ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities

2014-04-07T00:00:00

Description

ESA-2013-039.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities EMC Identifier: ESA-2013-039 CVE Identifier: CVE-2011-3389, CVE-2013-0169 Severity Rating: CVSS v2 Base Score: Refer NVD (http://nvd.nist.gov/) for individual scores for each CVE Affected Products: For the BEAST vulnerability, all versions of RSA BSAFE SSL-J except for 6.1.2 and 5.1.4 are affected. For the Lucky Thirteen vulnerability, all versions of RSA BSAFE SSL-J except for 6.0.1, 6.1.2, 5.1.2, 5.1.3 and 5.1.4 are affected. Unaffected Products: RSA BSAFE SSL-J 6.1.2 and 5.1.4 (newly released) Summary: RSA BSAFE SSL-J 6.1.2 and 5.1.4 contain updates designed to help prevent the BEAST vulnerability (CVE-2011-3389). RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain updates designed to help prevent the SSL/TLS Plaintext Recovery (aka Lucky Thirteen) vulnerability (CVE-2013-0169). Details: BEAST There is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important. The BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time. Lucky Thirteen Researchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS. The “Lucky Thirteen” attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. Details of this attack can be found at: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf Recommendation: For the BEAST vulnerability: The best way to help prevent the BEAST attack is to use TLS v1.1 or higher. The vulnerability to do with IV generation was fixed in TLS v1.1 (released in 2006) so implementations using only TLS v1.1 or v1.2 are engineered to be secure against the BEAST exploit. However, support for these higher level protocols is limited to a smaller number of applications, so supporting only TLS v1.1 or v1.2 might cause interoperability issues. A second solution is to limit the negotiated cipher suites to exclude those that do not require symmetric key algorithms in CBC mode. However, this substantially restricts the number of cipher suites that can be negotiated. That is, only cipher suites with NULL encryption or cipher suites with streaming encryption algorithms (the RC4 algorithm) could be negotiated, which might result in reduced security. First block splitting for SSLv3 or TLS v1.0 communications, as a prevention against the BEAST exploit, introduced in SSL-J 6.0.1 and SSL-J 5.1.2 is not working. In SSL-J 6.1.2 and 5.1.4, the way to prevent the BEAST exploit is to introduce some unknown data into the encryption scheme, prior to the attackers inserted plain text data. This is done as follows: 1. The first plaintext write will result in one or more encrypted records as usual. 2. The second and subsequent writes are “split”. That is, each write will generate two or more records such that the first encrypted record contains only one byte of plaintext. 3. A MAC is generated from the one byte of data and the MAC key. This MAC is appended to the plaintext for the record to be encrypted prior to being encrypted. The splitting of the encrypted records generated by the second and subsequent writes ensures that the attacker never sees a cipher text block that immediately precedes a cipher text block generated from their chosen plaintext. This ensures that it is impossible for an attacker to predict the IV that will be used to encrypt their chosen plain text and hence the attack cannot be executed. Note the following about first block splitting: - Splitting only occurs: o For negotiated cipher suites that use CBC mode. o For protocols SSLv3 or TLS v1.0. - Only application data packets are spilt. Handshake packets are not split, - Blocks of plaintext are split for each subsequent call to write data to the SSL connection after the first write is sent. For RSA BSAFE SSL-J 6.1.2 and 5.1.4, record splitting is engineered to be enabled by default for vulnerable cipher suites, making the application secure by default. If required, the application can disable record splitting by setting the system property jsse.enableCBCProtection: • Using the following Java code: System.setProperty("jsse.enableCBCProtection", "false"); OR • On the Java command line, passing the following argument: -Djsse.enableCBCProtection=”false” For more information about setting security properties, see section System and Security Properties in the RSA BSAFE SSL-J Developer Guide. For the Lucky Thirteen vulnerability: RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain a patch that is designed to help ensure that MAC checking is time invariant in servers. Customers can also protect against the Lucky Thirteen attack by disabling CBC mode cipher suites on clients and servers. Cipher suites that use RC4 and, if TLS 1.2 is available, AES-GCM can be used. RSA recommends that customers on RSA BSAFE SSL-J 5.1.x (or lower) and 6.x upgrade to RSA BSAFE SSL-J 5.1.4 and 6.1.2 respectively to resolve both the BEAST and the Lucky Thirteen vulnerabilities. Obtaining Downloads: To request your upgrade of the software, please call your local support telephone number (contact phone numbers are available at http://www.emc.com/support/rsa/contact/phone-numbers.htm) for most expedient service. Obtaining Documentation: To obtain RSA documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click Products in the top navigation menu. Select the specific product whose documentation you want to obtain. Scroll to the section for the product version that you want and click the set link. Severity Rating: For an explanation of Severity Ratings, refer to the Knowledge Base Article, “Security Advisories Severity Rating” at https://knowledge.rsasecurity.com/scolcms/knowledge.aspx?solution=a46604. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. Obtaining More Information: For more information about RSA products, visit the RSA web site at http://www.rsa.com. Getting Support and Service: For customers with current maintenance contracts, contact your local RSA Customer Support center with any additional questions regarding this RSA SecurCare Note. For contact telephone numbers or e-mail addresses, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com, click Help & Contact, and then click the Contact Us - Phone tab or the Contact Us - Email tab. General Customer Support Information: http://www.emc.com/support/rsa/index.htm RSA SecurCare Online: https://knowledge.rsasecurity.com EOPS Policy: RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details. http://www.emc.com/support/rsa/eops/index.htm SecurCare Online Security Advisories RSA, The Security Division of EMC, distributes SCOL Security Advisories in order to bring to the attention of users of the affected RSA products important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaim all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall RSA or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. About RSA SecurCare Notes & Security Advisories Subscription RSA SecurCare Notes & Security Advisories are targeted e-mail messages that RSA sends you based on the RSA product family you currently use. If you’d like to stop receiving RSA SecurCare Notes & Security Advisories, or if you’d like to change which RSA product family Notes & Security Advisories you currently receive, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view3. Following the instructions on the page, remove the check mark next to the RSA product family whose Notes & Security Advisories you no longer want to receive. Click the Submit button to save your selection. Sincerely, RSA Customer Support -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (Cygwin) iEYEARECAAYFAlM9gG8ACgkQtjd2rKp+ALxfXACfcBq3ox0rrD8Xtn+ReCya0oB9 huMAn36FiacTbJug8gvKyI+9IA9tVQFR =I/i+ -----END PGP SIGNATURE-----

{"id": "SECURITYVULNS:DOC:30449", "vendorId": null, "type": "securityvulns", "bulletinFamily": "software", "title": "ESA-2013-039: RSA BSAFE\u00ae SSL-J Multiple Vulnerabilities", "description": "\r\n\r\n\r\n\r\nESA-2013-039.txt\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nESA-2013-039: RSA BSAFE\u00ae SSL-J Multiple Vulnerabilities\r\n\r\n\r\nEMC Identifier: ESA-2013-039\r\n\r\n \r\n\r\nCVE Identifier: CVE-2011-3389, CVE-2013-0169\r\n\r\n \r\n\r\nSeverity Rating: CVSS v2 Base Score: Refer NVD (http://nvd.nist.gov/) for individual scores for each CVE\r\n\r\n \r\n\r\nAffected Products:\r\n\r\nFor the BEAST vulnerability, all versions of RSA BSAFE SSL-J except for 6.1.2 and 5.1.4 are affected.\r\n\r\nFor the Lucky Thirteen vulnerability, all versions of RSA BSAFE SSL-J except for 6.0.1, 6.1.2, 5.1.2, 5.1.3 and 5.1.4 are affected.\r\n\r\n \r\n\r\nUnaffected Products:\r\n\r\nRSA BSAFE SSL-J 6.1.2 and 5.1.4 (newly released)\r\n\r\n \r\n\r\nSummary: \r\n\r\nRSA BSAFE SSL-J 6.1.2 and 5.1.4 contain updates designed to help prevent the BEAST vulnerability (CVE-2011-3389). RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain updates designed to help prevent the SSL/TLS Plaintext Recovery (aka Lucky Thirteen) vulnerability (CVE-2013-0169).\r\n\r\n \r\n\r\nDetails: \r\n\r\nBEAST\r\n\r\nThere is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important.\r\n\r\nThe BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time.\r\n\r\n \r\n\r\nLucky Thirteen\r\n\r\nResearchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS. The \u201cLucky Thirteen\u201d attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.\r\n\r\n \r\n\r\nDetails of this attack can be found at: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\r\n\r\n \r\n\r\nRecommendation:\r\n\r\n \r\n\r\nFor the BEAST vulnerability:\r\n\r\nThe best way to help prevent the BEAST attack is to use TLS v1.1 or higher. The vulnerability to do with IV generation was fixed in TLS v1.1 (released in 2006) so implementations using only TLS v1.1 or v1.2 are engineered to be secure against the BEAST exploit. However, support for these higher level protocols is limited to a smaller number of applications, so supporting only TLS v1.1 or v1.2 might cause interoperability issues.\r\n\r\nA second solution is to limit the negotiated cipher suites to exclude those that do not require symmetric key algorithms in CBC mode. However, this substantially restricts the number of cipher suites that can be negotiated. That is, only cipher suites with NULL encryption or cipher suites with streaming encryption algorithms (the RC4 algorithm) could be negotiated, which might result in reduced security.\r\n\r\n \r\n\r\nFirst block splitting for SSLv3 or TLS v1.0 communications, as a prevention against the BEAST exploit, introduced in SSL-J 6.0.1 and SSL-J 5.1.2 is not working.\r\n\r\n \r\n\r\nIn SSL-J 6.1.2 and 5.1.4, the way to prevent the BEAST exploit is to introduce some unknown data into the encryption scheme, prior to the attackers inserted plain text data. This is done as follows:\r\n\r\n \r\n\r\n1. The first plaintext write will result in one or more encrypted records as usual.\r\n\r\n2. The second and subsequent writes are \u201csplit\u201d. That is, each write will generate two or more records such that the first encrypted record contains only one byte of plaintext.\r\n\r\n3. A MAC is generated from the one byte of data and the MAC key. This MAC is appended to the plaintext for the record to be encrypted prior to being encrypted.\r\n\r\n \r\n\r\nThe splitting of the encrypted records generated by the second and subsequent writes ensures that the attacker never sees a cipher text block that immediately precedes a cipher text block generated from their chosen plaintext. This ensures that it is impossible for an attacker to predict the IV that will be used to encrypt their chosen plain text and hence the attack cannot be executed.\r\n\r\n \r\n\r\nNote the following about first block splitting:\r\n\r\n - Splitting only occurs:\r\n\r\n o For negotiated cipher suites that use CBC mode.\r\n\r\n o For protocols SSLv3 or TLS v1.0.\r\n\r\n - Only application data packets are spilt. Handshake packets are not split,\r\n\r\n - Blocks of plaintext are split for each subsequent call to write data to the SSL connection after the first write is sent.\r\n\r\n \r\n\r\nFor RSA BSAFE SSL-J 6.1.2 and 5.1.4, record splitting is engineered to be enabled by default for vulnerable cipher suites, making the application secure by default. If required, the application can disable record splitting by setting the system property jsse.enableCBCProtection:\r\n\r\n \r\n\r\n\u2022 Using the following Java code:\r\n\r\n System.setProperty("jsse.enableCBCProtection", "false");\r\n\r\n \r\n\r\n OR\r\n\r\n \r\n\r\n\u2022 On the Java command line, passing the following argument:\r\n\r\n -Djsse.enableCBCProtection=\u201dfalse\u201d\r\n\r\n \r\n\r\nFor more information about setting security properties, see section System and Security Properties in the RSA BSAFE SSL-J Developer Guide.\r\n\r\n \r\n\r\n \r\n\r\nFor the Lucky Thirteen vulnerability:\r\n\r\nRSA BSAFE SSL-J 6.0.1 and 5.1.2 contain a patch that is designed to help ensure that MAC checking is time invariant in servers. Customers can also protect against the Lucky Thirteen attack by disabling CBC mode cipher suites on clients and servers. Cipher suites that use RC4 and, if TLS 1.2 is available, AES-GCM can be used.\r\n\r\n \r\n\r\n \r\n\r\nRSA recommends that customers on RSA BSAFE SSL-J 5.1.x (or lower) and 6.x upgrade to RSA BSAFE SSL-J 5.1.4 and 6.1.2 respectively to resolve both the BEAST and the Lucky Thirteen vulnerabilities.\r\n\r\n \r\n\r\nObtaining Downloads: \r\n\r\nTo request your upgrade of the software, please call your local support telephone number (contact phone numbers are available at http://www.emc.com/support/rsa/contact/phone-numbers.htm) for most expedient service. \r\n\r\nObtaining Documentation:\r\n\r\nTo obtain RSA documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click Products in the top navigation menu. Select the specific product whose documentation you want to obtain. Scroll to the section for the product version that you want and click the set link.\r\n\r\nSeverity Rating:\r\n\r\nFor an explanation of Severity Ratings, refer to the Knowledge Base Article, \u201cSecurity Advisories Severity Rating\u201d at https://knowledge.rsasecurity.com/scolcms/knowledge.aspx?solution=a46604. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\nObtaining More Information:\r\n\r\nFor more information about RSA products, visit the RSA web site at http://www.rsa.com.\r\n\r\nGetting Support and Service:\r\n\r\nFor customers with current maintenance contracts, contact your local RSA Customer Support center with any additional questions regarding this RSA SecurCare Note. For contact telephone numbers or e-mail addresses, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com, click Help & Contact, and then click the Contact Us - Phone tab or the Contact Us - Email tab.\r\n\r\nGeneral Customer Support Information:\r\n\r\nhttp://www.emc.com/support/rsa/index.htm\r\n\r\nRSA SecurCare Online:\r\n\r\nhttps://knowledge.rsasecurity.com\r\n\r\nEOPS Policy:\r\n\r\nRSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details.\r\nhttp://www.emc.com/support/rsa/eops/index.htm\r\n\r\nSecurCare Online Security Advisories\r\n\r\nRSA, The Security Division of EMC, distributes SCOL Security Advisories in order to bring to the attention of users of the affected RSA products important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaim all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall RSA or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\r\n\r\nAbout RSA SecurCare Notes & Security Advisories Subscription\r\n\r\nRSA SecurCare Notes & Security Advisories are targeted e-mail messages that RSA sends you based on the RSA product family you currently use. If you\u2019d like to stop receiving RSA SecurCare Notes & Security Advisories, or if you\u2019d like to change which RSA product family Notes & Security Advisories you currently receive, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view3. Following the instructions on the page, remove the check mark next to the RSA product family whose Notes & Security Advisories you no longer want to receive. Click the Submit button to save your selection.\r\n\r\nSincerely,\r\n\r\nRSA Customer Support\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (Cygwin)\r\n\r\niEYEARECAAYFAlM9gG8ACgkQtjd2rKp+ALxfXACfcBq3ox0rrD8Xtn+ReCya0oB9\r\nhuMAn36FiacTbJug8gvKyI+9IA9tVQFR\r\n=I/i+\r\n-----END PGP SIGNATURE-----\r\n", "published": "2014-04-07T00:00:00", "modified": "2014-04-07T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30449", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2013-0169", "CVE-2011-3389"], "immutableFields": [], "lastseen": "2018-08-31T11:10:51", "viewCount": 74, "enchantments": {"score": {"value": -0.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["OPENSSH_ADVISORY2.ASC", "OPENSSL_ADVISORY5.ASC"]}, {"type": "amazon", "idList": ["ALAS-2011-010", "ALAS-2013-162", "ALAS-2013-163", "ALAS-2013-171", "ALAS-2014-320"]}, {"type": "archlinux", "idList": ["ASA-201605-3", "ASA-201605-4"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "centos", "idList": ["CESA-2011:1380", "CESA-2012:1088", "CESA-2012:1089", "CESA-2013:0273", "CESA-2013:0274", "CESA-2013:0275", "CESA-2013:0587"]}, {"type": "cert", "idList": ["VU:737740", "VU:864643"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2011-505", "CPAI-2012-020"]}, {"type": "checkpoint_security", "idList": ["CPS:SK86440"]}, {"type": "cve", "idList": ["CVE-2004-2770", "CVE-2011-3389", "CVE-2013-0169", "CVE-2013-1618", "CVE-2013-1619", "CVE-2013-1620", "CVE-2013-1621", "CVE-2013-1623", "CVE-2013-1624", "CVE-2013-2116", "CVE-2016-2107", "CVE-2018-0497"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1518-1:A6705", "DEBIAN:DLA-1518-1:EF500", "DEBIAN:DLA-154-1:C91BD", "DEBIAN:DLA-400-1:76CCE", "DEBIAN:DSA-2356-1:91E00", "DEBIAN:DSA-2358-1:F21E5", "DEBIAN:DSA-2368-1:91542", "DEBIAN:DSA-2381-:320B8", "DEBIAN:DSA-2398-1:A6208", "DEBIAN:DSA-2398-2:1A463", "DEBIAN:DSA-2621-1:52BC0", "DEBIAN:DSA-2622-1:EE504"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-3389", "DEBIANCVE:CVE-2013-0169", "DEBIANCVE:CVE-2013-1619", "DEBIANCVE:CVE-2013-1620", "DEBIANCVE:CVE-2013-1624", "DEBIANCVE:CVE-2016-2107", "DEBIANCVE:CVE-2018-0497"]}, {"type": "f5", "idList": ["F5:K13400", "F5:K14190", "F5:K15622", "F5:K15630", "F5:K15637", "F5:K93600123", "SOL13400", "SOL14190", "SOL15630", "SOL15637", "SOL15721", "SOL93600123"]}, {"type": "fedora", "idList": ["FEDORA:04F1C20CB8", "FEDORA:1262420CBE", "FEDORA:179F720CEB", "FEDORA:1AC5420CC5", "FEDORA:200AC208B1", "FEDORA:206E92195B", "FEDORA:2490220CD3", "FEDORA:269F320D4C", "FEDORA:2A3D62083D", "FEDORA:2B4CF20C99", "FEDORA:2D2B820A5C", "FEDORA:2F07020CD7", "FEDORA:320272143B", "FEDORA:32C0C208B4", "FEDORA:37BAE20CD9", "FEDORA:4053B20CDA", "FEDORA:4329260E587A", "FEDORA:45E2C214D4", "FEDORA:462E6208E1", "FEDORA:4857E22DBD", "FEDORA:4867220AB1", "FEDORA:48FBB20CE9", "FEDORA:4FECC20A10", "FEDORA:5191B22DC7", "FEDORA:55FF821575", "FEDORA:5A57F22DE8", "FEDORA:5DDA721219", "FEDORA:5F614206D5", "FEDORA:62E9022DEA", "FEDORA:6BF3822E23", "FEDORA:73438221A8", "FEDORA:7617922E25", "FEDORA:7EE8622E3A", "FEDORA:811AA20A83", "FEDORA:9D331212AC", "FEDORA:A2C3F213B0", "FEDORA:AD13120DB6", "FEDORA:BA848210A3", "FEDORA:BFDED20E5F", "FEDORA:C01F021E98", "FEDORA:C041720764", "FEDORA:C5762206E3", "FEDORA:C6E3221DBD", "FEDORA:D4C3521434", "FEDORA:D68E221277", "FEDORA:DD57B208B1", "FEDORA:E779120CA7", "FEDORA:F036720CB7", "FEDORA:F332B2138D", "FEDORA:F38FB60CBEE0"]}, {"type": "freebsd", "idList": ["00B0D8CD-7097-11E2-98D9-003067C2616F", "18CE9A90-F269-11E1-BE53-080027EF73EC", "559F3D1B-CB1D-11E5-80A4-001999F8D30B", "69BFC852-9BD0-11E2-A7BE-8C705AF55518", "A4A809D8-25C8-11E1-B531-00215C6A37BB"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-13:03.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201111-02", "GLSA-201203-02", "GLSA-201301-01", "GLSA-201310-10", "GLSA-201312-03", "GLSA-201401-30", "GLSA-201406-32"]}, {"type": "github", "idList": ["GHSA-8353-FGCR-XFHX"]}, {"type": "hackerone", "idList": ["H1:255041"]}, {"type": "ibm", "idList": ["094C676690DD74F0A877C604DAE40B5DBAAF1713090F5D65D95FB5F47C419C9C", "0A2F4509B2B4AFE8F720A6AF92997F57DF2C869B533D164E26BFB106E3AA5DC4", "0CA57BDC2A5B29D7A05B000C9F4660CECD108471C93FE144B5B5B7B541E5DB80", "1490E64B6C89A28FE7D82BD31871B5BCF0AA0EDCD3A3B483DF42E4A809F821F4", "1643D6D42AA03B195E5B38E5C611550B5917ADFCFB91A4CEE3FA17D822F63866", "17F2DE1F272EBF8E1F0E16B3A3D0C121D7F53002360A33B2E318E8910C665E9D", "1C551C877DFFA66B0623C95693FBE991A11A9D99C3C26E971DC816B27098E8DD", "1DC0A9C6D3EFE4EEA571DAAA9286B8F974D5ECF8F3BAAA188781D697B6DC2546", "1DD17DFA982ED4D61FB750115CB0EF37D8B00E016AE5F0F656377426A5C4EE18", "1F28273F958E55F6FE1789A83C92EDED4F2AAA3B9D872DA2CEAA127470C88CCE", "236329FBB4C57928A51AF5989855EBBE8AEFC2496ED2345E1CE8C703B7EA9BD5", "269B504D34D7B9BDD776A87F2BEC62D1CD4CA692AD0765FE50BEF0B6FFC0283F", "2888C8C51406BDD1DDB129FA2FD21486139C2B46881E4BF8D52B96F286B243B4", "2E6D778793B990B68E72041D95DBC2B227927F08D97BCA9E118EC96F940B7A01", "30CDD497090F8940455238317492E01063AFC3CC537C3C8827026D302DFD0F4B", "31C0AFB718E47F2565BB2125DFEA05544B924823108F7C7BE892843715FA5571", "322619DE13AD7AE40C87D0499D49F5FD2A44C7972AD6C9A81CD50939DF001639", "3258D879016CCEB97F8F543943D502B2C423771C5D452641CB88919F035248B5", "3B57923CAB505EF521BBA172A4E2D8A03F9751E11D84F9D7571E2F66E3F439C9", "3D0BC65439AE2C6207784D85D50B1217AFC4355059DD4B08B7D876C83FA00ACE", "3F34D8EA25B1CFED1F77BE0A29D70083D293CF0532267E430A4F453410CE1576", "42CDE43C2F08FD3C2E311B9F3BB48950BDFCDDA3BF0F895A9FF7750A3690B573", "43B76C333A7576029A83B6169787B1ACB6CA6F7F5FB81FE4498044B211FB42E4", "4658C62A77F48A34C93A36AA5082184E598712E676A47847A2174B2175EB4DBB", "474383EC7932F456FF11851996BAA76765D90113FA098C62CA6E0DE8A1088855", "476070037D8C6B95A023CADE7B7B8E36D86FE85A0AE9BDFC8D5FB131FC5DB6F9", "48C1F15C09B1F7BDA80A9EFEADECD71756B3E935BF8D2C49D4EBF682961DBB6E", "4B79D8EB462A55A962C272FC6E71910088E63C9F67E0839F26A4A73F042A12DF", "4BED10A9B77647D47155BEF6AEAE7754FE7B1E83A7CC5B95FC30366FA2805FDD", "4E588C74A55CD9FFE957FBF604B06826EB4B08A52741A2D771A96FB3782D2303", "511A2CEA23CFB8B15C62F78EE3A158E3C8F986D7D0E152D292B641365BBD08F1", "51A25EC520455269A79F9DDA6AEB73FB003F12BAA0B35BFB5A6A50A403534F59", "540B5BFC7425C0A1AEC2AE0E39CAFAA87610B3C5A51646F532BF2994455918B4", "54F08A3E75F1334BAEA6B9D028356C7A554BD574E0B0139E6023C9756DA9A6B6", "5791D1CE1402BA2CCCB885DE108E94B6A0D7E17C594791D10D2118C7AD239041", "5DDB5CECEC283344BB3F493BC01FBE017DB8DDFB43CB94DFA49BBFFB5437AC29", "5EFA13785CC30ADD58A09C8067C048A172DF46A415459750DB97A4B2E8C6095E", "618A72A7D08892ADCD819AD422F802E0F22DD66F0926AF2D81288E8865A68EFC", "61C29B2018A4B8DC7247FEB87D67D749F5AB58D20D16FB7F0426B1B9762B49FF", "630F07BCFBA91233BBB559ED997B4656AF3D22DB4D916E90B078150D1E4475A5", "635552E99951D8D5AEBD584BBE0C8D1EBBAE770AEE83BA96CDC88B692C2A1891", "65F855CBB6E474F39746F43DB188D7D6BFF25111F9027E1DC2947DAACA0066DC", "66CBA83FF8DB4B1480B110763AD607AB3CE8490A3D98399E9C813B066837800F", "69F32F166EB30A983D321FEF01D6359F9C720CB30502BC0DC1A0C7C9E4BECE5F", "7395B8BB0E921EA44FC2DA34DC1642BF4297981E52ABAF79CE1C5A075991C089", "7657AB8E9AC9E04C2A3E8106D178B61FA9C47F6720A6C18CE94D1DFB2ABE8793", "76B052C00B7D3B7660A204A6BD72087C4E84FB5E8C7CEA95BE48BBACC2FC5AD0", "7BA745D5E73DB0357EF4DBFC0D8A2DB4DA2A4CEC7B1D7138B96712A2B403839C", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "80952E481DBBFE075E1E11F8AE4B7BDB89FD8CB66DFBE913C231D73EF1E5C852", "88C6B153E8539F010657B5F23ADB7EC58D8F5DE163EBE45D240E77FC480565B5", "893B4BFAF96F5CCE46A3F4BB145D13A37B810A30BC0EF9EEB46E92F43F2965B9", "89826858CF10F9B56C50470B3C39DB96D911844221CFE9ED3E49161D3BCF5F04", "8FB0EF2BC912FEF8086EDA6A85F6EADBA8F6FD58431B3D97965CB05312955112", "915F25F9D4BBEE1CAACAA6F5FD6ACC3E18033BE658B9A06B8B13ACD613C9B6FD", "92BAA2CFDFFEAB55F3ED7EBC0A3EE5A881814F275C7B91CCF17EC9995E7DF59D", "9767587F564D9C9625F74EB5AC595ABB7605EE6BA3253E7CAEBC767879A17130", "9C1F47AF22D3FE94B849B30F92E5DF03ECA2B7ADBF7975CC80E0E36479905E36", "9EB202E5169E83CA3DE86AF32B2513BB89B1A82D62E1E66F378A15560B279609", "9F83ED7D961B69342BBB0C4157AF6D1AD1EF3528F0C8EC1218A10D5B884F6B87", "A5137BA80934878703E513A2E2362BDF3EE170D02FF731389CA4911F76DACF16", "A866252B75E912D0B0730469904A7C2D30F443084DF2C8AC2265ED850925178B", "ABEB10FAE05FC24F89DEF01481AC39609E9B6830F4501FB4E71427C5078B01EE", "ACD785EFFF948519FD0D49C90B1E5FD1AC79B738AC42DC13E0C51385CE4CE9AB", "AD3DEE6A50AC4F6651955CE510E56DC0170683854BF573E9389CCA2769B638B1", "ADCCD07ABE84A7FC8550F577A3823CD6D29F46A50A4065FB573165CDF08E84E1", "B2A692687E0D397416E3549B4377E5B3319BF086A451607250B307F6DEECCF53", "B5BA7A019881D4357D8DF943ED0F2EBF5D00B203B4AF8DE699E3A190780BD598", "B8CDE2E20BC16C41FC85BA2A86684E11CDAD295FBFA9F508C045F715A67AC321", "B8E199CFC7A9C8DCF033928312B9AE0E344AB91916C93723350723B89FCB619A", "BC14F6832E7A855373319126E5CF0A69CAAC1369B245AE25C03158E47AD57D0A", "BE9A67BD9BDD24F3FA830A98F5DC10D0C03A55261ED483855170AC3FF8B34B20", "C43295EDCDB671C41F9E96483F5E89378A947A89F40869B467F309DBF973E6B7", "C44E07EA5086C9BEBD0E896839F7E52E6DE1B379F604FBD6F4A29FB1A0D32827", "C4FDDC1384D8FD0DDE8B004DBBC87A757834460AE92B55B9C87335F27F45968F", "C53887B5065E8CBF2E75B8207E4CC5546F907715375F0C60DDEEACFD8829F5D5", "C886374FAD3679EE6A5BD963F389F833A405B75137FC01C5D8C98D9F3D152423", "CFB76C7955286783207A10F8AD81EE581F67A422A7BCC33041BABFA8A0EAE5C1", "D09ABF92F9241537F2411A406C8EBC7E6385C510450FCBD8E4BEA2A58ED1A1F8", "DDCE3DF1C0F2F3507A59F94E81A8ADEA101DC8CB5DCFAEE3754B7E7CBB0C41CB", "E05BB8F45DC047A2895F7AC85F4B8A9F55D22D985F0D4F65E95F3141873851DC", "E59ACF3695AD2CD789F134AAEEB562DA1F3666F9F39B6C6075E68D3EB0B3D646", "E807324C5E086363AD4484F48FAC20F17946148F82B1FD2BEB5F79FF92D4D4EB", "EE216EF5D81838DBD9885BCCAD28FE9FA806673A7B6C6F9FD4DC5F95C8DC1B7C", "F0DE6E4E0B989C212565A180164B3116C1C0A2058857C3A677B778E4539132ED", "F5B4855A2BDF3424779D9A7DEEC69330CBD0503AFAA4BF2D919922C8B5B9AAE7", "F6BF964257D9117951117EACB7D0B6AB86CADA510E6E8CC1798F11D49A2CE23B", "F9CC95E70A9161C3B608A1B574CD3163423445BE11BF9B52BFC0E69641BB32D2", "FB5FC638F0F9678EB3E47AF62A74BAF20709E94BB9ADB83967699806B344DB3C", "FD7351ECB85A42C62F9023BAC5EEEAF6CF37D6FC6389D561479E0D751AD3BA8F", "FE752375F93FC92B2A9739798BAB02AD01A97863DA8F24EEBD0ACD3ABB213574", "FFCC3373408F02CC542763623853BD92D404CF7A56813566A2A692A6EC5C572D"]}, {"type": "ics", "idList": ["ICSA-14-098-03", "ICSA-19-192-04", "ICSA-22-097-01", "ICSA-22-349-21", "ICSMA-18-058-02"]}, {"type": "mageia", "idList": ["MGASA-2013-0290"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY-SCANNER-SSL-SSL_VERSION-"]}, {"type": "mskb", "idList": ["KB2643584"]}, {"type": "nessus", "idList": ["6019.PRM", "6041.PRM", "6105.PRM", "6303.PRM", "6482.PRM", "6583.PRM", "6699.PRM", "6868.PRM", "720302.PRM", "8008.PRM", "800845.PRM", "800858.PRM", "801052.PRM", "AIX_OPENSSL_ADVISORY5.NASL", "ALA_ALAS-2011-10.NASL", "ALA_ALAS-2013-162.NASL", "ALA_ALAS-2013-163.NASL", "ALA_ALAS-2013-171.NASL", "APPLE_IOS_50_CHECK.NBIN", "ASTERISK_AST_2016_003.NASL", "CENTOS_RHSA-2011-1380.NASL", "CENTOS_RHSA-2012-1088.NASL", "CENTOS_RHSA-2012-1089.NASL", "CENTOS_RHSA-2013-0273.NASL", "CENTOS_RHSA-2013-0274.NASL", "CENTOS_RHSA-2013-0275.NASL", "CENTOS_RHSA-2013-0587.NASL", "DB2_101FP3A.NASL", "DB2_97FP9.NASL", "DEBIAN_DLA-1518.NASL", "DEBIAN_DLA-154.NASL", "DEBIAN_DLA-400.NASL", "DEBIAN_DSA-2356.NASL", "DEBIAN_DSA-2358.NASL", "DEBIAN_DSA-2368.NASL", "DEBIAN_DSA-2398.NASL", "DEBIAN_DSA-2621.NASL", "DEBIAN_DSA-2622.NASL", "EULEROS_SA-2019-1547.NASL", "F5_BIGIP_SOL14190.NASL", "F5_BIGIP_SOL15630.NASL", "F5_BIGIP_SOL15637.NASL", "F5_BIGIP_SOL93600123.NASL", "FEDORA_2011-15020.NASL", "FEDORA_2011-15555.NASL", "FEDORA_2011-17399.NASL", "FEDORA_2011-17400.NASL", "FEDORA_2012-5785.NASL", "FEDORA_2012-5892.NASL", "FEDORA_2012-5916.NASL", "FEDORA_2012-5924.NASL", "FEDORA_2012-9135.NASL", "FEDORA_2013-2793.NASL", "FEDORA_2013-2834.NASL", "FEDORA_2013-4403.NASL", "FEDORA_2014-13764.NASL", "FEDORA_2014-13777.NASL", "FREEBSD_PKG_00B0D8CD709711E298D9003067C2616F.NASL", "FREEBSD_PKG_18CE9A90F26911E1BE53080027EF73EC.NASL", "FREEBSD_PKG_559F3D1BCB1D11E580A4001999F8D30B.NASL", "FREEBSD_PKG_69BFC8529BD011E2A7BE8C705AF55518.NASL", "FREEBSD_PKG_A4A809D825C811E1B53100215C6A37BB.NASL", "GENTOO_GLSA-201111-02.NASL", "GENTOO_GLSA-201203-02.NASL", "GENTOO_GLSA-201301-01.NASL", "GENTOO_GLSA-201310-10.NASL", "GENTOO_GLSA-201312-03.NASL", "GENTOO_GLSA-201401-30.NASL", "GENTOO_GLSA-201406-32.NASL", "HPSMH_7_2_1_0.NASL", "IBM_GSKIT_SWG21638270.NASL", "IBM_HTTP_SERVER_491407.NASL", "IBM_TEM_8_2_1372.NASL", "IBM_TSM_SERVER_5_5_X.NASL", "IBM_TSM_SERVER_6_1_X.NASL", "IBM_TSM_SERVER_6_2_6_0.NASL", "IBM_TSM_SERVER_6_3_4_200.NASL", "IPSWITCH_IMAIL_12_3.NASL", "JUNIPER_JSA10575.NASL", "JUNIPER_NSM_JSA10642.NASL", "JUNIPER_SPACE_JSA10659.NASL", "JUNOS_PULSE_JSA10591.NASL", "KERIO_CONNECT_810.NASL", "MACOSX_10_7_3.NASL", "MACOSX_10_7_4.NASL", "MACOSX_10_7_5.NASL", "MACOSX_10_8_5.NASL", "MACOSX_10_9.NASL", "MACOSX_JAVA_10_6_UPDATE6.NASL", "MACOSX_JAVA_10_7_UPDATE1.NASL", "MACOSX_SECUPD2012-001.NASL", "MACOSX_SECUPD2012-002.NASL", "MACOSX_SECUPD2012-004.NASL", "MACOSX_SECUPD2013-004.NASL", "MACOSX_SECUPD2014-001.NASL", "MACOSX_XCODE_4_4.NASL", "MANDRIVA_MDVSA-2011-170.NASL", "MANDRIVA_MDVSA-2012-058.NASL", "MANDRIVA_MDVSA-2012-096.NASL", "MANDRIVA_MDVSA-2012-097.NASL", "MANDRIVA_MDVSA-2012-149.NASL", "MANDRIVA_MDVSA-2013-014.NASL", "MANDRIVA_MDVSA-2013-037.NASL", "MANDRIVA_MDVSA-2013-050.NASL", "MANDRIVA_MDVSA-2013-052.NASL", "MANDRIVA_MDVSA-2013-095.NASL", "NEWSTART_CGSL_NS-SA-2019-0020_OPENSSL098E.