csp/article/K10322>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n", "edition": 1, "modified": "2020-01-24T18:24:00", "published": "2015-05-01T02:32:00", "id": "F5:K14190", "href": "https://support.f5.com/csp/article/K14190", "title": "TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169", "type": "f5", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2016-12-03T05:28:12", "bulletinFamily": "software", "cvelist": ["CVE-2013-0169"], "edition": 1, "description": "Vulnerability Recommended Actions\n\n * BIG-IP\n * FirePass\n * Enterprise Manager\n * ARX\n\n**BIG-IP**\n\nThe following section describes affected BIG-IP components and how to protect those components from potential exploit.\n\nMitigating the exploit for the MGMT interface and the Configuration utility\n\nThe BIG-IP Configuration utility is vulnerable. To mitigate potential exploit,\u00c2 F5 recommends that you limit network access to the management\u00c2 (MGMT) interface to a secure, management-only network.\n\nYou can change the default cipher string for the BIG-IP Configuration utility. For example, to change the cipher string for the Configuration utility to use the RC4-SHA cipher, refer to the following commands:\n\nBIG-IP 10.x - 11.x\n\ntmsh modify /sys httpd ssl-ciphersuite RC4-SHA\n\nMitigating the exploit for SSL/TLS virtual servers\n\nTo\u00c2 mitigate potential exploit for SSL/TLS virtual servers, you can configure the SSL profile to prefer non-CBC ciphers. To do so, perform the following steps:\n\n**Impact of workaround:** Changing the ciphers supported by the SSL profile may result in clients being unable to establish an SSL connection.\n\n 1. Log in to the Configuration utility.\n 2. Navigate to **Local Traffic** > **Profiles**.\n 3. In the **SSL** list, choose **Client**.\n 4. Click **Create**.\n 5. Type a name for the **SSL** profile.\n 6. In the **Parent Profile** list, choose **clientssl**.\n 7. In the **Configuration** list, choose **Advanced**.\n 8. Click the **Custom** box for **Ciphers**.\n 9. From the **Ciphers** box, delete the DEFAULT cipher string.\n 10. In the **Ciphers** box, enter the desired cipher string. \n\nFor BIG-IP 11.5.0 and later, configure the cipher string to prefer non-CBC ciphers. For example, the following string configures the SSL profile to prefer AES-GCM ciphers first, then RC4-SHA ciphers, before resorting to the DEFAULT string, which contains CBC ciphers:\n\nAES-GCM:RC4-SHA:DEFAULT\n\nFor BIG-IP 11.4.0 and earlier, the following cipher string configures the SSL profile to prefer RC4-SHA before resorting to the DEFAULT string, which contains CBC ciphers:\n\nRC4-SHA:DEFAULT\n\n 11. Click **Finished**.\n 12. You must now associate the SSL profile with the virtual server.\n\n**FirePass**\n\nTo protect the FirePass Controller Administrator interface from potential exploit, perform the following procedure:\n\n**Changing the cipher string for the FirePass Administrator interface**\n\n**Impact of procedure**: Changing the cipher string may prevent some connections to the Administrator interface.\n\n 1. Log in to the FirePass Administrator interface.\n 2. Navigate to **Device Management** >** Security** > **User Access Security page **> **SSL Cipher Security**.\n 3. Click **Medium-Grade Security**.\n 4. Click **Apply**.\n\n**Enterprise Manager**\n\nTo protect the Enterprise Manager Configuration utility from potential exploit, F5 recommends that you limit network access to the MGMT\u00c2 interface to a secure, management-only network.\n\nYou can also change the default cipher string for the Enterprise Manager Configuration utility. For example, to change the cipher string for the Configuration utility to use the RC4-SHA cipher, refer to the following commands:\n\nEnterprise Manager 3.x\n\ntmsh modify /sys httpd ssl-ciphersuite RC4-SHA\n\nEnterprise Manager 2.x\n\nbigpipe httpd sslciphersuite RC4-SHA\n\n**ARX**\n\nThe following section describes how to protect the ARX Manager GUI from potential exploit (6.2.0 and later).\n\n**Changing the ARX Manager GUI cipher string (6.2.0 and later)**\n\n**Impact of procedure:** Changing the cipher string may prevent some connections to the ARX Manager GUI.\n\n 1. Log in to the ARX CLI.\n 2. Enable privileged mode by typing the following command: \n\nenable\n\n 3. Enable config mode by typing the following command: \n\nconfig\n\n 4. Enter ssl mode by typing the following command: \n\nssl\n\n 5. Change the cipher string by typing the following command \n\ncipher ssl-rsa-with-rc4-128-sha\u00c2 \n\n 6. Exit the menu by typing the following command: \n\nend\n\nAcknowledgements\n\nF5 would like to acknowledge Nadhem J. AlFardan and Kenneth G. Paterson of the Information Security Group Royal Holloway, University of London for bringing this issue to our attention, and for following the highest standards of responsible disclosure.\n\nSupplemental Information\n\n * <http://www.isg.rhul.ac.uk/tls/>\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n * SOL8802: Using SSL ciphers with BIG-IP Client SSL and Server SSL profiles\n * SOL13405: Restricting Configuration utility access to clients using high encryption SSL ciphers (11.x)\n * SOL6768: Restricting Configuration utility access to clients using high encryption SSL ciphers (9.x - 10.x)\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL9502: BIG-IP hotfix matrix\n * SOL10322: FirePass hotfix matrix\n * SOL12766: ARX hotfix matrix\n", "modified": "2016-09-28T00:00:00", "published": "2013-02-08T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14190.html", "id": "SOL14190", "title": "SOL14190 - TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169", "type": "f5", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "centos": [{"lastseen": "2020-10-30T13:20:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0587\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously enabled\nin OpenSSL by default. Applications using OpenSSL now need to explicitly\nenable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when used\nby a privileged (setuid or setgid) application. A local attacker could use\nthis flaw to escalate their privileges. No application shipped with Red Hat\nEnterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. For the update to take effect,\nall services linked to the OpenSSL library must be restarted, or the\nsystem rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031302.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031668.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-March/007019.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0587.html", "edition": 87, "modified": "2013-03-09T00:45:25", "published": "2013-03-04T22:46:45", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-March/007019.html", "id": "CESA-2013:0587", "title": "openssl security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "[1.0.0-27.2]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)", "edition": 4, "modified": "2013-03-04T00:00:00", "published": "2013-03-04T00:00:00", "id": "ELSA-2013-0587", "href": "http://linux.oracle.com/errata/ELSA-2013-0587.html", "title": "openssl security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:26", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "**Issue Overview:**\n\nIt was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. ([CVE-2013-0169 __](<https://access.redhat.com/security/cve/CVE-2013-0169>))\n\nA NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially-crafted response. ([CVE-2013-0166 __](<https://access.redhat.com/security/cve/CVE-2013-0166>))\n\nIt was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. ([CVE-2012-4929 __](<https://access.redhat.com/security/cve/CVE-2012-4929>))\n\nNote: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it.\n\n \n**Affected Packages:** \n\n\nopenssl\n\n \n**Issue Correction:** \nRun _yum update openssl_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n openssl-devel-1.0.0k-1.48.amzn1.i686 \n openssl-static-1.0.0k-1.48.amzn1.i686 \n openssl-1.0.0k-1.48.amzn1.i686 \n openssl-debuginfo-1.0.0k-1.48.amzn1.i686 \n openssl-perl-1.0.0k-1.48.amzn1.i686 \n \n src: \n openssl-1.0.0k-1.48.amzn1.src \n \n x86_64: \n openssl-debuginfo-1.0.0k-1.48.amzn1.x86_64 \n openssl-1.0.0k-1.48.amzn1.x86_64 \n openssl-devel-1.0.0k-1.48.amzn1.x86_64 \n openssl-perl-1.0.0k-1.48.amzn1.x86_64 \n openssl-static-1.0.0k-1.48.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2013-03-14T22:04:00", "published": "2013-03-14T22:04:00", "id": "ALAS-2013-171", "href": "https://alas.aws.amazon.com/ALAS-2013-171.html", "title": "Medium: openssl", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-20T15:17:41", "description": "OpenSSL has been updated to fix several security issues :\n\n - Avoid the openssl CRIME attack by disabling SSL\n compression by default. Setting the environment variable\n 'OPENSSL_NO_DEFAULT_ZLIB' to 'no' enables compression\n again. (CVE-2012-4929)\n\n Please note that openssl on SUSE Linux Enterprise 10 is\n not built with compression support.\n\n - Timing attacks against TLS could be used by physically\n local attackers to gain access to transmitted plain text\n or private keymaterial. This issue is also known as the\n 'Lucky-13' issue. (CVE-2013-0169)\n\n - A OCSP invalid key denial of service issue was fixed.\n (CVE-2013-0166)", "edition": 18, "published": "2013-03-28T00:00:00", "title": "SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 8517)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "modified": "2013-03-28T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_OPENSSL-8517.NASL", "href": "https://www.tenable.com/plugins/nessus/65719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65719);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n\n script_name(english:\"SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 8517)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL has been updated to fix several security issues :\n\n - Avoid the openssl CRIME attack by disabling SSL\n compression by default. Setting the environment variable\n 'OPENSSL_NO_DEFAULT_ZLIB' to 'no' enables compression\n again. (CVE-2012-4929)\n\n Please note that openssl on SUSE Linux Enterprise 10 is\n not built with compression support.