9 matches found
openSUSE: Security Advisory for keylime (SUSE-SU-2023:3525-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 9 : keylime (ELSA-2023-5080)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5080 advisory. - Fix registrar is subject to a DoS against SSL CVE-2023-38200 Resolves: rhbz2222694 Tenable has extracted the preceding description block directly fro...
Moderate: Red Hat Security Advisory: keylime security update
An update for keylime is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2023:5080 Moderate: keylime security update
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: registrar is subject to a DoS against SSL connections CVE-2023-38200 Keylime: challenge-response protocol bypass during agent registration CVE-2023-38201 For more...
RHEL 9 : keylime (RHSA-2023:5080)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5080 advisory. Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: registra...
SUSE SLED15: keylime-agent / keylime-config / keylime-firewalld / etc (SUSE-SU-2023:3525-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3525-1 advisory. - CVE-2023-38201: Fixed a bug to avoid leaks of the authorization tag. bsc1213314 Tenable has extracted t...
SUSE-SU-2023:3525-1 Security update for keylime
This update for keylime fixes the following issues: - CVE-2023-38201: Fixed a bug to avoid leaks of the authorization tag. bsc1213314...
CVE-2023-38201
creationtimestamp| type| source ---|---|--- 2023-08-25 20:15:10+00:00| seen| https://t.me/cibsecurity/69197...
CVE-2023-38201
CVE-2023-38201 is a vulnerability in Keylime's registrar where the challenge-response during agent registration can be bypassed, enabling impersonation of an agent and potentially compromising the integrity of the registrar database. Reported across multiple advisories (e.g., ALSA-2023:5080, ELSA...