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_NSS.NASL", "OPENSSL_0_9_8Y.NASL", "OPENSSL_1_0_0K.NASL", "OPENSSL_1_0_1D.NASL", "OPENSSL_1_0_1E.NASL", "OPENSUSE-2011-100.NASL", "OPENSUSE-2012-302.NASL", "OPENSUSE-2012-76.NASL", "OPENSUSE-2013-153.NASL", "OPENSUSE-2013-154.NASL", "OPENSUSE-2013-164.NASL", "OPENSUSE-2016-294.NASL", "OPENSUSE-2020-86.NASL", "OPERA_1151.NASL", "OPERA_1160.NASL", "ORACLELINUX_ELSA-2011-1380.NASL", "ORACLELINUX_ELSA-2012-1088.NASL", "ORACLELINUX_ELSA-2012-1089.NASL", "ORACLELINUX_ELSA-2013-0273.NASL", "ORACLELINUX_ELSA-2013-0274.NASL", "ORACLELINUX_ELSA-2013-0275.NASL", "ORACLELINUX_ELSA-2013-0587.NASL", "ORACLEVM_OVMSA-2014-0007.NASL", "ORACLEVM_OVMSA-2014-0008.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2015_LDAP.NASL", "ORACLE_JAVA_CPU_FEB_2013_1.NASL", "ORACLE_JAVA_CPU_FEB_2013_1_UNIX.NASL", "ORACLE_JAVA_CPU_OCT_2011.NASL", "ORACLE_JAVA_CPU_OCT_2011_UNIX.NASL", "ORACLE_RDBMS_CPU_OCT_2013.NASL", "PHP_5_4_0.NASL", "REDHAT-RHSA-2011-1380.NASL", "REDHAT-RHSA-2011-1384.NASL", "REDHAT-RHSA-2012-0006.NASL", "REDHAT-RHSA-2012-0034.NASL", "REDHAT-RHSA-2012-0508.NASL", "REDHAT-RHSA-2012-1088.NASL", "REDHAT-RHSA-2012-1089.NASL", "REDHAT-RHSA-2013-0273.NASL", "REDHAT-RHSA-2013-0274.NASL", "REDHAT-RHSA-2013-0275.NASL", "REDHAT-RHSA-2013-0531.NASL", "REDHAT-RHSA-2013-0532.NASL", "REDHAT-RHSA-2013-0587.NASL", "REDHAT-RHSA-2013-0636.NASL", "REDHAT-RHSA-2013-0822.NASL", "REDHAT-RHSA-2013-0823.NASL", "REDHAT-RHSA-2013-0833.NASL", "REDHAT-RHSA-2013-0855.NASL", "REDHAT-RHSA-2013-1455.NASL", "REDHAT-RHSA-2013-1456.NASL", "REDHAT-RHSA-2014-0416.NASL", "SLACKWARE_SSA_2013-040-01.NASL", "SL_20111018_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "SL_20111019_JAVA_1_6_0_SUN_ON_SL5_X.NASL", "SL_20120717_FIREFOX_ON_SL5_X.NASL", "SL_20120717_THUNDERBIRD_ON_SL5_X.NASL", "SL_20130304_OPENSSL_ON_SL5_X.NASL", "SMB_KB2588513.NASL", "SMB_NT_MS12-006.NASL", "SOLARIS10_119213-27.NASL", "SOLARIS10_125358-15.NASL", "SOLARIS10_X86_119214-27.NASL", "SOLARIS10_X86_125359-15.NASL", "SOLARIS11_FETCHMAIL_20121016.NASL", "SOLARIS11_GNUTLS_20130924.NASL", "SOLARIS11_NSS_20140809.NASL", "SOLARIS11_OPENSSL_20130716.NASL", "SOLARIS11_PYTHON_20130410.NASL", "SPLUNK_503.NASL", "SSL3_TLS1_IV_IMPL_INFO_DISCLOSURE.NASL", "STUNNEL_4_55.NASL", "SUSE_11_3_JAVA-1_6_0-OPENJDK-111025.NASL", "SUSE_11_3_JAVA-1_6_0-SUN-111024.NASL", "SUSE_11_3_NSS-201112-111220.NASL", "SUSE_11_3_OPERA-110906.NASL", "SUSE_11_4_CURL-120124.NASL", "SUSE_11_4_JAVA-1_6_0-OPENJDK-111025.NASL", "SUSE_11_4_JAVA-1_6_0-SUN-111024.NASL", "SUSE_11_4_NSS-201112-111220.NASL", "SUSE_11_4_OPERA-110906.NASL", "SUSE_11_COMPAT-OPENSSL097G-141202.NASL", "SUSE_11_JAVA-1_4_2-IBM-120105.NASL", "SUSE_11_JAVA-1_6_0-IBM-120223.NASL", "SUSE_11_JAVA-1_6_0-IBM-130416.NASL", "SUSE_11_JAVA-1_6_0-OPENJDK-130221.NASL", "SUSE_11_JAVA-1_7_0-IBM-130415.NASL", "SUSE_11_LIBOPENSSL-DEVEL-130325.NASL", "SUSE_JAVA-1_4_2-IBM-7908.NASL", "SUSE_JAVA-1_6_0-IBM-7926.NASL", "SUSE_JAVA-1_6_0-IBM-8544.NASL", "SUSE_LIBCURL4-8618.NASL", "SUSE_MOZILLA-NSS-7842.NASL", "SUSE_OPENSSL-8517.NASL", "SUSE_PYTHON-8080.NASL", "SUSE_SU-2020-0114-1.NASL", "SUSE_SU-2020-0234-1.NASL", "TIVOLI_DIRECTORY_SVR_SWG21638270.NASL", "UBUNTU_USN-1263-1.NASL", "UBUNTU_USN-1263-2.NASL", "UBUNTU_USN-1732-1.NASL", "UBUNTU_USN-1732-2.NASL", "UBUNTU_USN-1732-3.NASL", "UBUNTU_USN-1735-1.NASL", "VMWARE_ESXI_5_0_BUILD_1311177_REMOTE.NASL", "VMWARE_ESXI_5_1_BUILD_1483097_REMOTE.NASL", "VMWARE_ESXI_5_1_BUILD_2323236_REMOTE.NASL", "VMWARE_ESX_VMSA-2013-0009_REMOTE.NASL", "VMWARE_VMSA-2012-0003.NASL", "VMWARE_VMSA-2012-0005.NASL", "VMWARE_VMSA-2012-0005_REMOTE.NASL", "VMWARE_VMSA-2013-0009.NASL", "WEBSPHERE_6_1_0_47.NASL", "WEBSPHERE_7_0_0_29.NASL", "WEBSPHERE_8_0_0_6.NASL", "WEBSPHERE_8_0_0_7.NASL", "WEBSPHERE_8_5_0_2.NASL", "WEBSPHERE_8_5_5.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2013-0169", "OPENSSL:CVE-2016-2107"]}, {"type": "openvas", "idList": ["OPENVAS:103749", "OPENVAS:103872", "OPENVAS:1361412562310103749", "OPENVAS:1361412562310103872", "OPENVAS:1361412562310105413", "OPENVAS:1361412562310120209", "OPENVAS:1361412562310120390", "OPENVAS:1361412562310120391", "OPENVAS:1361412562310120500", "OPENVAS:1361412562310120555", "OPENVAS:1361412562310121000", "OPENVAS:1361412562310121048", "OPENVAS:1361412562310121084", "OPENVAS:1361412562310121127", "OPENVAS:1361412562310121235", "OPENVAS:1361412562310122071", "OPENVAS:1361412562310123684", "OPENVAS:1361412562310123719", "OPENVAS:1361412562310123720", "OPENVAS:1361412562310123721", "OPENVAS:136141256231070570", "OPENVAS:136141256231070571", "OPENVAS:136141256231070592", "OPENVAS:136141256231070687", "OPENVAS:136141256231070715", "OPENVAS:136141256231070791", "OPENVAS:136141256231071186", "OPENVAS:136141256231071249", "OPENVAS:136141256231071832", "OPENVAS:1361412562310802332", "OPENVAS:1361412562310802333", "OPENVAS:1361412562310802392", "OPENVAS:1361412562310802794", "OPENVAS:1361412562310802830", "OPENVAS:1361412562310802968", "OPENVAS:1361412562310804851", "OPENVAS:1361412562310831493", "OPENVAS:1361412562310831573", "OPENVAS:1361412562310831685", "OPENVAS:1361412562310831686", "OPENVAS:1361412562310831731", "OPENVAS:1361412562310840805", "OPENVAS:1361412562310840872", "OPENVAS:1361412562310841323", "OPENVAS:1361412562310841327", "OPENVAS:1361412562310841348", "OPENVAS:1361412562310841378", "OPENVAS:1361412562310850410", "OPENVAS:1361412562310850412", "OPENVAS:1361412562310851223", "OPENVAS:1361412562310853008", "OPENVAS:1361412562310863588", "OPENVAS:1361412562310863593", "OPENVAS:1361412562310863690", "OPENVAS:1361412562310863691", "OPENVAS:1361412562310863692", "OPENVAS:1361412562310863693", "OPENVAS:1361412562310863694", "OPENVAS:1361412562310863695", "OPENVAS:1361412562310863696", "OPENVAS:1361412562310863697", "OPENVAS:1361412562310863698", "OPENVAS:1361412562310863699", "OPENVAS:1361412562310863748", "OPENVAS:1361412562310863798", "OPENVAS:1361412562310863804", "OPENVAS:1361412562310863904", "OPENVAS:1361412562310863916", "OPENVAS:1361412562310863955", "OPENVAS:1361412562310863960", "OPENVAS:1361412562310863977", "OPENVAS:1361412562310864037", "OPENVAS:1361412562310864068", "OPENVAS:1361412562310864070", "OPENVAS:1361412562310864088", "OPENVAS:1361412562310864199", "OPENVAS:1361412562310864218", "OPENVAS:1361412562310864223", "OPENVAS:1361412562310864317", "OPENVAS:1361412562310864384", "OPENVAS:1361412562310864392", "OPENVAS:1361412562310864457", "OPENVAS:1361412562310864471", "OPENVAS:1361412562310864472", "OPENVAS:1361412562310864477", "OPENVAS:1361412562310864684", "OPENVAS:1361412562310864710", "OPENVAS:1361412562310864791", "OPENVAS:1361412562310864793", "OPENVAS:1361412562310865053", "OPENVAS:1361412562310865325", "OPENVAS:1361412562310865329", "OPENVAS:1361412562310865336", "OPENVAS:1361412562310865421", "OPENVAS:1361412562310865434", "OPENVAS:1361412562310865516", "OPENVAS:1361412562310866899", "OPENVAS:1361412562310866977", "OPENVAS:1361412562310868456", "OPENVAS:1361412562310868477", "OPENVAS:1361412562310870501", "OPENVAS:1361412562310870790", "OPENVAS:1361412562310870792", "OPENVAS:1361412562310870916", "OPENVAS:1361412562310870924", "OPENVAS:1361412562310870926", "OPENVAS:1361412562310870944", "OPENVAS:1361412562310881023", "OPENVAS:1361412562310881160", "OPENVAS:1361412562310881168", "OPENVAS:1361412562310881187", "OPENVAS:1361412562310881201", "OPENVAS:1361412562310881447", "OPENVAS:1361412562310881602", "OPENVAS:1361412562310881606", "OPENVAS:1361412562310881610", "OPENVAS:1361412562310881611", "OPENVAS:1361412562310881620", "OPENVAS:1361412562310881669", "OPENVAS:1361412562310891518", "OPENVAS:1361412562310892621", "OPENVAS:1361412562310892622", "OPENVAS:1361412562310902630", "OPENVAS:1361412562310902900", "OPENVAS:1361412562311220191547", "OPENVAS:70570", "OPENVAS:70571", "OPENVAS:70592", "OPENVAS:70687", "OPENVAS:70715", "OPENVAS:70791", "OPENVAS:71186", "OPENVAS:71249", "OPENVAS:71832", "OPENVAS:802332", "OPENVAS:802333", "OPENVAS:802392", "OPENVAS:802794", "OPENVAS:802830", "OPENVAS:802968", "OPENVAS:831493", "OPENVAS:831573", "OPENVAS:831685", "OPENVAS:831686", "OPENVAS:831731", "OPENVAS:840805", "OPENVAS:840872", "OPENVAS:841323", "OPENVAS:841327", "OPENVAS:841348", "OPENVAS:841378", "OPENVAS:850410", "OPENVAS:850412", "OPENVAS:863588", "OPENVAS:863593", "OPENVAS:863690", "OPENVAS:863691", "OPENVAS:863692", "OPENVAS:863693", "OPENVAS:863694", "OPENVAS:863695", "OPENVAS:863696", "OPENVAS:863697", "OPENVAS:863698", "OPENVAS:863699", "OPENVAS:863748", "OPENVAS:863798", "OPENVAS:863804", "OPENVAS:863904", "OPENVAS:863916", "OPENVAS:863955", "OPENVAS:863960", "OPENVAS:863977", "OPENVAS:864037", "OPENVAS:864068", "OPENVAS:864070", "OPENVAS:864088", "OPENVAS:864199", "OPENVAS:864218", "OPENVAS:864223", "OPENVAS:864317", "OPENVAS:864384", "OPENVAS:864392", "OPENVAS:864457", "OPENVAS:864471", "OPENVAS:864472", "OPENVAS:864477", "OPENVAS:864684", "OPENVAS:864710", "OPENVAS:864791", "OPENVAS:864793", "OPENVAS:865053", "OPENVAS:865325", "OPENVAS:865329", "OPENVAS:865336", "OPENVAS:865421", "OPENVAS:865434", "OPENVAS:865516", "OPENVAS:866899", "OPENVAS:866977", "OPENVAS:870501", "OPENVAS:870790", "OPENVAS:870792", "OPENVAS:870916", "OPENVAS:870924", "OPENVAS:870926", "OPENVAS:870944", "OPENVAS:881023", "OPENVAS:881160", "OPENVAS:881168", "OPENVAS:881187", "OPENVAS:881201", "OPENVAS:881447", "OPENVAS:881602", "OPENVAS:881606", "OPENVAS:881610", "OPENVAS:881611", "OPENVAS:881620", "OPENVAS:881669", "OPENVAS:892621", "OPENVAS:892622", "OPENVAS:902630", "OPENVAS:902900"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2015", "ORACLE:CPUJUL2015", "ORACLE:CPUOCT2013-1899837"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1380", "ELSA-2013-0273", "ELSA-2013-0274", "ELSA-2013-0275", "ELSA-2013-0587", "ELSA-2015-3022", "ELSA-2016-3621", "ELSA-2019-4747", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:CVE-2016-2107", "OSV:DLA-1518-1", "OSV:DLA-154-1", "OSV:DLA-400-1", "OSV:DSA-2356-1", "OSV:DSA-2358-1", "OSV:DSA-2368-1", "OSV:DSA-2398-1", "OSV:DSA-2621-1", "OSV:DSA-2622-1", "OSV:GHSA-8353-FGCR-XFHX"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:7535985DCB1FBEA5FAF46D9453037D10"]}, {"type": "redhat", "idList": ["RHSA-2011:1380", "RHSA-2011:1384", "RHSA-2012:0006", "RHSA-2012:0034", "RHSA-2012:0343", "RHSA-2012:0508", "RHSA-2012:1088", "RHSA-2012:1089", "RHSA-2013:0273", "RHSA-2013:0274", "RHSA-2013:0275", "RHSA-2013:0531", "RHSA-2013:0532", "RHSA-2013:0587", "RHSA-2013:0636", "RHSA-2013:0783", "RHSA-2013:0822", "RHSA-2013:0823", "RHSA-2013:0833", "RHSA-2013:0855", "RHSA-2013:1455", "RHSA-2013:1456", "RHSA-2014:0416", "RHSA-2020:4298"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2011-3389-74829"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27151", "SECURITYVULNS:DOC:27154", "SECURITYVULNS:DOC:27283", "SECURITYVULNS:DOC:27485", "SECURITYVULNS:DOC:27600", "SECURITYVULNS:DOC:28232", "SECURITYVULNS:DOC:28577", "SECURITYVULNS:DOC:28706", "SECURITYVULNS:DOC:28707", "SECURITYVULNS:DOC:29043", "SECURITYVULNS:DOC:29601", "SECURITYVULNS:DOC:29602", "SECURITYVULNS:DOC:29603", "SECURITYVULNS:DOC:29623", "SECURITYVULNS:DOC:29856", "SECURITYVULNS:DOC:29893", "SECURITYVULNS:DOC:30335", "SECURITYVULNS:DOC:30412", "SECURITYVULNS:DOC:30448", "SECURITYVULNS:DOC:30611", "SECURITYVULNS:DOC:31682", "SECURITYVULNS:VULN:11971", "SECURITYVULNS:VULN:11972", "SECURITYVULNS:VULN:11988", "SECURITYVULNS:VULN:12116", "SECURITYVULNS:VULN:12137", "SECURITYVULNS:VULN:12164", "SECURITYVULNS:VULN:12518", "SECURITYVULNS:VULN:12679", "SECURITYVULNS:VULN:12873", "SECURITYVULNS:VULN:12887", "SECURITYVULNS:VULN:13186", "SECURITYVULNS:VULN:13198", "SECURITYVULNS:VULN:13310", "SECURITYVULNS:VULN:13423", "SECURITYVULNS:VULN:13583", "SECURITYVULNS:VULN:13647", "SECURITYVULNS:VULN:13663", "SECURITYVULNS:VULN:13730", "SECURITYVULNS:VULN:14233"]}, {"type": "seebug", "idList": ["SSV:20957", "SSV:60220", "SSV:60296"]}, {"type": "slackware", "idList": ["SSA-2013-040-01", "SSA-2013-042-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:0375-1", "OPENSUSE-SU-2013:0378-1", "OPENSUSE-SU-2016:0640-1", "OPENSUSE-SU-2020:0086-1", "SUSE-SU-2011:1256-2", "SUSE-SU-2012:0114-1", "SUSE-SU-2012:0114-2", "SUSE-SU-2012:0122-1", "SUSE-SU-2012:0122-2", "SUSE-SU-2012:0602-1", "SUSE-SU-2013:0328-1", "SUSE-SU-2013:0701-1", "SUSE-SU-2013:0701-2", "SUSE-SU-2014:0320-1", "SUSE-SU-2015:0578-1"]}, {"type": "symantec", "idList": ["SMNTC-1363"]}, {"type": "threatpost", "idList": ["THREATPOST:163A6E502D29C451AA1A20E62CA10C1C"]}, {"type": "ubuntu", "idList": ["USN-1263-1", "USN-1263-2", "USN-1732-1", "USN-1732-2", "USN-1732-3", "USN-1735-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-3389", "UB:CVE-2012-2686", "UB:CVE-2013-0169", "UB:CVE-2013-1619", "UB:CVE-2013-1620", "UB:CVE-2013-1621", "UB:CVE-2013-1623", "UB:CVE-2013-1624", "UB:CVE-2013-2116", "UB:CVE-2016-2107", "UB:CVE-2018-0497"]}, {"type": "vmware", "idList": ["VMSA-2013-0009", "VMSA-2013-0009.3"]}]}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSH_ADVISORY2.ASC"]}, {"type": "amazon", "idList": ["ALAS-2014-320"]}, {"type": "archlinux", "idList": ["ASA-201605-3"]}, {"type": "centos", "idList": ["CESA-2011:1380", "CESA-2012:1088", "CESA-2012:1089", "CESA-2013:0273", "CESA-2013:0274", "CESA-2013:0275", "CESA-2013:0587"]}, {"type": "cert", "idList": ["VU:864643"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2011-505"]}, {"type": "checkpoint_security", "idList": ["CPS:SK86440"]}, {"type": "cve", "idList": ["CVE-2011-3389"]}, {"type": "debian", "idList": ["DEBIAN:DLA-400-1:76CCE"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-3389", "DEBIANCVE:CVE-2013-0169"]}, {"type": "f5", "idList": ["SOL13400", "SOL14190", "SOL15630", "SOL15637", "SOL15721"]}, {"type": "fedora", "idList": ["FEDORA:206E92195B", "FEDORA:2490220CD3", "FEDORA:4053B20CDA", "FEDORA:7617922E25", "FEDORA:DD57B208B1", "FEDORA:E779120CA7"]}, {"type": "freebsd", "idList": ["00B0D8CD-7097-11E2-98D9-003067C2616F", "18CE9A90-F269-11E1-BE53-080027EF73EC", "69BFC852-9BD0-11E2-A7BE-8C705AF55518", "A4A809D8-25C8-11E1-B531-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201401-30"]}, {"type": "ibm", "idList": ["3F34D8EA25B1CFED1F77BE0A29D70083D293CF0532267E430A4F453410CE1576", "DDCE3DF1C0F2F3507A59F94E81A8ADEA101DC8CB5DCFAEE3754B7E7CBB0C41CB"]}, {"type": "ics", "idList": ["ICSA-19-192-04"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/VMSA-2012-0005-CVE-2011-3389/"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2013-0587.NASL", "MACOSX_10_7_5.NASL", "OPENSSL_1_0_1D.NASL", "OPENSUSE-2012-76.NASL", "OPENSUSE-2020-86.NASL", "ORACLELINUX_ELSA-2013-0273.NASL", "REDHAT-RHSA-2012-0006.NASL", "REDHAT-RHSA-2012-0508.NASL", "REDHAT-RHSA-2013-0273.NASL", "SLACKWARE_SSA_2013-040-01.NASL", "SOLARIS11_PYTHON_20130410.NASL", "SUSE_11_4_OPERA-110906.NASL", "SUSE_11_JAVA-1_6_0-OPENJDK-130221.NASL", "SUSE_JAVA-1_4_2-IBM-7908.NASL", "SUSE_SU-2020-0114-1.NASL", "VMWARE_VMSA-2012-0005_REMOTE.