\n\n - Timing attacks against TLS could be used by physically\n local attackers to gain access to transmitted plain text\n or private keymaterial. This issue is also known as the\n 'Lucky-13' issue. (CVE-2013-0169)\n\n - A OCSP invalid key denial of service issue was fixed.\n (CVE-2013-0166)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4929.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0166.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0169.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8517.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"openssl-0.9.8a-18.76.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"openssl-devel-0.9.8a-18.76.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.76.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.76.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"openssl-0.9.8a-18.76.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"openssl-devel-0.9.8a-18.76.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"openssl-doc-0.9.8a-18.76.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"openssl-32bit-0.9.8a-18.76.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"openssl-devel-32bit-0.9.8a-18.76.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:18:24", "description": "It was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.", "edition": 23, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : openssl (ALAS-2013-171)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-171.NASL", "href": "https://www.tenable.com/plugins/nessus/69730", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-171.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69730);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_xref(name:\"ALAS\", value:\"2013-171\");\n script_xref(name:\"RHSA\", value:\"2013:0587\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2013-171)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-171.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update openssl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.0k-1.48.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.0k-1.48.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.0k-1.48.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.0k-1.48.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.0k-1.48.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:47:48", "description": "From Red Hat Security Advisory 2013:0587 :\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when\nused by a privileged (setuid or setgid) application. A local attacker\ncould use this flaw to escalate their privileges. No application\nshipped with Red Hat Enterprise Linux 5 and 6 was affected by this\nproblem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.", "edition": 21, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : openssl (ELSA-2013-0587)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-static", "p-cpe:/a:oracle:linux:openssl-perl"], "id": "ORACLELINUX_ELSA-2013-0587.NASL", "href": "https://www.tenable.com/plugins/nessus/68768", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0587 and \n# Oracle Linux Security Advisory ELSA-2013-0587 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68768);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(55704, 57755, 57778);\n script_xref(name:\"RHSA\", value:\"2013:0587\");\n\n script_name(english:\"Oracle Linux 5 / 6 : openssl (ELSA-2013-0587)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0587 :\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when\nused by a privileged (setuid or setgid) application. A local attacker\ncould use this flaw to escalate their privileges. No application\nshipped with Red Hat Enterprise Linux 5 and 6 was affected by this\nproblem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-March/003326.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-March/003327.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"openssl-0.9.8e-26.el5_9.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openssl-devel-0.9.8e-26.el5_9.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openssl-perl-0.9.8e-26.el5_9.1\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"openssl-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-devel-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-perl-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"openssl-static-1.0.0-27.el6_4.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl-static\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:12:06", "description": "Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when\nused by a privileged (setuid or setgid) application. A local attacker\ncould use this flaw to escalate their privileges. No application\nshipped with Red Hat Enterprise Linux 5 and 6 was affected by this\nproblem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.", "edition": 24, "published": "2013-03-05T00:00:00", "title": "RHEL 5 / 6 : openssl (RHSA-2013:0587)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "modified": "2013-03-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.9", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "cpe:/o:redhat:enterprise_linux:6.4", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "p-cpe:/a:redhat:enterprise_linux:openssl", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:openssl-devel"], "id": "REDHAT-RHSA-2013-0587.NASL", "href": "https://www.tenable.com/plugins/nessus/65004", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0587. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65004);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(55704, 57755, 57778);\n script_xref(name:\"RHSA\", value:\"2013:0587\");\n\n script_name(english:\"RHEL 5 / 6 : openssl (RHSA-2013:0587)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when\nused by a privileged (setuid or setgid) application. A local attacker\ncould use this flaw to escalate their privileges. No application\nshipped with Red Hat Enterprise Linux 5 and 6 was affected by this\nproblem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0587\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0169\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0166\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0587\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"openssl-0.9.8e-26.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"openssl-debuginfo-0.9.8e-26.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"openssl-devel-0.9.8e-26.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openssl-perl-0.9.8e-26.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openssl-perl-0.9.8e-26.el5_9.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openssl-perl-0.9.8e-26.el5_9.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-1.0.0-27.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-debuginfo-1.0.0-27.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-devel-1.0.0-27.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-perl-1.0.0-27.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-perl-1.0.0-27.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.0-27.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-static-1.0.0-27.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-static-1.0.0-27.el6_4.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.0-27.el6_4.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:47:27", "description": "It was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially- crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when\nused by a privileged (setuid or setgid) application. A local attacker\ncould use this flaw to escalate their privileges. No application\nshipped with Scientific Linux 5 and 6 was affected by this problem.\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.", "edition": 14, "published": "2013-03-05T00:00:00", "title": "Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64 (20130304)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "modified": "2013-03-05T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:openssl-static"], "id": "SL_20130304_OPENSSL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/65022", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65022);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64 (20130304)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially- crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when\nused by a privileged (setuid or setgid) application. A local attacker\ncould use this flaw to escalate their privileges. No application\nshipped with Scientific Linux 5 and 6 was affected by this problem.\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=1414\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?de223d65\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"openssl-0.9.8e-26.el5_9.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-debuginfo-0.9.8e-26.el5_9.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-devel-0.9.8e-26.el5_9.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-perl-0.9.8e-26.el5_9.1\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"openssl-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-debuginfo-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-devel-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-perl-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-static-1.0.0-27.el6_4.