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2013-0169"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231071249", "OPENVAS:1361412562310831686", "OPENVAS:1361412562310831731", "OPENVAS:1361412562310850412", "OPENVAS:1361412562310863588", "OPENVAS:1361412562310863693", "OPENVAS:1361412562310863694", "OPENVAS:1361412562310864037", "OPENVAS:1361412562310881606", "OPENVAS:1361412562310881610", "OPENVAS:70715", "OPENVAS:850412", "OPENVAS:863691", "OPENVAS:864199", "OPENVAS:865434", "OPENVAS:870926", "OPENVAS:881611", "OPENVAS:881669"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2015-2367936"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1380"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:7535985DCB1FBEA5FAF46D9453037D10"]}, {"type": "redhat", "idList": ["RHSA-2013:0273", "RHSA-2014:0416"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27154", "SECURITYVULNS:DOC:28707", "SECURITYVULNS:DOC:29893", "SECURITYVULNS:VULN:13310"]}, {"type": "seebug", "idList": ["SSV:60220"]}, {"type": "slackware", "idList": ["SSA-2013-040-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:0378-1", "OPENSUSE-SU-2020:0086-1"]}, {"type": "symantec", "idList": ["SMNTC-1363"]}, {"type": "ubuntu", "idList": ["USN-1732-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-3389"]}]}, "exploitation": null, "affected_software": {"major_version": []}, "epss": [{"cve": "CVE-2013-0169", "epss": "0.005360000", "percentile": "0.736460000", "modified": "2023-03-19"}, {"cve": "CVE-2011-3389", "epss": "0.002110000", "percentile": "0.572640000", "modified": "2023-03-19"}], "vulnersScore": -0.1}, "_state": {"dependencies": 1678962961, "score": 1684016453, "affected_software_major_version": 0, "epss": 1679322135}, "_internal": {"score_hash": "2bcfddd2db0b56eb33cc93f53f740776"}, "sourceData": "", "affectedSoftware": [], "appercut": {}, "exploitpack": {}, "hackapp": {}, "toolHref": "", "w3af": {}}

{"securityvulns": [{"lastseen": "2018-08-31T11:10:48", "description": "\r\n\r\n\r\n\r\nESA-2013-039.txt\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nESA-2013-039: RSA BSAFE\u00ae SSL-J Multiple Vulnerabilities\r\n\r\n\r\nEMC Identifier: ESA-2013-039\r\n\r\n\r\nCVE Identifier: CVE-2011-3389, CVE-2013-0169\r\n\r\n\r\nSeverity Rating: CVSS v2 Base Score: Refer NVD (http://nvd.nist.gov/) for individual scores for each CVE\r\n\r\n \r\n\r\nAffected Products:\r\n\r\nAll versions of RSA BSAFE SSL-J except for 6.0.1 and 5.1.2\r\n\r\n \r\n\r\nUnaffected Products:\r\n\r\nRSA BSAFE SSL-J 6.0.1 and 5.1.2 (newly released)\r\n\r\n \r\n\r\nSummary: \r\n\r\nRSA BSAFE SSL-J 6.0.1 and 5.1.2 contain updates designed to prevent BEAST attacks (CVE-2011-3389) and SSL/TLS Plaintext Recovery (aka Lucky Thirteen) attacks (CVE-2013-0169).\r\n\r\n \r\n\r\nDetails: \r\n\r\nBEAST\r\n\r\nThere is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important.\r\n\r\nThe BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time.\r\n\r\n\r\nLucky Thirteen\r\n\r\nResearchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS. The \u201cLucky Thirteen\u201d attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.\r\n\r\n \r\n\r\nDetails of this attack can be found at: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\r\n \r\n\r\n\r\nRecommendation:\r\n\r\n \r\n\r\nRSA recommends that customers on RSA BSAFE SSL-J 5.1.x or lower upgrade to RSA BSAFE SSL-J 5.1.2. RSA recommends that customers on RSA BSAFE SSL-J 6.0 upgrade to RSA BSAFE SSL-J 6.0.1. \r\n\r\nTo address BEAST, RSA introduce a new feature called first block splitting to RSA BSAFE SSL-J 6.0.1 and 5.1.2. First block splitting is designed to prevent the BEAST exploit by introducing unknown data into the encryption scheme prior to the attackers inserted plain text data. This is done as follows: \r\n\r\n\u20221. The first plain text block to be encrypted is split into two blocks. The first block contains the first byte of the data, the second block contains the rest.\r\n\u20222. A MAC is generated from the one byte of data, the MAC key, and an increasing counter. This MAC is included in the first block.\r\n\u20223. The one byte of data, along with the MAC, is encrypted and becomes the IV for the next block. Because the IV is now essentially random data, it is impossible for an attacker to predict it and replace it with one of their own.\r\nFor RSA BSAFE SSL-J 6.0.1 and 5.1.2, first block splitting is engineered to be enabled by default for vulnerable cipher suites, making the application secure by default. If required, the application can disable first block splitting by setting the system property jsse.enableCBCProtection:\r\n\r\n \r\n\r\n\u2022 Using the following Java code:\r\n\r\n System.setProperty("jsse.enableCBCProtection", "false");\r\n\r\n \r\n\r\n OR\r\n\r\n \r\n\r\n\u2022 On the Java command line, passing the following argument:\r\n\r\n -Djsse.enableCBCProtection=\u201dfalse\u201d\r\n\r\n \r\n\r\nFor more information about setting security properties, see section System and Security Properties in the RSA BSAFE SSL-J Developer Guide.\r\n\r\nThe best way to help prevent the BEAST attack is to use TLS v1.1 or higher. The vulnerability to do with IV generation was fixed in TLS v1.1 (released in 2006) so implementations using only TLS v1.1 or v1.2 are engineered to be secure against the BEAST exploit. However, support for these higher level protocols is limited to a smaller number of applications, so supporting only TLS v1.1 or v1.2 might cause interoperability issues.\r\n\r\nA second solution is to limit the negotiated cipher suites to exclude those that do not require symmetric key algorithms in CBC mode. However, this substantially restricts the number of cipher suites that can be negotiated. That is, only cipher suites with NULL encryption or cipher suites with streaming encryption algorithms (the RC4 algorithm) could be negotiated, which might result in reduced security.\r\n\r\nTo address Lucky Thirteen, RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain a patch that is designed to help ensure that MAC checking is time invariant in servers. \r\n\r\nCustomers can also protect against the Lucky Thirteen attack by disabling CBC mode cipher suites on clients and servers. Cipher suites that use RC4 and, if TLS 1.2 is available, AES-GCM can be used.\r\n\r\n\r\n\r\nObtaining Downloads:\r\n\r\nTo request your upgrade of the software, please call your local support telephone number (contact phone numbers are available at http://www.rsa.com/node.aspx?id=1356 ) for most expedient service. You may also request your software upgrade online at http://www.rsa.com/go/form_ins.asp .\r\n\r\n\r\n\r\nObtaining Documentation:\r\n\r\nTo obtain RSA documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click Products in the top navigation menu. Select the specific product whose documentation you want to obtain. Scroll to the section for the product version that you want and click the set link.\r\n\r\n\r\n\r\nSeverity Rating:\r\n\r\nFor an explanation of Severity Ratings, refer to the Knowledge Base Article, \u201cSecurity Advisories Severity Rating\u201d at https://knowledge.rsasecurity.com/scolcms/knowledge.aspx?solution=a46604. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\n\r\n\r\nObtaining More Information:\r\n\r\nFor more information about RSA products, visit the RSA web site at http://www.rsa.com.\r\n\r\n\r\n\r\nGetting Support and Service:\r\n\r\nFor customers with current maintenance contracts, contact your local RSA Customer Support center with any additional questions regarding this RSA SecurCare Note. For contact telephone numbers or e-mail addresses, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com, click Help & Contact, and then click the Contact Us - Phone tab or the Contact Us - Email tab.\r\n\r\n\r\n\r\nGeneral Customer Support Information:\r\n\r\nhttp://www.rsa.com/node.aspx?id=1264\r\n\r\n\r\n\r\nRSA SecurCare Online:\r\n\r\nhttps://knowledge.rsasecurity.com\r\n\r\n\r\n\r\nEOPS Policy:\r\n\r\nRSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details. \r\nhttp://www.rsa.com/node.aspx?id=2575 \r\n\r\n\r\n\r\nSecurCare Online Security Advisories\r\n\r\nRSA, The Security Division of EMC, distributes SCOL Security Advisories in order to bring to the attention of users of the affected RSA products important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaim all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall RSA or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\r\n\r\n\r\n\r\nAbout RSA SecurCare Notes & Security Advisories Subscription\r\n\r\nRSA SecurCare Notes & Security Advisories are targeted e-mail messages that RSA sends you based on the RSA product family you currently use. If you\u2019d like to stop receiving RSA SecurCare Notes & Security Advisories, or if you\u2019d like to change which RSA product family Notes & Security Advisories you currently receive, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view3. Following the instructions on the page, remove the check mark next to the RSA product family whose Notes & Security Advisories you no longer want to receive. Click the Submit button to save your selection.\r\n\r\n\r\n\r\nSincerely,\r\n\r\nRSA Customer Support\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (Cygwin)\r\n\r\niEYEARECAAYFAlHBwyMACgkQtjd2rKp+ALwI0gCbBNOxiDjCZzTl293lMa53Yy2r\r\npcsAn2UpV1x8Zg4031kyOrW5LfV2vner\r\n=W+qW\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2013-07-15T00:00:00", "type": "securityvulns", "title": "ESA-2013-039: RSA BSAFE\u00ae SSL-J Multiple Vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2011-3389"], "modified": "2013-07-15T00:00:00", "id": "SECURITYVULNS:DOC:29602", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29602", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2021-06-08T19:10:46", "description": "SSL-related attacks.", "cvss3": {}, "published": "2013-07-15T00:00:00", "type": "securityvulns", "title": "EMC RSA BSAFE multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2011-3389"], "modified": "2013-07-15T00:00:00", "id": "SECURITYVULNS:VULN:13186", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13186", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:52", "description": "\r\n\r\n\r\n\r\nESA-2012-032.txt\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nESA-2012-032: RSA BSAFE\u00ae Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks\r\n\r\nEMC Identifier: ESA-2012-032\r\n \r\nCVE Identifier: CVE-2011-3389\r\n \r\nSeverity Rating: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\r\n \r\nAffected Products:\r\nAll versions of RSA BSAFE Micro Edition Suite (MES) except 4.0.5 and 3.2.6, all platforms\r\n \r\nUnaffected Products:\r\nRSA BSAFE MES 4.0.5, 3.2.6\r\n \r\nSummary: \r\nRSA BSAFE Micro Edition Suite contains updates designed to help prevent BEAST attacks (CVE-2011-3389)\r\n \r\nDetails: \r\nThere is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important.\r\n \r\nThe BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time.\r\n \r\nRecommendation:\r\nThe best way to help prevent this attack is to use TLS v1.1 or higher. The vulnerability to do with IV generation was fixed in TLS v1.1 (released in 2006) so implementations using only TLS v1.1 or v1.2 are engineered to be secure against the BEAST exploit. However, support for these higher level protocols is limited to a smaller number of applications, so supporting only TLS v1.1 or v1.2 might cause interoperability issues.\r\n \r\nA second solution is to limit the negotiated cipher suites to exclude those that do not require symmetric key algorithms in CBC mode. However, this substantially restricts the number of cipher suites that can be negotiated. That is, only cipher suites with NULL encryption or cipher suites with streaming encryption algorithms (the RC4 algorithm) could be negotiated, which might result in reduced security.\r\n \r\nIn MES, the way to prevent the BEAST exploit is to introduce some unknown data into the encryption scheme, prior to the attackers inserted plain text data. This is done as follows:\r\n \r\n1. After the first encrypted record is sent, any plaintext to be encrypted is split into two blocks of plaintext. The blocks of data are then sent as two encrypted records; the first encrypted record contains the first byte of data and the second encrypted record contains the rest.