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:28:33", "description": "Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when\nused by a privileged (setuid or setgid) application. A local attacker\ncould use this flaw to escalate their privileges. No application\nshipped with Red Hat Enterprise Linux 5 and 6 was affected by this\nproblem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.", "edition": 24, "published": "2013-03-07T00:00:00", "title": "CentOS 5 / 6 : openssl (CESA-2013:0587)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "modified": "2013-03-07T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-devel", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-static", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2013-0587.NASL", "href": "https://www.tenable.com/plugins/nessus/65061", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0587 and \n# CentOS Errata and Security Advisory 2013:0587 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65061);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(55704, 57755, 57778);\n script_xref(name:\"RHSA\", value:\"2013:0587\");\n\n script_name(english:\"CentOS 5 / 6 : openssl (CESA-2013:0587)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nIt was discovered that OpenSSL leaked timing information when\ndecrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode\ncipher suites were used. A remote attacker could possibly use this\nflaw to retrieve plain text from the encrypted packets by using a\nTLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response\nverification in OpenSSL. A malicious OCSP server could use this flaw\nto crash applications performing OCSP verification by sending a\nspecially crafted response. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information\nabout plain text when optional compression was used. An attacker able\nto control part of the plain text sent over an encrypted TLS/SSL\nconnection could possibly use this flaw to recover other portions of\nthe plain text. (CVE-2012-4929)\n\nNote: This update disables zlib compression, which was previously\nenabled in OpenSSL by default. Applications using OpenSSL now need to\nexplicitly enable zlib compression to use it.\n\nIt was found that OpenSSL read certain environment variables even when\nused by a privileged (setuid or setgid) application. A local attacker\ncould use this flaw to escalate their privileges. No application\nshipped with Red Hat Enterprise Linux 5 and 6 was affected by this\nproblem. (BZ#839735)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019264.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58c72720\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019630.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8bee2b33\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2013-March/000819.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9e53c11b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0166\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-0.9.8e-26.el5_9.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-devel-0.9.8e-26.el5_9.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-perl-0.9.8e-26.el5_9.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-devel-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-perl-1.0.0-27.el6_4.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-static-1.0.0-27.el6_4.2\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl-static\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T14:41:21", "description": "OpenSSL has been updated to fix several security issues :\n\n - Avoid the openssl CRIME attack by disabling SSL\n compression by default. Setting the environment variable\n 'OPENSSL_NO_DEFAULT_ZLIB' to 'no' enables compression\n again. (CVE-2012-4929)\n\n - Timing attacks against TLS could be used by physically\n local attackers to gain access to transmitted plain text\n or private keymaterial. This issue is also known as the\n 'Lucky-13' issue. (CVE-2013-0169)\n\n - A OCSP invalid key denial of service issue was fixed.\n (CVE-2013-0166)", "edition": 18, "published": "2013-03-28T00:00:00", "title": "SuSE 11.2 Security Update : OpenSSL (SAT Patch Number 7548)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "modified": "2013-03-28T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:openssl", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-hmac", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:openssl-doc", "p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-hmac-32bit"], "id": "SUSE_11_LIBOPENSSL-DEVEL-130325.NASL", "href": "https://www.tenable.com/plugins/nessus/65718", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65718);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n\n script_name(english:\"SuSE 11.2 Security Update : OpenSSL (SAT Patch Number 7548)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"OpenSSL has been updated to fix several security issues :\n\n - Avoid the openssl CRIME attack by disabling SSL\n compression by default. Setting the environment variable\n 'OPENSSL_NO_DEFAULT_ZLIB' to 'no' enables compression\n again. (CVE-2012-4929)\n\n - Timing attacks against TLS could be used by physically\n local attackers to gain access to transmitted plain text\n or private keymaterial. This issue is also known as the\n 'Lucky-13' issue. (CVE-2013-0169)\n\n - A OCSP invalid key denial of service issue was fixed.\n (CVE-2013-0166)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=802648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=802746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4929.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0166.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0169.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7548.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-hmac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libopenssl0_9_8-hmac-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openssl-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libopenssl0_9_8-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"openssl-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libopenssl0_9_8-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"openssl-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libopenssl0_9_8-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libopenssl0_9_8-hmac-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"openssl-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"openssl-doc-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"libopenssl0_9_8-32bit-0.9.8j-0.50.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"libopenssl0_9_8-hmac-32bit-0.9.8j-0.50.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:11:48", "description": "Update to 1.0.1e\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-04-03T00:00:00", "title": "Fedora 18 : mingw-openssl-1.0.1e-1.fc18 (2013-4403)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0169", "CVE-2012-4929"], "modified": "2013-04-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:mingw-openssl"], "id": "FEDORA_2013-4403.NASL", "href": "https://www.tenable.com/plugins/nessus/65776", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-4403.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65776);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0169\");\n script_xref(name:\"FEDORA\", value:\"2013-4403\");\n\n script_name(english:\"Fedora 18 : mingw-openssl-1.0.1e-1.fc18 (2013-4403)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 1.0.1e\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=920868\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1a03210e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"mingw-openssl-1.0.1e-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-openssl\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T11:54:04", "description": "Multiple vulnerabilities has been found and corrected in openssl :\n\nOpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d\ndoes not properly perform signature verification for OCSP responses,\nwhich allows remote attackers to cause a denial of service (NULL\npointer dereference and application crash) via an invalid key\n(CVE-2013-0166).\n\nThe TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as\nused in OpenSSL, OpenJDK, PolarSSL, and other products, do not\nproperly consider timing side-channel attacks on a MAC check\nrequirement during the processing of malformed CBC padding, which\nallows remote attackers to conduct distinguishing attacks and\nplaintext-recovery attacks via statistical analysis of timing data for\ncrafted packets, aka the Lucky Thirteen issue (CVE-2013-0169).\n\nThe updated packages have been upgraded to the 1.0.0k version which is\nnot vulnerable to these issues.", "edition": 25, "published": "2013-04-20T00:00:00", "title": "Mandriva Linux Security Advisory : openssl (MDVSA-2013:052)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-04-20T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:openssl", "p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl1.0.0", "p-cpe:/a:mandriva:linux:lib64openssl-devel", "p-cpe:/a:mandriva:linux:lib64openssl-static-devel"], "id": "MANDRIVA_MDVSA-2013-052.NASL", "href": "https://www.tenable.com/plugins/nessus/66066", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:052. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66066);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57778, 60268);\n script_xref(name:\"MDVSA\", value:\"2013:052\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openssl (MDVSA-2013:052)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in openssl :\n\nOpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d\ndoes not properly perform signature verification for OCSP responses,\nwhich allows remote attackers to cause a denial of service (NULL\npointer dereference and application crash) via an invalid key\n(CVE-2013-0166).