\r\n2. A MAC is generated from the one byte of data, the MAC key, and an increasing counter. This MAC is included in the first block of plaintext.\r\n3. The one byte of data along with the MAC is encrypted and becomes the IV for the next block. Because the IV is now essentially random data, it is impossible for an attacker to predict it and replace it with one of their own.\r\n \r\nNOTE: In this release of MES, the mitigation for the BEAST exploit is enabled by default. No code changes are required to protect against it.\r\n \r\nIn special cases, if required, the BEAST exploit mitigation, either for an SSL context or SSL object can be disabled by calling R_SSL_CTX_set_options_by_type() or R_SSL_set_options_by_type() respectively, with the SSL_OP_TYPE_SECURITY option type and the SSL_OP_NO_BEAST_MITIGATION identifier.\r\n \r\nNote the following about first block splitting:\r\n\u00b7 Splitting only occurs for negotiated cipher suites that use CBC mode.\r\n\u00b7 Handshake packets are not split. Only application data packets are split.\r\n\u00b7 Blocks of plaintext are split for each subsequent call to write data to the SSL connection after the first write is sent.\r\n \r\nFor more information about these functions and identifiers, see the RSA BSAFE MES API Reference Guide.\r\n \r\nObtaining Downloads: \r\nTo request your upgrade of the software, please call your local support telephone number (contact phone numbers are available at http://www.emc.com/support/rsa/contact/phone-numbers.htm) for most expedient service. \r\n\r\nObtaining Documentation:\r\nTo obtain RSA documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click Products in the top navigation menu. Select the specific product whose documentation you want to obtain. Scroll to the section for the product version that you want and click the set link.\r\n\r\nSeverity Rating:\r\nFor an explanation of Severity Ratings, refer to the Knowledge Base Article, \u201cSecurity Advisories Severity Rating\u201d at https://knowledge.rsasecurity.com/scolcms/knowledge.aspx?solution=a46604. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\nObtaining More Information:\r\nFor more information about RSA products, visit the RSA web site at http://www.rsa.com.\r\n\r\nGetting Support and Service:\r\nFor customers with current maintenance contracts, contact your local RSA Customer Support center with any additional questions regarding this RSA SecurCare Note. For contact telephone numbers or e-mail addresses, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com, click Help & Contact, and then click the Contact Us - Phone tab or the Contact Us - Email tab.\r\n\r\nGeneral Customer Support Information:\r\nhttp://www.emc.com/support/rsa/index.htm\r\n\r\nRSA SecurCare Online:\r\nhttps://knowledge.rsasecurity.com\r\n\r\nEOPS Policy:\r\nRSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details. \r\nhttp://www.emc.com/support/rsa/eops/index.htm\r\n\r\nSecurCare Online Security Advisories\r\nRSA, The Security Division of EMC, distributes SCOL Security Advisories in order to bring to the attention of users of the affected RSA products important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaim all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall RSA or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\r\n\r\nAbout RSA SecurCare Notes & Security Advisories Subscription\r\nRSA SecurCare Notes & Security Advisories are targeted e-mail messages that RSA sends you based on the RSA product family you currently use. If you\u2019d like to stop receiving RSA SecurCare Notes & Security Advisories, or if you\u2019d like to change which RSA product family Notes & Security Advisories you currently receive, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view3. Following the instructions on the page, remove the check mark next to the RSA product family whose Notes & Security Advisories you no longer want to receive. Click the Submit button to save your selection.\r\n\r\nSincerely,\r\nRSA Customer Support\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (Cygwin)\r\n\r\niEYEARECAAYFAlNIFjYACgkQtjd2rKp+ALwv3wCgx/mvkF8UsYt+YHuSuvFi+bS4\r\nehYAoMwjDiemy19XL7m8RH5Y52t2y5Fj\r\n=bLjw\r\n-----END PGP SIGNATURE-----\r\n\r\n", "cvss3": {}, "published": "2014-05-05T00:00:00", "type": "securityvulns", "title": "ESA-2012-032: RSA BSAFE\u00ae Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2014-05-05T00:00:00", "id": "SECURITYVULNS:DOC:30611", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30611", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:48", "description": "\r\n\r\n\r\n\r\nESA-2013-032.txt\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nESA-2013-032: RSA BSAFE\u00ae Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery (aka \u201cLucky Thirteen\u201d) Vulnerability\r\n\r\n\r\nEMC Identifier: ESA-2013-032\r\n\r\n\r\nCVE Identifier: CVE-2013-0169\r\n\r\n\r\nSeverity Rating: CVSS v2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\r\n\r\n \r\n\r\nAffected Products:\r\n\r\nAll versions of RSA BSAFE Micro Edition Suite except for 4.0.3 and 3.2.5\r\n\r\n \r\n\r\nUnaffected Products:\r\n\r\nRSA BSAFE Micro Edition Suite 4.0.3 and 3.2.5 (newly released)\r\n\r\n \r\n\r\nSummary: \r\n\r\nRSA BSAFE Micro Edition Suite 4.0.3 and 3.2.5 contain updates designed to prevent SSL/TLS Plaintext Recovery (aka Lucky Thirteen) attacks (CVE-2013-0169).\r\n\r\n \r\n\r\nDetails: \r\n\r\nResearchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS. The \u201cLucky Thirteen\u201d attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.\r\n\r\n \r\nDetails of this attack can be found at: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\r\n \r\n\r\n\r\nRecommendation:\r\n \r\n\r\nRSA BSAFE Micro Edition Suite 4.0.3 and 3.2.5 contain a patch that is designed to help ensure that MAC checking is time invariant in servers. \r\n\r\n \r\n\r\nRSA recommends that customers on RSA BSAFE Micro Edition Suite 3.2.x or lower upgrade to RSA BSAFE Micro Edition Suite 3.2.5. RSA recommends that customers on RSA BSAFE Micro Edition Suite 4.0.x upgrade to RSA BSAFE Micro Edition Suite 4.0.3. \r\n\r\nCustomers can also protect against the attack by disabling CBC mode cipher suites on clients and servers. Cipher suites that use RC4 and, if TLS 1.2 is available, AES-GCM can be used. \r\n\r\n\r\n\r\nObtaining Downloads\r\n\r\nTo request your upgrade of the software, please call your local support telephone number (contact phone numbers are available at http://www.rsa.com/node.aspx?id=1356 ) for most expedient service. You may also request your software upgrade online at http://www.rsa.com/go/form_ins.asp .\r\n\r\n\r\n\r\nObtaining Documentation:\r\n\r\nTo obtain RSA documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click Products in the top navigation menu. Select the specific product whose documentation you want to obtain. Scroll to the section for the product version that you want and click the set link.\r\n\r\n\r\n\r\nSeverity Rating:\r\n\r\nFor an explanation of Severity Ratings, refer to the Knowledge Base Article, \u201cSecurity Advisories Severity Rating\u201d at https://knowledge.rsasecurity.com/scolcms/knowledge.aspx?solution=a46604. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\n\r\n\r\nObtaining More Information:\r\n\r\nFor more information about RSA products, visit the RSA web site at http://www.rsa.com.\r\n\r\n\r\n\r\nGetting Support and Service:\r\n\r\nFor customers with current maintenance contracts, contact your local RSA Customer Support center with any additional questions regarding this RSA SecurCare Note. For contact telephone numbers or e-mail addresses, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com, click Help & Contact, and then click the Contact Us - Phone tab or the Contact Us - Email tab.\r\n\r\n\r\n\r\nGeneral Customer Support Information:\r\n\r\nhttp://www.rsa.com/node.aspx?id=1264\r\n\r\n\r\n\r\nRSA SecurCare Online:\r\n\r\nhttps://knowledge.rsasecurity.com\r\n\r\n\r\n\r\nEOPS Policy:\r\n\r\nRSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details. \r\nhttp://www.rsa.com/node.aspx?id=2575 \r\n\r\n\r\n\r\nSecurCare Online Security Advisories\r\n\r\nRSA, The Security Division of EMC, distributes SCOL Security Advisories in order to bring to the attention of users of the affected RSA products important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaim all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall RSA or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\r\n\r\n\r\n\r\nAbout RSA SecurCare Notes & Security Advisories Subscription\r\n\r\nRSA SecurCare Notes & Security Advisories are targeted e-mail messages that RSA sends you based on the RSA product family you currently use. If you\u2019d like to stop receiving RSA SecurCare Notes & Security Advisories, or if you\u2019d like to change which RSA product family Notes & Security Advisories you currently receive, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view3. Following the instructions on the page, remove the check mark next to the RSA product family whose Notes & Security Advisories you no longer want to receive. Click the Submit button to save your selection.\r\n\r\n\r\n\r\nSincerely,\r\n\r\nRSA Customer Support\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (Cygwin)\r\n\r\niEYEARECAAYFAlHBw08ACgkQtjd2rKp+ALyHQACggG2us3gMSQQX4Ol0+Zxrqjvi\r\nQAsAoLKL5rrl9BDb54SQ0i7K57mGy9S/\r\n=JcQv\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2013-07-15T00:00:00", "type": "securityvulns", "title": "ESA-2013-032 RSA BSAFE\u00ae Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery (aka \u201cLucky Thirteen\u201d) Vulnerability", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2013-07-15T00:00:00", "id": "SECURITYVULNS:DOC:29601", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29601", "sourceData": "", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:46", "description": "\r\n\r\n\r\n\r\nESA-2012-032.txt\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\nESA-2012-032: RSA BSAFE\u00ae Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks\r\n\r\nEMC Identifier: ESA-2012-032\r\n\r\nCVE Identifier: CVE-2011-3389\r\n\r\nSeverity Rating: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\r\n\r\n\r\nAffected Products:\r\n\r\nAll versions of RSA BSAFE Micro Edition Suite prior to 4.0, all platforms\r\n\r\n\r\nUnaffected Products:\r\n\r\nRSA BSAFE Micro Edition Suite 4.0 and higher\r\n\r\n\r\nSummary:\r\n\r\nRSA BSAFE Micro Edition Suite contains updates designed to prevent BEAST attacks (CVE-2011-3389)\r\n\r\n\r\n\r\nDetails:\r\n\r\nThere is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important.\r\n\r\nThe BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time.\r\n\r\n\r\n\r\nRecommendation:\r\n\r\nThe best way to help prevent this attack is to use TLS v1.1 or higher. The vulnerability to do with IV generation was fixed in TLS v1.1 (released in 2006) so implementations using only TLS v1.1 or v1.2 are engineered to be secure against the BEAST exploit. However, support for these higher level protocols is limited to a smaller number of applications, so supporting only TLS v1.1 or v1.2 might cause interoperability issues.\r\n\r\nA second solution is to limit the negotiated cipher suites to exclude those that do not require symmetric key algorithms in CBC mode. However, this substantially restricts the number of cipher suites that can be negotiated. That is, only cipher suites with NULL encryption or cipher suites with streaming encryption algorithms (the RC4 algorithm) could be negotiated, which might result in reduced security.\r\n\r\nFor customers who cannot or should not implement either of these two methods, RSA BSAFE Micro Edition Suite 4.0 introduces a new feature called first block splitting. First block splitting prevents the BEAST exploit by introducing unknown data into the encryption scheme prior to the attackers inserted plain text data. This is done as follows: \r\n\r\n\u20221. The first plain text block to be encrypted is split into two blocks. The first block contains the first byte of the data, the second block contains the rest.\r\n\u20222. A MAC is generated from the one byte of data, the MAC key, and an increasing counter. This MAC is included in the first block.\r\n\u20223. The one byte of data, along with the MAC, is encrypted and becomes the IV for the next block. Because the IV is now essentially random data, it is impossible for an attacker to predict it and replace it with one of their own.\r\nTo implement first block splitting in RSA BSAFE Micro Edition Suite 4.0, either for an SSL context or SSL object, call R_SSL_CTX_set_options_by_type() or R_SSL_set_options_by_type() respectively, with the SSL_OP_TYPE_SECURITY option type and the SSL_OP_SPLIT_FIRST_FRAGMENT identifier.\r\n\r\nFor more information about these functions and identifiers, see the RSA BSAFE Micro Edition Suite API Reference Guide.\r\n\r\n\r\n\r\nSeverity Rating:\r\n\r\nFor an explanation of Severity Ratings, refer to the Knowledge Base Article, \u201cSecurity Advisories Severity Rating\u201d at https://knowledge.rsasecurity.com/scolcms/knowledge.aspx?solution=a46604. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\n\r\nObtaining Documentation:\r\n\r\nTo obtain RSA documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click Products in the top navigation menu. Select the specific product whose documentation you want to obtain. Scroll to the section for the product version that you want and click the set link.\r\n\r\n\r\n\r\nObtaining More Information:\r\n\r\nFor more information about RSA BSAFE, visit the RSA web site at http://www.rsa.com/node.aspx?id=1204.\r\n\r\n\r\n\r\nGetting Support and Service:\r\n\r\nFor customers with current maintenance contracts, contact your local RSA Customer Support center with any additional questions regarding this RSA SecurCare Note. For contact telephone numbers or e-mail addresses, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com, click Help & Contact, and then click the Contact Us - Phone tab or the Contact Us - Email tab.