\n\nThe TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as\nused in OpenSSL, OpenJDK, PolarSSL, and other products, do not\nproperly consider timing side-channel attacks on a MAC check\nrequirement during the processing of malformed CBC padding, which\nallows remote attackers to conduct distinguishing attacks and\nplaintext-recovery attacks via statistical analysis of timing data for\ncrafted packets, aka the Lucky Thirteen issue (CVE-2013-0169).\n\nThe updated packages have been upgraded to the 1.0.0k version which is\nnot vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20130204.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-engines1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64openssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-devel-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-engines1.0.0-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl-static-devel-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64openssl1.0.0-1.0.0k-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"openssl-1.0.0k-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:45:04", "description": "A flaw in the OpenSSL handling of OCSP response verification could be\nexploited to cause a denial of service attack.\n\nOpenSSL has a weakness in the handling of CBC ciphersuites in SSL, TLS\nand DTLS. The weakness could reveal plaintext in a timing attack.", "edition": 23, "published": "2013-04-08T00:00:00", "title": "FreeBSD : FreeBSD -- OpenSSL multiple vulnerabilities (69bfc852-9bd0-11e2-a7be-8c705af55518)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-04-08T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:FreeBSD"], "id": "FREEBSD_PKG_69BFC8529BD011E2A7BE8C705AF55518.NASL", "href": "https://www.tenable.com/plugins/nessus/65842", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65842);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_xref(name:\"FreeBSD\", value:\"SA-13:03.openssl\");\n\n script_name(english:\"FreeBSD : FreeBSD -- OpenSSL multiple vulnerabilities (69bfc852-9bd0-11e2-a7be-8c705af55518)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw in the OpenSSL handling of OCSP response verification could be\nexploited to cause a denial of service attack.\n\nOpenSSL has a weakness in the handling of CBC ciphersuites in SSL, TLS\nand DTLS. The weakness could reveal plaintext in a timing attack.\"\n );\n # http://www.openssl.org/news/secadv/20130205.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20130205.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/69bfc852-9bd0-11e2-a7be-8c705af55518.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6aa5fbcb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:FreeBSD\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=8.3<8.3_7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=9.0<9.0_7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=9.1<9.1_2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2018-01-22T13:09:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "Check for the Version of openssl", "modified": "2018-01-22T00:00:00", "published": "2013-03-05T00:00:00", "id": "OPENVAS:870944", "href": "http://plugins.openvas.org/nasl.php?oid=870944", "type": "openvas", "title": "RedHat Update for openssl RHSA-2013:0587-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2013:0587-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL leaked timing information when decrypting\n TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\n were used. A remote attacker could possibly use this flaw to retrieve plain\n text from the encrypted packets by using a TLS/SSL or DTLS server as a\n padding oracle. (CVE-2013-0169)\n\n A NULL pointer dereference flaw was found in the OCSP response verification\n in OpenSSL. A malicious OCSP server could use this flaw to crash\n applications performing OCSP verification by sending a specially-crafted\n response. (CVE-2013-0166)\n\n It was discovered that the TLS/SSL protocol could leak information about\n plain text when optional compression was used. An attacker able to control\n part of the plain text sent over an encrypted TLS/SSL connection could\n possibly use this flaw to recover other portions of the plain text.\n (CVE-2012-4929)\n\n Note: This update disables zlib compression, which was previously enabled\n in OpenSSL by default. Applications using OpenSSL now need to explicitly\n enable zlib compression to use it.\n\n It was found that OpenSSL read certain environment variables even when used\n by a privileged (setuid or setgid) application. A local attacker could use\n this flaw to escalate their privileges. No application shipped with Red Hat\n Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the\n system rebooted.\";\n\n\ntag_affected = \"openssl on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00001.html\");\n script_id(870944);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-05 09:42:31 +0530 (Tue, 05 Mar 2013)\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2013:0587-01\");\n script_name(\"RedHat Update for openssl RHSA-2013:0587-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-08T00:00:00", "id": "OPENVAS:1361412562310881620", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881620", "type": "openvas", "title": "CentOS Update for openssl CESA-2013:0587 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2013:0587 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019264.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881620\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:19:35 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2013:0587\");\n script_name(\"CentOS Update for openssl CESA-2013:0587 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL leaked timing information when decrypting\n TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\n were used. A remote attacker could possibly use this flaw to retrieve plain\n text from the encrypted packets by using a TLS/SSL or DTLS server as a\n padding oracle. (CVE-2013-0169)\n\n A NULL pointer dereference flaw was found in the OCSP response verification\n in OpenSSL. A malicious OCSP server could use this flaw to crash\n applications performing OCSP verification by sending a specially-crafted\n response. (CVE-2013-0166)\n\n It was discovered that the TLS/SSL protocol could leak information about\n plain text when optional compression was used. An attacker able to control\n part of the plain text sent over an encrypted TLS/SSL connection could\n possibly use this flaw to recover other portions of the plain text.\n (CVE-2012-4929)\n\n Note: This update disables zlib compression, which was previously enabled\n in OpenSSL by default. Applications using OpenSSL now need to explicitly\n enable zlib compression to use it.\n\n It was found that OpenSSL read certain environment variables even when used\n by a privileged (setuid or setgid) application. A local attacker could use\n this flaw to escalate their privileges. No application shipped with Red Hat\n Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the\n system rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2013-03-05T00:00:00", "id": "OPENVAS:1361412562310870944", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870944", "type": "openvas", "title": "RedHat Update for openssl RHSA-2013:0587-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2013:0587-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00001.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870944\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-05 09:42:31 +0530 (Tue, 05 Mar 2013)\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2013:0587-01\");\n script_name(\"RedHat Update for openssl RHSA-2013:0587-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL leaked timing information when decrypting\n TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\n were used. A remote attacker could possibly use this flaw to retrieve plain\n text from the encrypted packets by using a TLS/SSL or DTLS server as a\n padding oracle. (CVE-2013-0169)\n\n A NULL pointer dereference flaw was found in the OCSP response verification\n in OpenSSL. A malicious OCSP server could use this flaw to crash\n applications performing OCSP verification by sending a specially-crafted\n response. (CVE-2013-0166)\n\n It was discovered that the TLS/SSL protocol could leak information about\n plain text when optional compression was used. An attacker able to control\n part of the plain text sent over an encrypted TLS/SSL connection could\n possibly use this flaw to recover other portions of the plain text.\n (CVE-2012-4929)\n\n Note: This update disables zlib compression, which was previously enabled\n in OpenSSL by default. Applications using OpenSSL now need to explicitly\n enable zlib compression to use it.\n\n It was found that OpenSSL read certain environment variables even when used\n by a privileged (setuid or setgid) application. A local attacker could use\n this flaw to escalate their privileges. No application shipped with Red Hat\n Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the\n system rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~27.el6_4.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~26.el5_9.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:1361412562310881669", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881669", "type": "openvas", "title": "CentOS Update for openssl CESA-2013:0587 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2013:0587 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019630.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881669\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:01:51 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2013:0587\");\n script_name(\"CentOS Update for openssl CESA-2013:0587 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL leaked timing information when decrypting\n TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\n were used. A remote attacker could possibly use this flaw to retrieve plain\n text from the encrypted packets by using a TLS/SSL or DTLS server as a\n padding oracle. (CVE-2013-0169)\n\n A NULL pointer dereference flaw was found in the OCSP response verification\n in OpenSSL. A malicious OCSP server could use this flaw to crash\n applications performing OCSP verification by sending a specially-crafted\n response. (CVE-2013-0166)\n\n It was discovered that the TLS/SSL protocol could leak information about\n plain text when optional compression was used. An attacker able to control\n part of the plain text sent over an encrypted TLS/SSL connection could\n possibly use this flaw to recover other portions of the plain text.\n (CVE-2012-4929)\n\n Note: This update disables zlib compression, which was previously enabled\n in OpenSSL by default. Applications using OpenSSL now need to explicitly\n enable zlib compression to use it.\n\n It was found that OpenSSL read certain environment variables even when used\n by a privileged (setuid or setgid) application. A local attacker could use\n this flaw to escalate their privileges. No application shipped with Red Hat\n Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the\n system rebooted.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~27.el6_4.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~27.el6_4.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~27.el6_4.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~27.el6_4.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "Oracle Linux Local Security Checks ELSA-2013-0587", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123684", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123684", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0587", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0587.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123684\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:12 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0587\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0587 - openssl security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0587\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0587.html\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2012-4929\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~26.el5_9.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~26.el5_9.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~26.el5_9.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~27.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~27.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~27.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~27.el6_4.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-26T11:10:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "Check for the Version of openssl", "modified": "2018-01-25T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:881669", "href": "http://plugins.openvas.org/nasl.php?oid=881669", "type": "openvas", "title": "CentOS Update for openssl CESA-2013:0587 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2013:0587 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL leaked timing information when decrypting\n TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\n were used. A remote attacker could possibly use this flaw to retrieve plain\n text from the encrypted packets by using a TLS/SSL or DTLS server as a\n padding oracle. (CVE-2013-0169)\n \n A NULL pointer dereference flaw was found in the OCSP response verification\n in OpenSSL. A malicious OCSP server could use this flaw to crash\n applications performing OCSP verification by sending a specially-crafted\n response. (CVE-2013-0166)\n \n It was discovered that the TLS/SSL protocol could leak information about\n plain text when optional compression was used. An attacker able to control\n part of the plain text sent over an encrypted TLS/SSL connection could\n possibly use this flaw to recover other portions of the plain text.\n (CVE-2012-4929)\n \n Note: This update disables zlib compression, which was previously enabled\n in OpenSSL by default. Applications using OpenSSL now need to explicitly\n enable zlib compression to use it.\n \n It was found that OpenSSL read certain environment variables even when used\n by a privileged (setuid or setgid) application. A local attacker could use\n this flaw to escalate their privileges. No application shipped with Red Hat\n Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n \n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the\n system rebooted.\";\n\n\ntag_affected = \"openssl on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019630.html\");\n script_id(881669);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:01:51 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2013:0587\");\n script_name(\"CentOS Update for openssl CESA-2013:0587 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0~27.el6_4.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0~27.el6_4.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0~27.el6_4.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0~27.el6_4.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:09:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "Check for the Version of openssl", "modified": "2018-01-23T00:00:00", "published": "2013-03-08T00:00:00", "id": "OPENVAS:881620", "href": "http://plugins.openvas.org/nasl.php?oid=881620", "type": "openvas", "title": "CentOS Update for openssl CESA-2013:0587 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2013:0587 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\n and Transport Layer Security (TLS v1) protocols, as well as a\n full-strength, general purpose cryptography library.\n\n It was discovered that OpenSSL leaked timing information when decrypting\n TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\n were used. A remote attacker could possibly use this flaw to retrieve plain\n text from the encrypted packets by using a TLS/SSL or DTLS server as a\n padding oracle. (CVE-2013-0169)\n\n A NULL pointer dereference flaw was found in the OCSP response verification\n in OpenSSL. A malicious OCSP server could use this flaw to crash\n applications performing OCSP verification by sending a specially-crafted\n response. (CVE-2013-0166)\n\n It was discovered that the TLS/SSL protocol could leak information about\n plain text when optional compression was used. An attacker able to control\n part of the plain text sent over an encrypted TLS/SSL connection could\n possibly use this flaw to recover other portions of the plain text.\n (CVE-2012-4929)\n\n Note: This update disables zlib compression, which was previously enabled\n in OpenSSL by default. Applications using OpenSSL now need to explicitly\n enable zlib compression to use it.\n\n It was found that OpenSSL read certain environment variables even when used\n by a privileged (setuid or setgid) application. A local attacker could use\n this flaw to escalate their privileges. No application shipped with Red Hat\n Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735)\n\n All OpenSSL users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. For the update to take effect,\n all services linked to the OpenSSL library must be restarted, or the\n system rebooted.\";\n\n\ntag_affected = \"openssl on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019264.html\");\n script_id(881620);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:19:35 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0166\", \"CVE-2013-0169\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2013:0587\");\n script_name(\"CentOS Update for openssl CESA-2013:0587 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~26.el5_9.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:02:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-4929"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120555", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120555", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-171)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120555\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:29:30 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-171)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenSSL. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update openssl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-171.html\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2013-0169\", \"CVE-2013-0166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.0k~1.48.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-18T11:08:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0169", "CVE-2012-4929"], "description": "Check for the Version of mingw-openssl", "modified": "2018-01-17T00:00:00", "published": "2013-04-05T00:00:00", "id": "OPENVAS:865516", "href": "http://plugins.openvas.org/nasl.php?oid=865516", "type": "openvas", "title": "Fedora Update for mingw-openssl FEDORA-2013-4403", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-openssl FEDORA-2013-4403\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The OpenSSL toolkit provides support for secure communications between\n machines. OpenSSL includes a certificate management tool and shared\n libraries which provide various cryptographic algorithms and\n protocols.\n\n This package contains Windows (MinGW) libraries and development tools.