\r\n\r\n\r\nGeneral Customer Support Information:\r\n\r\nhttp://www.rsa.com/node.aspx?id=1264\r\n\r\n\r\nRSA SecurCare Online:\r\n\r\nhttps://knowledge.rsasecurity.com\r\n\r\n\r\nEOPS Policy:\r\n\r\nRSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details. \r\nhttp://www.rsa.com/node.aspx?id=2575\r\n\r\n\r\nSecurCare Online Security Advisories\r\n\r\nRSA, The Security Division of EMC, distributes SCOL Security Advisories in order to bring to the attention of users of the affected RSA products important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaim all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall RSA or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\r\n\r\n\r\nAbout RSA SecurCare Notes & Security Advisories Subscription\r\n\r\nRSA SecurCare Notes & Security Advisories are targeted e-mail messages that RSA sends you based on the RSA product family you currently use. If you\u2019d like to stop receiving RSA SecurCare Notes & Security Advisories, or if you\u2019d like to change which RSA product family Notes & Security Advisories you currently receive, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view3. Following the instructions on the page, remove the check mark next to the RSA product family whose Notes & Security Advisories you no longer want to receive. Click the Submit button to save your selection.\r\n\r\n\r\nEMC Product Security Response Center\r\n\r\nSecurity_Alert@EMC.COM\r\n\r\nhttp://www.emc.com/contact-us/contact/product-security-response-center.html\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (Cygwin)\r\n\r\niEYEARECAAYFAlBKOMwACgkQtjd2rKp+ALw1HQCfezG65rzhhtvVQAFkXzXQmthr\r\nCc8An3CJlTmuxBfF1dHt/NvQgKED9eR4\r\n=++hy\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2012-10-29T00:00:00", "type": "securityvulns", "title": "ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2012-10-29T00:00:00", "id": "SECURITYVULNS:DOC:28707", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28707", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:48", "description": "\r\n\r\n\r\n\r\nESA-2013-045.txt\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nESA-2013-045: RSA BSAFE\u00ae SSL-C Security Update for SSL/TLS Plaintext Recovery (aka \u201cLucky Thirteen\u201d) Vulnerability\r\n\r\n\r\nEMC Identifier: ESA-2013-045\r\n\r\n\r\nCVE Identifier: CVE-2013-0169\r\n\r\n\r\nSeverity Rating: CVSS v2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\r\n\r\n \r\n\r\nAffected Products:\r\n\r\nAll versions of RSA BSAFE SSL-C except for 2.8.7\r\n\r\n \r\n\r\nUnaffected Products:\r\n\r\nRSA BSAFE SSL-C 2.8.7 (newly released)\r\n\r\n\r\nSummary: \r\n\r\nRSA BSAFE SSL-C 2.8.7 contains updates designed to prevent SSL/TLS Plaintext Recovery (aka Lucky Thirteen) attacks (CVE-2013-0169).\r\n\r\n \r\n\r\nDetails: \r\n\r\nResearchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS. The \u201cLucky Thirteen\u201d attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.\r\n \r\n\r\nDetails of this attack can be found at: http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\r\n \r\n\r\n\r\nRecommendation:\r\n\r\nRSA BSAFE SSL-C 2.8.7 contains a patch that is designed to help ensure that MAC checking is time invariant in servers. \r\n\r\n \r\nRSA recommends that customers on RSA BSAFE SSL-C 2.8.6 or lower upgrade to RSA BSAFE SSL-C 2.8.7. \r\n \r\n\r\nCustomers can also protect against the attack by disabling CBC mode cipher suites on clients and servers. Cipher suites that use RC4 and, if TLS 1.2 is available, AES-GCM can be used.\r\n\r\n\r\n\r\nObtaining Downloads\r\n\r\nTo request your upgrade of the software, please call your local support telephone number (contact phone numbers are available at http://www.rsa.com/node.aspx?id=1356 ) for most expedient service. You may also request your software upgrade online at http://www.rsa.com/go/form_ins.asp .\r\n\r\n\r\n\r\n\r\nObtaining Documentation:\r\n\r\nTo obtain RSA documentation, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com and click Products in the top navigation menu. Select the specific product whose documentation you want to obtain. Scroll to the section for the product version that you want and click the set link.\r\n\r\n\r\n\r\n\r\nSeverity Rating:\r\n\r\nFor an explanation of Severity Ratings, refer to the Knowledge Base Article, \u201cSecurity Advisories Severity Rating\u201d at https://knowledge.rsasecurity.com/scolcms/knowledge.aspx?solution=a46604. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\n\r\n\r\n\r\nObtaining More Information:\r\n\r\nFor more information about RSA products, visit the RSA web site at http://www.rsa.com.\r\n\r\n\r\n\r\nGetting Support and Service:\r\n\r\nFor customers with current maintenance contracts, contact your local RSA Customer Support center with any additional questions regarding this RSA SecurCare Note. For contact telephone numbers or e-mail addresses, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com, click Help & Contact, and then click the Contact Us - Phone tab or the Contact Us - Email tab.\r\n\r\n\r\n\r\nGeneral Customer Support Information:\r\n\r\nhttp://www.rsa.com/node.aspx?id=1264\r\n\r\n\r\n\r\nRSA SecurCare Online:\r\n\r\nhttps://knowledge.rsasecurity.com\r\n\r\n\r\n\r\nEOPS Policy:\r\n\r\nRSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details. \r\nhttp://www.rsa.com/node.aspx?id=2575 \r\n\r\n\r\n\r\nSecurCare Online Security Advisories\r\n\r\nRSA, The Security Division of EMC, distributes SCOL Security Advisories in order to bring to the attention of users of the affected RSA products important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaim all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall RSA or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\r\n\r\n\r\n\r\nAbout RSA SecurCare Notes & Security Advisories Subscription\r\n\r\nRSA SecurCare Notes & Security Advisories are targeted e-mail messages that RSA sends you based on the RSA product family you currently use. If you\u2019d like to stop receiving RSA SecurCare Notes & Security Advisories, or if you\u2019d like to change which RSA product family Notes & Security Advisories you currently receive, log on to RSA SecurCare Online at https://knowledge.rsasecurity.com/scolcms/help.aspx?_v=view3. Following the instructions on the page, remove the check mark next to the RSA product family whose Notes & Security Advisories you no longer want to receive. Click the Submit button to save your selection.\r\n\r\n\r\n\r\nSincerely,\r\n\r\nRSA Customer Support\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (Cygwin)\r\n\r\niEYEARECAAYFAlHBwwAACgkQtjd2rKp+ALzA8QCeKc//gfYNJwz8q+g7GtInPEgS\r\ngIcAoI2ry3F2QWCjVbEC7w7Ll2jed3mo\r\n=cTJ7\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2013-07-15T00:00:00", "type": "securityvulns", "title": "ESA-2013-045: RSA BSAFE\u00ae SSL-C Security Update for SSL/TLS Plaintext Recovery (aka \u201cLucky Thirteen\u201d) Vulnerability", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2013-07-15T00:00:00", "id": "SECURITYVULNS:DOC:29603", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29603", "sourceData": "", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:45", "description": "DoS on base64 parsing.", "cvss3": {}, "published": "2012-01-02T00:00:00", "type": "securityvulns", "title": "lighthttpd security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2011-4362"], "modified": "2012-01-02T00:00:00", "id": "SECURITYVULNS:VULN:12116", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12116", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:43", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ---------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2368-1 security@debian.org\r\nhttp://www.debian.org/security/ Nico Golde\r\nDec 20th, 2011 http://www.debian.org/security/faq\r\n- ---------------------------------------------------------------------------\r\n\r\nPackage : lighttpd\r\nVulnerability : multiple\r\nProblem type : remote\r\nDebian-specific: no\r\nDebian bug : 652726\r\nCVE IDs : CVE-2011-4362 CVE-2011-3389\r\n\r\nSeveral vulnerabilities have been discovered in lighttpd, a small and fast\r\nwebserver with minimal memory footprint.\r\n\r\nCVE-2011-4362\r\n\r\n Xi Wang discovered that the base64 decoding routine which is used to\r\n decode user input during an HTTP authentication, suffers of a signedness\r\n issue when processing user input. As a result it is possible to force\r\n lighttpd to perform an out-of-bounds read which results in Denial of\r\n Service conditions.\r\n\r\nCVE-2011-3389\r\n\r\n When using CBC ciphers on an SSL enabled virtual host to communicate with\r\n certain client, a so called "BEAST" attack allows man-in-the-middle\r\n attackers to obtain plaintext HTTP traffic via a blockwise\r\n chosen-boundary attack (BCBA) on an HTTPS session. Technically this is\r\n no lighttpd vulnerability. However, lighttpd offers a workaround to\r\n mitigate this problem by providing a possibility to disable CBC ciphers.\r\n\r\n This updates includes this option by default. System administrators\r\n are advised to read the NEWS file of this update (as this may break older\r\n clients).\r\n\r\n\r\nFor the oldstable distribution (lenny), this problem has been fixed in\r\nversion 1.4.19+lenny3.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 1.4.28-2+squeeze1.\r\n\r\nFor the testing distribution (squeeze), this problem will be fixed soon.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1.4.30-1.\r\n\r\n\r\nWe recommend that you upgrade your lighttpd packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niEYEARECAAYFAk7xJ1MACgkQHYflSXNkfP+N5ACgtImneTJSdyEiCLnWTFA0uxzz\r\nqP0An07LJwL5K3NmrMRfKeCVpigpn1zR\r\n=QU3k\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2011-12-26T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 2368-1] lighttpd security update", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2011-4362"], "modified": "2011-12-26T00:00:00", "id": "SECURITYVULNS:DOC:27485", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27485", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ics": [{"lastseen": "2023-09-23T07:58:55", "description": "## 1\\. EXECUTIVE SUMMARY\n\n * **CVSS v3 5.9**\n * **ATTENTION**: Exploitable remotely/public exploits are available\n * **Vendor**: Siemens\n * **Equipment**: SIMATIC RF6XXR\n * **Vulnerabilities**: Improper Input Validation, Cryptographic Issues\n\n## 2\\. RISK EVALUATION\n\nSuccessful exploitation of these vulnerabilities could allow access to sensitive information.\n\n## 3\\. TECHNICAL DETAILS\n\n### 3.1 AFFECTED PRODUCTS\n\nSiemens reports that the vulnerabilities affect all versions prior to 3.2.1 of the following SIMATIC RF6XXR UHF RFID products:\n\n * RF615R\n * RF68XR\n\n### 3.2 VULNERABILITY OVERVIEW\n\n**3.2.1 [IMPROPER INPUT VALIDATION CWE-20](<https://cwe.mitre.org/data/definitions/20.html>)** \nThe SSL protocol encrypts data by using CBC mode with chained initialization vectors, which may allow a man-in-the-middle attack to obtain plaintext HTTP headers. \n[CVE-2011-3389 ](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389>)has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N>)).\n\n**3.2.2 [CRYPTOGRAPIC ISSUES CWE-310](<https://cwe.mitre.org/data/definitions/310.html>)** \nLong-duration TLS sessions used with a 64-bit block cipher may allow remote attackers to obtain cleartext data. \n[CVE-2016-6329 ](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6329>)has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N>)).\n\n**3.2.3 [CRYPTOGRAPIC ISSUES CWE-310](<https://cwe.mitre.org/data/definitions/310.html>)** \nOutdated versions of TLS and DTLS allow statistical analysis of timing data for crafted packets, which may allow remote attackers to conduct distinguishing and plaintext-recovery attacks. \n[CVE-2013-0169 ](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0169>)has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N>)).\n\n### 3.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS**: Critical Manufacturing, Food and Agriculture, Transportation Systems\n * **COUNTRIES/AREAS DEPLOYED**: Worldwide\n * **COMPANY HEADQUARTERS LOCATION**: Germany\n\n### 3.4 RESEARCHER\n\nWendy Parrington from United Utilities reported these vulnerabilities to Siemens.\n\n## 4\\. MITIGATIONS\n\nSiemens recommends users upgrade to Version 3.2.1 or newer for both affected products.\n\nSiemens also recommends users restrict network access to the device.\n\nFor more information on these vulnerabilities and associated software updates, please see Siemens\u2019 security advisory SSA-556833 at: [https://www.siemens.com/cert/advisories.](<https://www.siemens.com/cert/advisories>)\n\nNCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are [not accessible from the Internet](<https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01>).\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nNCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nNCCIC also provides a section for [control systems security recommended practices](<https://www.us-cert.gov/ics/recommended-practices>) on the [ICS webpage on us-cert.gov](<https://www.us-cert.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.\n\nHigh skill level is needed to exploit.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-11T12:00:00", "type": "ics", "title": "Siemens SIMATIC RF6XXR", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389", "CVE-2013-0169", "CVE-2016-6329"], "modified": "2019-07-11T12:00:00", "id": "ICSA-19-192-04", "href": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-192-04", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-07-28T12:46:20", "description": "## OVERVIEW\n\nSiemens has identified a BEAST (Browser Exploit Against SSL/TLS) attack vulnerability in Siemens Ruggedcom WIN products. This vulnerability was originally reported directly to Siemens ProductCERT by Dan Frein and Paul Cotter of West Monroe Partners. Siemens has produced a firmware update that fixes compatibility issues with BEAST mitigations of current browser versions.\n\nThis vulnerability could be exploited remotely.