\";\n\n\ntag_affected = \"mingw-openssl on Fedora 18\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865516);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:43:08 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for mingw-openssl FEDORA-2013-4403\");\n\n script_xref(name: \"FEDORA\", value: \"2013-4403\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of mingw-openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-openssl\", rpm:\"mingw-openssl~1.0.1e~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0169", "CVE-2012-4929"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-04-05T00:00:00", "id": "OPENVAS:1361412562310865516", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865516", "type": "openvas", "title": "Fedora Update for mingw-openssl FEDORA-2013-4403", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-openssl FEDORA-2013-4403\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865516\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:43:08 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-0169\", \"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for mingw-openssl FEDORA-2013-4403\");\n script_xref(name:\"FEDORA\", value:\"2013-4403\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"mingw-openssl on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-openssl\", rpm:\"mingw-openssl~1.0.1e~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4929", "CVE-2013-0169"], "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows (MinGW) libraries and development tools. ", "modified": "2013-04-03T04:51:11", "published": "2013-04-03T04:51:11", "id": "FEDORA:BA848210A3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: mingw-openssl-1.0.1e-1.fc18", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "modified": "2013-03-02T19:55:52", "published": "2013-03-02T19:55:52", "id": "FEDORA:C041720764", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: openssl-1.0.1e-3.fc18", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2333", "CVE-2013-0166", "CVE-2013-0169"], "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "modified": "2013-03-08T00:02:36", "published": "2013-03-08T00:02:36", "id": "FEDORA:811AA20A83", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: openssl-1.0.0k-1.fc17", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:38", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "\n\nA flaw in the OpenSSL handling of OCSP response\n\t verification could be exploited to cause a denial of\n\t service attack.\nOpenSSL has a weakness in the handling of CBC\n\t ciphersuites in SSL, TLS and DTLS. The weakness could reveal\n\t plaintext in a timing attack.\n\n", "edition": 4, "modified": "2016-08-09T00:00:00", "published": "2013-04-02T00:00:00", "id": "69BFC852-9BD0-11E2-A7BE-8C705AF55518", "href": "https://vuxml.freebsd.org/freebsd/69bfc852-9bd0-11e2-a7be-8c705af55518.html", "title": "FreeBSD -- OpenSSL multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:41", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-2686"], "description": "\nOpenSSL security team reports:\n\nA flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1\n\t and TLS 1.2 on AES-NI supporting platforms can be exploited in a\n\t DoS attack.\nA flaw in the OpenSSL handling of OCSP response verification can\n\t be exploited in a denial of service attack.\n\n", "edition": 4, "modified": "2013-02-05T00:00:00", "published": "2013-02-05T00:00:00", "id": "00B0D8CD-7097-11E2-98D9-003067C2616F", "href": "https://vuxml.freebsd.org/freebsd/00b0d8cd-7097-11e2-98d9-003067c2616f.html", "title": "OpenSSL -- TLS 1.1, 1.2 denial of service", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:12:28", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2621-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nFebruary 13, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-0166 CVE-2013-0169\nDebian Bug : 699889\n\nMultiple vulnerabilities have been found in OpenSSL. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-0166\n\n OpenSSL does not properly perform signature verification for OCSP\n responses, which allows remote attackers to cause a denial of\n service via an invalid key.\n\nCVE-2013-0169\n\n A timing side channel attack has been found in CBC padding\n allowing an attacker to recover pieces of plaintext via statistical\n analysis of crafted packages, known as the "Lucky Thirteen" issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.9.8o-4squeeze14.\n\nFor the testing distribution (wheezy), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.1e-1.\n\nWe recommend that you upgrade your openssl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2013-02-13T20:08:31", "published": "2013-02-13T20:08:31", "id": "DEBIAN:DSA-2621-1:52BC0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00026.html", "title": "[SECURITY] [DSA 2621-1] openssl security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-11T13:21:21", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4929"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2627-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nFebruary 17, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : nginx\nVulnerability : information leak\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-4929\nDebian Bug : 700426\n\nJuliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\n'CRIME', allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update to nginx disables\nSSL compression.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.7.67-3+squeeze3.\n\nFor the testing distribution (wheezy), and unstable distribution (sid),\nthis problem has been fixed in version 1.1.16-1.\n\nWe recommend that you upgrade your nginx packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2013-02-17T11:15:00", "published": "2013-02-17T11:15:00", "id": "DEBIAN:DSA-2627-1:E508D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00032.html", "title": "[SECURITY] [DSA 2627-1] nginx security update", "type": "debian", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2019-05-29T14:33:37", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation (including all applications\nand configuration files).\n\nAll users of JBoss Enterprise Application Platform 5.2.0 for Solaris and\nMicrosoft Windows as provided from the Red Hat Customer Portal are advised\nto apply this update.", "modified": "2019-02-20T17:35:50", "published": "2013-05-01T21:58:17", "id": "RHSA-2013:0783", "href": "https://access.redhat.com/errata/RHSA-2013:0783", "type": "redhat", "title": "(RHSA-2013:0783) Moderate: openssl security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:15", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2686", "CVE-2012-4929", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-4353", "CVE-2013-6449", "CVE-2013-6450", "CVE-2014-0160"], "description": "Red Hat Enterprise Virtualization Manager provides access to virtual\nmachines using SPICE. These SPICE client packages provide the SPICE client\nand usbclerk service for both Windows 32-bit operating systems and Windows\n64-bit operating systems.\n\nThe rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE\nclient. OpenSSL, a general purpose cryptography library with a TLS\nimplementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer\npackage has been updated to correct the following issues:\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the way OpenSSL handled\nTLS/SSL protocol handshake packets. A specially crafted handshake packet\ncould cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nThe updated mingw-virt-viewer Windows SPICE client further includes OpenSSL\nsecurity fixes that have no security impact on mingw-virt-viewer itself.\nThe security fixes included in this update address the following CVE\nnumbers:\n\nCVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166\n\nAll Red Hat Enterprise Virtualization Manager users are advised to upgrade\nto these updated packages, which address these issues.\n", "modified": "2018-06-07T09:00:06", "published": "2014-04-17T04:00:00", "id": "RHSA-2014:0416", "href": "https://access.redhat.com/errata/RHSA-2014:0416", "type": "redhat", "title": "(RHSA-2014:0416) Important: rhevm-spice-client security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:26", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4929", "CVE-2012-6075", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-0228", "CVE-2013-0268", "CVE-2013-0292", "CVE-2013-0338", "CVE-2013-0871", "CVE-2013-1619"], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way QEMU-KVM emulated the e1000 network interface\ncard when the host was configured to accept jumbo network frames, and a\nguest using the e1000 emulated driver was not. A remote attacker could use\nthis flaw to crash the guest or, potentially, execute arbitrary code with\nroot privileges in the guest. (CVE-2012-6075)\n\nIt was discovered that GnuTLS leaked timing information when decrypting\nTLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A\nremote attacker could possibly use this flaw to retrieve plain text from\nthe encrypted packets by using a TLS/SSL server as a padding oracle.\n(CVE-2013-1619)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2013-0292 (dbus-glib issue)\n\nCVE-2013-0228, CVE-2013-0268, and CVE-2013-0871 (kernel issues)\n\nCVE-2013-0338 (libxml2 issue)\n\nThis update contains the builds from the following errata:\n\novirt-node: RHBA-2013:0634\n https://rhn.redhat.com/errata/RHBA-2013-0634.html\nkernel: RHSA-2013:0630\n https://rhn.redhat.com/errata/RHSA-2013-0630.html\ndbus-glib: RHSA-2013:0568\n https://rhn.redhat.com/errata/RHSA-2013-0568.html\nlibcgroup: RHBA-2013:0560\n https://rhn.redhat.com/errata/RHBA-2013-0560.html\nvdsm: RHBA-2013:0635\n https://rhn.redhat.com/errata/RHBA-2013-0635.html\nselinux-policy: RHBA-2013:0618\n https://rhn.redhat.com/errata/RHBA-2013-0618.html\nqemu-kvm-rhev: RHSA-2013:0610\n https://rhn.redhat.com/errata/RHSA-2013-0610.html\nglusterfs: RHBA-2013:0620\n https://rhn.redhat.com/errata/RHBA-2013-0620.html\ngnutls: RHSA-2013:0588\n https://rhn.redhat.com/errata/RHSA-2013-0588.html\nipmitool: RHBA-2013:0572\n https://rhn.redhat.com/errata/RHBA-2013-0572.html\nlibxml2: RHSA-2013:0581\n https://rhn.redhat.com/errata/RHSA-2013-0581.html\nopenldap: RHBA-2013:0598\n https://rhn.redhat.com/errata/RHBA-2013-0598.html\nopenssl: RHSA-2013:0587\n https://rhn.redhat.com/errata/RHSA-2013-0587.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "modified": "2018-06-07T08:59:36", "published": "2013-03-13T04:00:00", "id": "RHSA-2013:0636", "href": "https://access.redhat.com/errata/RHSA-2013:0636", "type": "redhat", "title": "(RHSA-2013:0636) Important: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "aix": [{"lastseen": "2019-05-29T19:19:11", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nIBM SECURITY ADVISORY\n\nFirst Issued: Fri Mar 15 03:20:11 CDT 2013\n\nThe most recent version of this document is available here:\n| Updated: Wed Jun 5 10:22:29 CDT 2013\n| Update: Fix available for FIPS version\n| Update: Corrected CVSS base score and vector\n\nhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc\nor\nftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc\n===============================================================================\n VULNERABILITY SUMMARY\n\nVULNERABILITY: Multiple OpenSSL vulnerabilities \n\nPLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.X\n\nSOLUTION: Apply the fix as described below.\n\nTHREAT: See below\n\nCVE Numbers: CVE-2013-0169\n CVE-2013-0166\n\nReboot required? NO\nWorkarounds? NO\nProtected by FPM? NO\nProtected by SED? NO\n===============================================================================\n DETAILED INFORMATION\n\nI. DESCRIPTION (From cve.mitre.org)\n \n CVE-2013-0169\n The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as\n used in OpenSSL, OpenJDK, PolarSSL, and other products, do not\n properly consider timing side-channel attacks on a MAC check \n requirement during the processing of malformed CBC padding, which \n allows remote attackers to conduct distinguishing attacks and \n plaintext-recovery attacks via statistical analysis of timing data\n for crafted packets, aka the \"Lucky Thirteen\" issue. \n\n CVE-2013-0166\n OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d \n does not properly perform signature verification for OCSP responses,\n which allows remote attackers to cause a denial of service (NULL \n pointer dereference and application crash) via an invalid key. \n\n Please see the following for more information:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166\n\nII. CVSS\n\n CVE-2013-0169\n| CVSS Base Score: 4.3\n CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/81902 for the\n current score\n CVSS Environmental Score*: Undefined\n| CVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2013-0166\n CVSS Base Score: 5.0\n CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/81904 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\nIII. PLATFORM VULNERABILITY ASSESSMENT\n\n To determine if your system is vulnerable, execute the following\n command:\n\n lslpp -L openssl.base\n\n On VIO Server:\n\n oem_setup_env\n lslpp -L openssl.base\n\n The following fileset levels are vulnerable:\n\n AIX 7.1, 6.1, 5.3: all versions less than or equal 0.9.8.2400\n AIX 7.1, 6.1, 5.3: FIPS capable versions less than or equal 12.9.8.2400\n VIOS 2.X: all versions less than or equal 0.9.8.2400\n\n IMPORTANT: If AIX OpenSSH is in use, it must be updated to version\n OpenSSH 6.0 or later, depending on the OpenSSL version according to\n following compatibility matrix:\n\n AIX OpenSSL OpenSSH\n ------------------------------------------------------------------\n 5.3,6.1,7.1 OpenSSL 0.9.8.25xx OpenSSH 6.0.0.61xx\n (Available)\n\n 5.3,6.1,7.1 OpenSSL-fips 12.9.8.25xx OpenSSH 6.0.0.61xx \n| (Available)\n\n VIOS OpenSSL OpenSSH\n ------------------------------------------------------------------\n 2.X OpenSSL 0.9.8.25xx OpenSSH 6.0.0.61xx\n (Available)\n\n AIX OpenSSH can be downloaded from:\n\n OpenSSH 6.0:\n http://sourceforge.net/projects/openssh-aix\n OpenSSH 6.0.0.61xx\n https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\n\nIV. FIXES\n\n A fix is available, and it can be downloaded from:\n\n https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp\n\n To extract the fixes from the tar file:\n\n zcat openssl-0.9.8.2500.tar.Z | tar xvf -\n or\n zcat openssl-fips-12.9.8.2500.tar.Z | tar xvf -\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview the fix installation:\n\n installp -apYd . openssl\n\n To install the fix package:\n\n installp -aXYd . openssl\n\nV. WORKAROUNDS\n\n There are no workarounds.\n\nVI. CONTACT INFORMATION\n\n If you would like to receive AIX Security Advisories via email,\n please visit:\n\n http://www.ibm.com/systems/support\n\n and click on the \"My notifications\" link.\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team you can either:\n\n A. Send an email with \"get key\" in the subject line to:\n\n security-alert@austin.ibm.com\n\n B. Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pgpkey.txt\n\n C. Download the key from a PGP Public Key Server. The key ID is:\n\n\t 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n eServer is a trademark of International Business Machines\n Corporation. IBM, AIX and pSeries are registered trademarks of\n International Business Machines Corporation. All other trademarks\n are property of their respective holders.\n\n\nVII. REFERENCES:\n\n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/81902\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/81904\n CVE-2013-0169: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169\n CVE-2013-0166: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166\n\n *The CVSS Environment Score is customer environment specific and will\n ultimately impact the Overall CVSS Score. Customers can evaluate the\n impact of this vulnerability in their environments by accessing the links\n in the Reference section of this Flash.\n\n Note: According to the Forum of Incident Response and Security Teams\n (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry\n open standard designed to convey vulnerability severity and help to\n determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES\n \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF\n MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE\n RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY\n VULNERABILITY.\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (AIX)\n\niEYEARECAAYFAlGvV/sACgkQ4fmd+Ci/qhLVQQCfaZYvgKSY8UCYj6RJPbMaXlb3\nAxgAn0+qF+xmWSKNT6+43X/h/usZa3Bl\n=q2Sm\n-----END PGP SIGNATURE-----\n", "edition": 4, "modified": "2013-06-05T10:22:29", "published": "2013-03-15T03:20:11", "id": "OPENSSL_ADVISORY5.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory5.asc", "title": "Multiple OpenSSL vulnerabilities", "type": "aix", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:39:54", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-2686"], "description": "Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly \nhandled certain crafted CBC data when used with AES-NI. A remote attacker \ncould use this issue to cause OpenSSL to crash, resulting in a denial of \nservice. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. \n(CVE-2012-2686)\n\nStephen Henson discovered that OpenSSL incorrectly performed signature \nverification for OCSP responses. A remote attacker could use this issue to \ncause OpenSSL to crash, resulting in a denial of service. (CVE-2013-0166)\n\nNadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used \nin OpenSSL was vulnerable to a timing side-channel attack known as the \n\"Lucky Thirteen\" issue. A remote attacker could use this issue to perform \nplaintext-recovery attacks via analysis of timing data. (CVE-2013-0169)", "edition": 5, "modified": "2013-02-21T00:00:00", "published": "2013-02-21T00:00:00", "id": "USN-1732-1", "href": "https://ubuntu.com/security/notices/USN-1732-1", "title": "OpenSSL vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-02T11:43:47", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4929"], "description": "Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer \nSecurity (TLS) protocol when it is used with data compression. If an \nattacker were able to perform a man-in-the-middle attack, this flaw \ncould be exploited to view sensitive information. This update disables \nTLS data compression in Qt by default.", "edition": 5, "modified": "2012-11-08T00:00:00", "published": "2012-11-08T00:00:00", "id": "USN-1628-1", "href": "https://ubuntu.com/security/notices/USN-1628-1", "title": "Qt vulnerability", "type": "ubuntu", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-07-15T01:42:24", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4929"], "description": "The TLS protocol 1.2 and earlier can encrypt compressed data without \nproperly obfuscating the length of the unencrypted data, which allows \nman-in-the-middle attackers to obtain plaintext content by observing \nlength differences during a series of guesses in which a provided string \npotentially matches an unknown string in encrypted and compressed traffic. \nThis is known as a CRIME attack in HTTP. Other protocols layered on top of \nTLS may also make these attacks practical.\n\nThis update disables compression for all programs using SSL and TLS \nprovided by the OpenSSL library. To re-enable compression for programs \nthat need compression to communicate with legacy services, define the \nvariable OPENSSL_DEFAULT_ZLIB in the program's environment.", "edition": 6, "modified": "2013-07-04T00:00:00", "published": "2013-07-04T00:00:00", "id": "USN-1898-1", "href": "https://ubuntu.com/security/notices/USN-1898-1", "title": "OpenSSL vulnerability", "type": "ubuntu", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "slackware": [{"lastseen": "2019-05-30T07:36:56", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2012-2686"], "description": "New openssl packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37,\n14.0, and -current to fix security issues.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/openssl-1.0.1d-i486-1_slack14.0.txz: Upgraded.\n Make the decoding of SSLv3, TLS and DTLS CBC records constant time.