\n\n## AFFECTED PRODUCTS\n\nThe following Siemens Ruggedcom WIN product lines are affected:\n\n * WIN7000: all versions prior to v4.4,\n * WIN7200: all versions prior to v4.4,\n * WIN5100: all versions prior to v4.4, and\n * WIN5200: all versions prior to v4.4.\n\n## IMPACT\n\nAn attacker who successfully exploits a system using this vulnerability may be able to access the session ID of the user\u2019s current web session. If combined with a social engineering attack, the attacker may be able to read traffic exchanged between the user and the device.\n\nImpact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nSiemens is a multinational company headquartered in Munich, Germany.\n\nThe Ruggedcom WIN product line is a family of products compliant with the WiMAX 802.16e Wave 2 mobile broadband wireless standard. The product family includes a variety of base stations and subscriber stations. Siemens estimates that these products are used primarily in the United States and Europe with a small percentage in Asia.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### IMPROPER INPUT VALIDATIONCWE-20: Improper Input Validation, http://cwe.mitre.org/data/definitions/20.html, web site last accessed April 08, 2014.\n\nThe SSL/TLS secured web interface of the affected products is vulnerable to the BEAST attack. As it uses SSL libraries, which are not compatible with 1/n-1 record splitting, some newer browser versions are not able to connect to the web interface.\n\nCVE-2011-3389NVD, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389, web site last accessed April 08, 2014. has been assigned to this vulnerability. A CVSS v2 base score of 4.3 has been assigned; the CVSS vector string is (AV:N/AC:M/Au:N/C:P/I:N/A:N).CVSS Calculator, http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:M/Au:N/C:P/I:N/A:N, web site last accessed April 08, 2014.\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nNo known public exploits specifically target this vulnerability.\n\n#### DIFFICULTY\n\nAn attacker with a moderate skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nSiemens has provided a firmware update (Ruggedcom WIN v4.4) that supports the mitigation technique and recommends customers to update to this version. The update does not fix the BEAST vulnerability itself. After the update, it is possible for customers to securely access the web interface with current version browsers, as the mitigation for the BEAST attack is contained in the browser code.\n\nFor more information on this vulnerability and detailed instructions, please see Siemens Security Advisory SSA-353456 at the following location:\n\n<http://www.siemens.com/cert/advisories>\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: http://ics-cert.us-cert.gov/content/recommended-practices. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Mitigation Strategies, that is available for download from the ICS-CERT web site (http://ics-cert.us-cert.gov/).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n", "cvss3": {}, "published": "2018-09-06T12:00:00", "type": "ics", "title": "Siemens Ruggedcom WIN Products BEAST Attack Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2018-09-06T12:00:00", "id": "ICSA-14-098-03", "href": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-098-03", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-05-27T14:14:44", "description": "The remote Oracle database server is missing the October 2013 Critical Patch Update (CPU). It is, therefore, affected by multiple security vulnerabilities in the following components :\n\n - Core RDBMS\n - Oracle Security service\n - XML Parser", "cvss3": {}, "published": "2013-10-16T00:00:00", "type": "nessus", "title": "Oracle Database Multiple Vulnerabilities (October 2013 CPU) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2013-0169", "CVE-2013-3826", "CVE-2013-5771"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:database_server"], "id": "ORACLE_RDBMS_CPU_OCT_2013.NASL", "href": "https://www.tenable.com/plugins/nessus/70460", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70460);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2011-3389\",\n \"CVE-2013-0169\",\n \"CVE-2013-3826\",\n \"CVE-2013-5771\"\n );\n script_bugtraq_id(\n 49778,\n 57778,\n 63044,\n 63046\n );\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Database Multiple Vulnerabilities (October 2013 CPU) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle database server is missing the October 2013 Critical\nPatch Update (CPU). It is, therefore, affected by multiple security\nvulnerabilities in the following components :\n\n - Core RDBMS\n - Oracle Security service\n - XML Parser\");\n # http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ac29c174\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2013 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:database_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_rdbms_query_patch_info.nbin\", \"oracle_rdbms_patch_info.nbin\");\n\n exit(0);\n}\n\ninclude(\"oracle_rdbms_cpu_func.inc\");\n\n################################################################################\n# OCT2013\npatches = make_nested_array();\n\n# RDBMS 11.1.0.7\npatches[\"11.1.0.7\"][\"db\"][\"nix\"] = make_array(\"patch_level\", \"11.1.0.7.17\", \"CPU\", \"17082374, 17082366\");\npatches[\"11.1.0.7\"][\"db\"][\"win32\"] = make_array(\"patch_level\", \"11.1.0.7.54\", \"CPU\", \"17363759\");\npatches[\"11.1.0.7\"][\"db\"][\"win64\"] = make_array(\"patch_level\", \"11.1.0.7.54\", \"CPU\", \"17363760\");\n# RDBMS 12.1.0.1\npatches[\"12.1.0.1\"][\"db\"][\"nix\"] = make_array(\"patch_level\", \"12.1.0.1.1\", \"CPU\", \"17027533\");\npatches[\"12.1.0.1\"][\"db\"][\"win32\"] = make_array(\"patch_level\", \"12.1.0.1.1\", \"CPU\", \"17363795\");\npatches[\"12.1.0.1\"][\"db\"][\"win64\"] = make_array(\"patch_level\", \"12.1.0.1.1\", \"CPU\", \"17363796\");\n# RDBMS 11.2.0.2\npatches[\"11.2.0.2\"][\"db\"][\"nix\"] = make_array(\"patch_level\", \"11.2.0.2.12\", \"CPU\", \"17082375, 17082367\");\npatches[\"11.2.0.2\"][\"db\"][\"win32\"] = make_array(\"patch_level\", \"11.2.0.2.27\", \"CPU\", \"17363837\");\npatches[\"11.2.0.2\"][\"db\"][\"win64\"] = make_array(\"patch_level\", \"11.2.0.2.27\", \"CPU\", \"17363838\");\n# RDBMS 11.2.0.3\npatches[\"11.2.0.3\"][\"db\"][\"nix\"] = make_array(\"patch_level\", \"11.2.0.3.8\", \"CPU\", \"17082364, 16902043\");\npatches[\"11.2.0.3\"][\"db\"][\"win32\"] = make_array(\"patch_level\", \"11.2.0.3.25\", \"CPU\", \"17363844\");\npatches[\"11.2.0.3\"][\"db\"][\"win64\"] = make_array(\"patch_level\", \"11.2.0.3.25\", \"CPU\", \"17363850\");\n\ncheck_oracle_database(patches:patches);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:07", "description": "According to its banner, the remote host is running a version of Kerio Connect (formerly known Kerio MailServer) prior to 8.1.0. It is, therefore, affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.", "cvss3": {}, "published": "2014-02-07T00:00:00", "type": "nessus", "title": "Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:kerio:connect"], "id": "KERIO_CONNECT_810.NASL", "href": "https://www.tenable.com/plugins/nessus/72393", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72393);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote mail server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote host is running a version of Kerio\nConnect (formerly known Kerio MailServer) prior to 8.1.0. It is,\ntherefore, affected by an information disclosure vulnerability, known\nas BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the\nway the initialization vector (IV) is selected when operating in\ncipher-block chaining (CBC) modes. A man-in-the-middle attacker can\nexploit this to obtain plaintext HTTP header data, by using a\nblockwise chosen-boundary attack (BCBA) on an HTTPS session, in\nconjunction with JavaScript code that uses the HTML5 WebSocket API,\nthe Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.kerio.com/connect/history/older\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Kerio Connect 8.1.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:kerio:connect\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"kerio_kms_641.nasl\", \"kerio_mailserver_admin_port.nasl\");\n script_require_keys(\"kerio/port\");\n script_require_ports(\"Services/kerio_mailserver_admin\", 25, 465, 587);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_kb_item_or_exit('kerio/port');\nver = get_kb_item_or_exit('kerio/'+port+'/version');\ndisplay_ver = get_kb_item_or_exit('kerio/'+port+'/display_version');\n\n# Versions prior to 7 are called MailServer; versions after are called Connect\nif (ver =~ '^[0-6]\\\\.') product = \"Kerio MailServer\";\nelse product = \"Kerio Connect\";\n\n# Workaround works for 8.0.1 and later\nif (ver =~ '^8\\\\.0\\\\.[12]([^0-9]|$)' && report_paranoia < 2) audit(AUDIT_LISTEN_NOT_VULN, product, port, display_ver);\n\nfixed_version = \"8.1.0\";\n\nif (ver_compare(ver:ver, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity)\n {\n report =\n '\\n Product : ' + product +\n '\\n Installed version : ' + display_ver +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\n\naudit(AUDIT_LISTEN_NOT_VULN, product, port, display_ver);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:28", "description": "A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow information disclosure if an attacker intercepts encrypted traffic served from an affected system.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.\n\nThis plugin tries to establish an SSL/TLS remote connection using an affected SSL version and cipher suite and then solicits return data.\nIf returned application data is not fragmented with an empty or one-byte record, it is likely vulnerable.\n\nOpenSSL uses empty fragments as a countermeasure unless the 'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL is initialized.\n\nMicrosoft implemented one-byte fragments as a countermeasure, and the setting can be controlled via the registry key HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\SendExtraRecord.\n\nTherefore, if multiple applications use the same SSL/TLS implementation, some may be vulnerable while others may not be, depending on whether or not a countermeasure has been enabled.\n\nNote that this plugin detects the vulnerability in the SSLv3/TLSv1 protocol implemented in the server. It does not detect the BEAST attack where it exploits the vulnerability at HTTPS client-side (i.e., Internet browser). The detection at server-side does not necessarily mean your server is vulnerable to the BEAST attack, because the attack exploits the vulnerability at the client-side, and both SSL/TLS clients and servers can independently employ the split record countermeasure.", "cvss3": {}, "published": "2012-04-16T00:00:00", "type": "nessus", "title": "SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": [], "id": "SSL3_TLS1_IV_IMPL_INFO_DISCLOSURE.NASL", "href": "https://www.tenable.com/plugins/nessus/58751", "sourceData": "#TRUSTED 1c09e57918a34eb380475831ff14af56c6a719d156a8b7fa6cb7553e658f8a22ac62dbcc9996e7729fa6d14bf83687cc951f1f2f10a651d629e67419f552e4533ca25e6f631c768859627a1a471575658187eaa923dccbfdac42910dc2528657788ad512bcffeb6005787672d1b0451bf28ac08de4509757325eb858a9172e61149083219a1b8f90e5b58db207c0b38cb5d2d14622bb8d5ed425d3d933c36c25872e6bb88776827a0317d53557989e4380bc2516e85533de1e4cb169368d0dd17d7fc838ef37f3a9eaa415fb0bac21e25e6a226ecb93de57d5ab1f6c51401082713ce479cb38866df0c7002ed7e2aae7c32e42817078a07a25a8accdcb5d1aef1b5a8b98ff45d9bbce57a0256e3184b125bcea13b14f7b88333258165a1b20367b445b2af45c48f60799c2d7427746060ab5211190c7964e742b7e12820e0858b90b0f6140a4714691fd456e3b012e711ee22947117ed1c1fe7c658276fb211774cb92d35a5b6ea26ee9d61abaf0a1a0504083b274823fed5fd0754ad17d4a6aa558750b4e0173b73f0d3d07a47337e0741026a1179c97a672296d49a6b1a60c8b8f320b15c4616b41fbcb6ec2215294eb81ca5130cd383c22561db3bf62ffdc41822728a634f3e47cad5b0b99d7abe51aaaf1a97c70b5f00aa9aaf37530b40912e0988c6bdfb679059e6b22a7ccf53bc6a746e8e50abed07d7372ae11133e99\n#TRUST-RSA-SHA256 7f1a56671af4ff831be079d04ae1817a8d85bd3aca74dbe89504a356f731ec1ed5332c6365a749070a483bbf19b4b3e7e5724902fdb9a2c7ea786fa282eeebf258e07bff782856dbc8ff001c602d8184063bf97282c87ef5e236ee565662711bbb7d848785f4319a12934198c543c382e7e2e30fa0c77a4284f841a75f2d58e6f992c156b8b87b1c6bb5591d6dc607bec5183f9a192274e13beb5cfbacfa36de7a90397598e7501cf1f97597b1aa28dfcf47277044445ddc75133dd74debc776051b1ea8606ba6765a0b2d6cda721332d1c88a1a7354c65cfed7bece58e9813b340d90fedee490a70524ffef05913f88036c952619271605f5e5ee04749ecf1517a4abff9a51c1ce78497b018e77a6e2a3dc9216d1a7e8df2870516c4b9468338cf4df456e955c529c7fcdc11f4f5f842e1821f82dd7294b990e3f1aa4d004d5de02087633cace8508484f8f17f1675d137c4672be69ba628a0042eea4f20ab592c4645f44ccd688f02733937031b204f9056994f5310e6406fb6d4167f246d4e0df6392768610b581cf28b2d6616dc52691f99f7d544bdd665cccf735efc2f8ecd00d67947942283485ed729b0069dfc1a909cae42471ea23f5d7f6ad0912efa5550929a1496a09f9aea266bbf9f81928c90f13215ace006182e8d364074b058aa32ed6b667bbab393080ba67eb03da984146462dea734030088e9cf7c91532\n#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58751);\n script_version(\"1.43\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"MSFT\", value:\"MS12-006\");\n script_xref(name:\"IAVB\", value:\"2012-B-0006\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It may be possible to obtain sensitive information from the remote\nhost with SSL/TLS-enabled services.\");\n script_set_attribute(attribute:\"description\", value:\n\"A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow\ninformation disclosure if an attacker intercepts encrypted traffic\nserved from an affected system.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\n\nThis plugin tries to establish an SSL/TLS remote connection using an\naffected SSL version and cipher suite and then solicits return data.\nIf returned application data is not fragmented with an empty or\none-byte record, it is likely vulnerable.\n\nOpenSSL uses empty fragments as a countermeasure unless the\n'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL\nis initialized.