\n This addresses the flaw in CBC record processing discovered by\n Nadhem Alfardan and Kenny Paterson. Details of this attack can be found\n at: http://www.isg.rhul.ac.uk/tls/\n Thanks go to Nadhem Alfardan and Kenny Paterson of the Information\n Security Group at Royal Holloway, University of London\n (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and\n Emilia Käsper for the initial patch.\n (CVE-2013-0169)\n [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]\n Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode\n ciphersuites which can be exploited in a denial of service attack.\n Thanks go to and to Adam Langley <agl@chromium.org> for discovering\n and detecting this bug and to Wolfgang Ettlinger\n <wolfgang.ettlinger@gmail.com> for independently discovering this issue.\n (CVE-2012-2686)\n [Adam Langley]\n Return an error when checking OCSP signatures when key is NULL.\n This fixes a DoS attack. (CVE-2013-0166)\n [Steve Henson]\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2686\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1d-i486-1_slack14.0.txz: Upgraded.\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-0.9.8y-i486-1_slack12.1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-solibs-0.9.8y-i486-1_slack12.1.tgz\n\nUpdated packages for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8y-i486-1_slack12.2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8y-i486-1_slack12.2.tgz\n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8y-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8y-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8y-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8y-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8y-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8y-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8y-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8y-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8y-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8y-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8y-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8y-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1d-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1d-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1d-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1d-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1d-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1d-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1d-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1d-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 packages:\n5193bca00070ccac309ea3384e67a657 openssl-0.9.8y-i486-1_slack12.1.tgz\n76fb6bede444b059e575777092c78575 openssl-solibs-0.9.8y-i486-1_slack12.1.tgz\n\nSlackware 12.2 packages:\n5a3167936ba69442a795ed62f1ec29b2 openssl-0.9.8y-i486-1_slack12.2.tgz\ned20f551e0912a5f708da9a3c4d7ac5e openssl-solibs-0.9.8y-i486-1_slack12.2.tgz\n\nSlackware 13.0 packages:\nf059432e11a6b17643e7b8f1d78c5ce3 openssl-0.9.8y-i486-1_slack13.0.txz\n46c623b2e58053d308b3d9eb735be26b openssl-solibs-0.9.8y-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n4fb6f07f85ec4ea26cc67d8b1c037fa9 openssl-0.9.8y-x86_64-1_slack13.0.txz\n55bafd74f182806b1dcd076f31683743 openssl-solibs-0.9.8y-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n9713a64881622c63d0756ec9a5914980 openssl-0.9.8y-i486-1_slack13.1.txz\n5d8e3984389bd080bc37b9d1276c7a7d openssl-solibs-0.9.8y-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n821c76387f3ffa388af9e5bf81185758 openssl-0.9.8y-x86_64-1_slack13.1.txz\nb6d525a53b4cda641166f19ee70a9650 openssl-solibs-0.9.8y-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n5195be05b85f5eb2bd4bf9ebf0a73ff9 openssl-0.9.8y-i486-1_slack13.37.txz\n5248a839148fa91de52361335dc051f5 openssl-solibs-0.9.8y-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n15e13676d0def5f0dac1e7a4704e0016 openssl-0.9.8y-x86_64-1_slack13.37.txz\nd4e5bd308d2e918c6bd7616343370c49 openssl-solibs-0.9.8y-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n736ca80a05b57a6f9bf2821405757466 openssl-1.0.1d-i486-1_slack14.0.txz\n32aba4ad2fb26b5fb38fc4e5016dbc0f openssl-solibs-1.0.1d-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n8c227f3b54e4650971e965d64d99713b openssl-1.0.1d-x86_64-1_slack14.0.txz\n6dbd931a3718de68d42f20db99c4f578 openssl-solibs-1.0.1d-x86_64-1_slack14.0.txz\n\nSlackware -current packages:\n9a8de5df0464c0c9e2032edba2ffbd61 a/openssl-solibs-1.0.1d-i486-1.txz\nb4a36988d1c355041d2179d5f7190c92 n/openssl-1.0.1d-i486-1.txz\n\nSlackware x86_64 -current packages:\n35e1b575b406bc8a646f620467d4a27d a/openssl-solibs-1.0.1d-x86_64-1.txz\n063e0baf782651bdcab8c56f30df651d n/openssl-1.0.1d-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-1.0.1d-i486-1_slack14.0.txz openssl-solibs-1.0.1d-i486-1_slack14.0.txz", "modified": "2013-02-09T15:03:57", "published": "2013-02-09T15:03:57", "id": "SSA-2013-040-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.839296", "type": "slackware", "title": "openssl", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "hackerone": [{"lastseen": "2019-01-09T00:02:37", "bulletinFamily": "bugbounty", "bounty": 0.0, "cvelist": [], "description": "Hello security team,\n\nThe site legalrobot.com is potentially vulnerable to the Lucky13.\n\nReference: \n---------\nhttps://bugzilla.redhat.com/show_bug.cgi?id=907589", "modified": "2017-07-30T20:13:10", "published": "2017-07-30T20:00:47", "id": "H1:255041", "href": "https://hackerone.com/reports/255041", "type": "hackerone", "title": "Legal Robot: LUCKY13 (CVE-2013-0169) effects legalrobot.com", "cvss": {"score": 0.0, "vector": "NONE"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "cvelist": ["CVE-2013-0166", "CVE-2013-0169", "CVE-2013-1619", "CVE-2013-1622", "CVE-2013-1621"], "description": "Timing attacks, DoS.", "edition": 1, "modified": "2013-03-02T00:00:00", "published": "2013-03-02T00:00:00", "id": "SECURITYVULNS:VULN:12887", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12887", "title": "OpenSSL / PolarSSL / GnuTLS security vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "threatpost": [{"lastseen": "2018-10-06T23:00:41", "bulletinFamily": "info", "cvelist": ["CVE-2012-4929"], "description": "Apple has updated both OS X and its Safari browser, fixing a pile of security vulnerabilities, many of which can be used for remote code execution. The release of OS X Mountain Lion 10.8.4 includes patches for more than 30 bugs, most notably a set of fixes for vulnerabilities in Ruby, some of which are being exploited at this point.\n\nThis is a major security fix for OS X and in addition to the large set of patches for Ruby, there also is a long list of fixes for vulnerabilities in OpenSSL. One of the vulnerabilities fixed in OpenSSL is CVE-2012-4929, the bug that covers the compression attack on TLS 1.0 developed by security researchers Thai Duong and Juliano Rizzo. Known as the [CRIME attack](<https://threatpost.com/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312/>), the technique enables an attacker to decrypt SSL-protected sessions under some circumstances.\n\nApple also fixed 12 other vulnerabilities in OpenSSL by updating it to the most recent version, 0.9.8x.\n\n[Apple OS X 10.8.4](<http://support.apple.com/kb/HT5784>) also fixes a number of vulnerabilities in Ruby that caused weaknesses in applications built on Ruby on Rails.\n\n\u201cMultiple vulnerabilities existed in Ruby on Rails, the most serious of which may lead to arbitrary code execution on systems running Ruby on Rails applications. These issues were addressed by updating Ruby on Rails to version 2.3.18. This issue may affect OS X Lion or OS X Mountain Lion systems that were upgraded from Mac OS X 10.6.8 or earlier. Users can update affected gems on such systems by using the /usr/bin/gem utility,\u201d Apple said in its advisory.\n\nThe patch also includes fixes for several vulnerabilities in QuickTime as well as in other components of the operating system.\n\nAs far as Safari is concerned, the release of [Safari 6.0.5](<http://support.apple.com/kb/HT5785>) is essentially a massive fix for WebKit. The new version of the browser contains more than 25 patches for WebKit vulnerabilities.\n\n_Image from Flickr photostream of [Codexian](<https://secure.flickr.com/photos/10995346@N03/>). _\n", "modified": "2013-06-06T16:34:26", "published": "2013-06-05T09:51:54", "id": "THREATPOST:ADCFAD1BAEEB329FD319FED1F0A4A6E2", "href": "https://threatpost.com/apple-patches-mass-of-security-bugs-in-os-x-and-safari/100881/", "type": "threatpost", "title": "Apple Patches Mass of Security Bugs in OS X and Safari", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "jvn": [{"lastseen": "2019-05-29T17:21:30", "bulletinFamily": "info", "cvelist": ["CVE-2012-4929"], "description": "\n ## Description\n\nThe TLS protocol contains a function that compresses data for communications between the client and server. This function does not properly obfuscate the length of the unencrypted data. When this function is enabled on both the client and server, it results in a vulnerability where plaintext HTTP headers may be obtained. The TLS implementation in Android OS is affected by this vulnerability. \nExploiting this vulnerability to obtain plaintext HTTP headers is referred to as the CRIME attack.\n\n ## Impact\n\nA man-in-the-middle attacker performing the CRIME attack may obtain plaintext HTTP headers.\n\n ## Solution\n\n**Apply an update** \nApply the update according to the information provided by the provider or developer.\n\n ## Products Affected\n\n * Android OS versions 4.1.2 and earlier\n", "edition": 4, "modified": "2016-07-26T00:00:00", "published": "2016-07-22T00:00:00", "id": "JVN:65273415", "href": "http://jvn.jp/en/jp/JVN65273415/index.html", "title": "JVN#65273415: Android OS issue where it is affected by the CRIME attack", "type": "jvn", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}]}