\n\nMicrosoft implemented one-byte fragments as a countermeasure, and the\nsetting can be controlled via the registry key\nHKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\SendExtraRecord.\n\nTherefore, if multiple applications use the same SSL/TLS\nimplementation, some may be vulnerable while others may not be,\ndepending on whether or not a countermeasure has been enabled.\n\nNote that this plugin detects the vulnerability in the SSLv3/TLSv1\nprotocol implemented in the server. It does not detect the BEAST\nattack where it exploits the vulnerability at HTTPS client-side\n(i.e., Internet browser). The detection at server-side does not\nnecessarily mean your server is vulnerable to the BEAST attack,\nbecause the attack exploits the vulnerability at the client-side, and\nboth SSL/TLS clients and servers can independently employ the split\nrecord countermeasure.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://vnhacker.blogspot.com/2011/09/beast.html\");\n # https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-006\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?649b81c1\");\n # https://support.microsoft.com/en-us/help/2643584/ms12-006-vulnerability-in-ssl-tls-could-allow-information-disclosure-j\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84775fd6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blogs.msdn.microsoft.com/kaushal/2012/01/20/fixing-the-beast/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.\nConfigure SSL/TLS servers to only support cipher suites that do not\nuse block ciphers. Apply patches if available.\n\nNote that additional configuration may be required after the\ninstallation of the MS12-006 security update in order to enable the\nsplit-record countermeasure. See Microsoft KB2643584 for details.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssl_supported_versions.nasl\");\n script_require_keys(\"SSL/Supported\");\n\n exit(0);\n}\n\ninclude(\"ftp_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"http.inc\");\ninclude(\"ldap_func.inc\");\ninclude(\"nntp_func.inc\");\ninclude(\"smtp_func.inc\");\ninclude(\"telnet2_func.inc\");\ninclude(\"x509_func.inc\");\ninclude(\"rsync.inc\");\ninclude(\"audit.inc\");\ninclude(\"string.inc\");\n\nglobal_var _ssl;\n\nif (!get_kb_item(\"Settings/PCI_DSS\") && !thorough_tests) exit(0, \"This plugin only runs if 'Thorough tests' is enabled or if PCI scanning is enabled.\");\n##\n# Get cipher description.\n#\n# @return Value of ciphers_desc[<name>] from ssl_funcs.inc.\n##\nfunction ssl3_get_cipher_desc()\n{\n local_var cipher, name;\n\n if (!isnull(_ssl['cipher_desc']))\n return _ssl['cipher_desc'];\n\n cipher = _ssl['cipher'];\n name = cipher_name(id:cipher);\n if (isnull(name)) return NULL;\n\n return ciphers_desc[name];\n}\n\n##\n# Checks whether a cipher is in a list of cipher suites.\n#\n# @anonparam cipher Cipher in question.\n# @anonparam ciphers List of cipher suites.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_cipher_in_list()\n{\n local_var cipher, ciphers, i, id, len;\n\n cipher = _FCT_ANON_ARGS[0];\n ciphers = _FCT_ANON_ARGS[1];\n\n len = strlen(ciphers);\n for (i = 0; i < len; i += 2)\n {\n id = substr(ciphers, i, i + 2 - 1);\n if (cipher == id) return TRUE;\n }\n\n return FALSE;\n}\n\n##\n# Split the key block into IVs, cipher keys, and MAC keys.\n#\n# @anonparam keyblk Key block derived from the master secret.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_set_keys()\n{\n local_var desc, mac_size, iv_size, key_size, keyblk, pos;\n local_var encrypt, mac;\n\n desc = ssl3_get_cipher_desc();\n if (isnull(desc)) return FALSE;\n\n encrypt = cipher_field(name:desc, field:\"encrypt\");\n mac = cipher_field(name:desc, field:\"mac\");\n\n keyblk = _FCT_ANON_ARGS[0];\n\n # Determine the size of the key block's fields.\n if ('SHA1' >< mac) mac_size = 20;\n else if ('MD5' >< mac) mac_size = 16;\n else return FALSE;\n\n if ('3DES-CBC(168)' >< encrypt) { key_size = 24; iv_size = 8; }\n else if ('DES-CBC(56)' >< encrypt) { key_size = 8; iv_size = 8; }\n else if ('AES-CBC(128)' >< encrypt) { key_size = 16; iv_size = 16; }\n else if ('AES-CBC(256)' >< encrypt) { key_size = 32; iv_size = 16; }\n else return FALSE;\n\n # Ensure the block is big enough.\n if (strlen(keyblk) < 2 * (mac_size + key_size + iv_size))\n return FALSE;\n\n # Extract the data from the key block.\n pos = 0;\n _ssl['enc_mac_key'] = substr(keyblk, pos, pos + mac_size - 1); pos += mac_size;\n _ssl['dec_mac_key'] = substr(keyblk, pos, pos + mac_size - 1); pos += mac_size;\n _ssl['enc_key'] = substr(keyblk, pos, pos + key_size - 1); pos += key_size;\n _ssl['dec_key'] = substr(keyblk, pos, pos + key_size - 1); pos += key_size;\n _ssl['enc_iv'] = substr(keyblk, pos, pos + iv_size - 1); pos += iv_size;\n _ssl['dec_iv'] = substr(keyblk, pos, pos + iv_size - 1);\n\n return TRUE;\n}\n\n##\n# Hashes data.\n#\n# @anonparam data Data to be hashed.\n#\n# @return Message digest of the given data.\n##\nfunction ssl3_hash()\n{\n local_var data, desc;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"mac\");\n if (empty_or_null(desc)) return NULL;\n\n data = _FCT_ANON_ARGS[0];\n\n if ('SHA1' >< desc)\n return SHA1(data);\n\n if ('MD5' >< desc)\n return MD5(data);\n\n return NULL;\n}\n\n##\n# Compute the HMAC of the data.\n#\n# @anonparam data Data to be HMACed.\n# @anonparam key The key for the HMAC algorithm.\n#\n# @return HMAC of the given data.\n##\nfunction ssl3_hmac()\n{\n local_var data, desc, key;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"mac\");\n if (empty_or_null(desc)) return NULL;\n\n key = _FCT_ANON_ARGS[0];\n data = _FCT_ANON_ARGS[1];\n\n if ('SHA1' >< desc)\n return HMAC_SHA1(key:key, data:data);\n\n if ('MD5' >< desc)\n return HMAC_MD5(key:key, data:data);\n\n return NULL;\n}\n\n##\n# Computes the MAC of the data.\n#\n# @param client Whether the data is from the client or server.\n# @param data The data to be calculate the MAC of.\n# @param type The type of the record.\n#\n# @returns The MAC of the given data, in protocol-specific form.\n##\nfunction ssl3_mac(client, data, type)\n{\n local_var key, seq;\n\n if (isnull(client))\n client = TRUE;\n\n if (client)\n {\n key = _ssl['enc_mac_key'];\n seq = _ssl['clt_seq'];\n }\n else\n {\n key = _ssl['dec_mac_key'];\n seq = _ssl['srv_seq'];\n }\n\n # Encode the client sequence number.\n seq = mkdword(0) + mkdword(seq);\n\n if (_ssl['version'] == SSL_V3)\n {\n return ssl3_hash(\n key + # Key\n crap(data:'\\x5c', length:40) + # O-Pad\n ssl3_hash( #\n key + # Key\n crap(data:'\\x36', length:40) + # I-Pad\n seq + # 64-bit sequence number\n mkbyte(type) + # Record ID\n mkword(strlen(data)) + # Data length\n data # Data\n )\n );\n }\n\n if (_ssl['version'] == TLS_10)\n {\n return ssl3_hmac(\n key,\n seq + tls_mk_record(type:type, data:data, version:TLS_10)\n );\n }\n\n return NULL;\n}\n\n##\n# Encrypt or decrypt data.\n#\n# @anon param data input data\n# @param enc Whether to encrypt (TRUE) or decrypt (FALSE).\n#\n# @return Result of encrypting or decrypting the given data.\n##\nfunction ssl3_crypt(enc)\n{\n local_var data, desc, iv, key, out, ret;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"encrypt\");\n if (empty_or_null(desc)) return NULL;\n\n data = _FCT_ANON_ARGS[0];\n\n if (enc)\n {\n key = _ssl['enc_key'];\n iv = _ssl['enc_iv'];\n }\n else\n {\n key = _ssl['dec_key'];\n iv = _ssl['dec_iv'];\n }\n\n if ('3DES-CBC(168)' >< desc)\n {\n if (enc)\n ret = tripledes_cbc_encrypt(data:data, key:key, iv:iv);\n else\n ret = tripledes_cbc_decrypt(data:data, key:key, iv:iv);\n }\n else if ('DES-CBC(56)' >< desc)\n {\n out = des_cbc_encrypt(data:data, key:key, iv:iv, encrypt:enc);\n if (enc)\n ret = make_list(out, substr(out, strlen(out) - 8));\n else\n ret = make_list(out, substr(data, strlen(data) - 8));\n }\n else if ('AES-CBC(128)' >< desc || 'AES-CBC(256)' >< desc)\n {\n if (enc)\n ret = aes_cbc_encrypt(data:data, key:key, iv:iv);\n else\n ret = aes_cbc_decrypt(data:data, key:key, iv:iv);\n }\n\n if (isnull(ret)) return NULL;\n\n # Update IV for the next block.\n if (enc)\n _ssl['enc_iv'] = ret[1];\n else\n _ssl['dec_iv'] = ret[1];\n\n return ret[0];\n}\n\n##\n# Encrypt data with the block cipher.\n#\n# @anonparam data The data to be encrypted.\n#\n# @return The ciphertext of the given data.\n##\nfunction ssl3_encrypt()\n{\n local_var data, block_size, padlen;\n\n data = _FCT_ANON_ARGS[0];\n\n # Calculate how much padding is needed to fill the block.\n block_size = strlen(_ssl['enc_iv']);\n padlen = block_size - (strlen(data) % block_size);\n\n # Append the padding to the data.\n data += crap(data:mkbyte(padlen - 1), length:padlen);\n\n return ssl3_crypt(data, enc:TRUE);\n}\n\n##\n# Decrypt data with the block cipher.\n#\n# @anonparam data The data to be decrypted.\n#\n# @return The plaintext of the given data.\n##\nfunction ssl3_decrypt()\n{\n return ssl3_crypt(_FCT_ANON_ARGS[0], enc:FALSE);\n}\n\n##\n# Sets an error message\n#\n# @anonparam msg The error message.\n#\n# @return NULL.\n##\nfunction ssl3_set_error()\n{\n _ssl['error'] = _FCT_ANON_ARGS[0];\n\n return NULL;\n}\n\n##\n# Get last error message.\n#\n# @return Last error message.\n##\nfunction ssl3_get_lasterror()\n{\n return _ssl['error'];\n}\n\n##\n# Write data from an established SSL connection.\n#\n# @anonparam data Data to be written.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_write()\n{\n local_var data, dlen, mac, rec, rlen, sent, type;\n\n data = _FCT_ANON_ARGS[0];\n\n type = SSL3_CONTENT_TYPE_APPLICATION_DATA;\n dlen = strlen(data);\n\n # Compute the MAC of the unencrypted application data.\n mac = ssl3_mac(data:data, type:type);\n\n # Append the MAC to the data and encrypt everything.\n data = ssl3_encrypt(data + mac);\n\n # Make a record and send it to the server.\n rec = ssl_mk_record(type:type, data:data, version:_ssl['version']);\n rlen = strlen(rec);\n sent = send(socket:_ssl['sock'], data:rec);\n if (sent != rlen)\n return ssl3_set_error('ssl3_write(): Only sent ' + sent + ' of ' + rlen + ' bytes to port ' + _ssl['port'] + '.');\n\n _ssl['clt_seq']++;\n\n return dlen;\n}\n\n##\n# Read data from an established SSL connection.\n#\n# @param len Number of bytes to be read.\n#\n# @return Data read, or NULL if there is an error.\n##\nfunction ssl3_read(len)\n{\n local_var computed_mac, data, dlen, embedded_mac, end, i, maclen;\n local_var msg, padlen, rec, srv_seq, start, timeout;\n\n # Return data can be split into multiple records.\n while (TRUE)\n {\n # Check if we have received enough received data to satisfy the\n # caller.\n if (len && strlen(_ssl['app_data']) >= len)\n {\n # Remove the requested amount of data from the receive buffer.\n data = substr(_ssl['app_data'], 0, len - 1);\n _ssl['app_data'] -= data;\n\n return data;\n }\n\n # Receive an SSL message.\n # Some Microsoft Exchange servers take many seconds to reply to an\n # SMTP command, causing this check to false-negative.\n # Obey a longer read timeout, but make 15 seconds the minimum to\n # cope with these servers.\n timeout = get_read_timeout();\n if (timeout < 15)\n timeout = 15;\n msg = recv_ssl(socket:_ssl['sock'], timeout:timeout);\n if (isnull(msg)) break;\n\n # Parse the message, keeping in mind that the body is encrypted.\n rec = ssl_parse(blob:msg, encrypted:TRUE);\n if (isnull(rec))\n return ssl3_set_error('ssl3_read(): Failed to parse encrypted SSL record.');\n\n # Check protocol version.\n if (rec['version'] != _ssl['version'])\n return ssl3_set_error('ssl3_read(): SSL/TLS protocol version mismatch.');\n\n # Ensure that the record isn't an alert.\n if (rec['content_type'] == SSL3_CONTENT_TYPE_ALERT)\n return ssl3_set_error('ssl3_read(): Alert received from port ' + _ssl['port'] + '.');\n\n # Decrypt the application data.\n data = ssl3_decrypt(rec['data']);\n dlen = strlen(data);\n\n # Check that padding on the data is sane.\n maclen = strlen(_ssl['enc_mac_key']);\n padlen = getbyte(blob:data, pos:dlen - 1);\n if (padlen + 1 + maclen > dlen)\n return ssl3_set_error('ssl3_read(): invalid padlen ' + padlen + '.');\n\n # Check pad bytes for TLS 1.0\n # For SSL 3.0, pad bytes can have arbitrary values\n # For TLS 1.0, each pad byte must be same as padlen\n if (_ssl['version'] >= TLS_10)\n {\n for (i = 0; i < padlen; i++)\n {\n if(ord(data[dlen - 2 -i]) != padlen)\n return ssl3_set_error('ssl3_read(): invalid block cipher padding.');\n }\n }\n\n # Extract the MAC, which is appended to the payload.\n end = dlen - (padlen + 1) - 1;\n start = end - maclen + 1;\n embedded_mac = substr(data, start, end);\n\n # Extract decrypted application data.\n end = start - 1;\n start = 0;\n data = substr(data, start, end);\n\n\n # Compute the MAC of the decrypted application data.\n computed_mac = ssl3_mac(data:data, type:rec['content_type'], client:FALSE);\n\n # Compare the embedded MAC and the computed MAC.\n if (computed_mac != embedded_mac)\n return ssl3_set_error('ssl3_read(): MACs do not match.');\n\n # The MAC was proper, so this packet is accepted.\n _ssl['srv_seq']++;\n\n # Add application data to our receive buffer.\n if (rec['content_type'] == SSL3_CONTENT_TYPE_APPLICATION_DATA)\n {\n _ssl['app_data'] += data;\n _ssl['app_recs'] += 1;\n\n\n # Check for mitigation techniques:\n # - Empty records: OpenSSL uses this technique if\n # SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS is not set.\n # - One-byte records: Microsoft uses this technique.\n #\n # Check for split-record for the first 2 app data records\n if(_ssl['app_recs'] < 3)\n {\n if (isnull(data))\n _ssl['empty_rec'] = TRUE;\n else if (strlen(data) == 1)\n _ssl['one_byte_rec'] = TRUE;\n }\n }\n }\n\n # If the read length could not be satisfied, return whatever is in\n # the receive buffer, and clear it for future calls.\n data = _ssl['app_data'];\n _ssl['app_data'] = '';\n\n if (empty_or_null(data) && socket_get_error(_ssl['sock']) == ETIMEDOUT)\n return ssl3_set_error('ssl3_read(): Server did not reply after waiting ' + timeout + ' seconds. Consider increasing the read timeout in your scan policy.');\n\n return data;\n}\n\n##\n# Disconnect from the SSL server.\n##\nfunction ssl3_disconnect()\n{\n close(_ssl['sock']);\n}\n\n##\n# Tries to make an SSL/TLS connection to the server.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_connect()\n{\n local_var cert, cipher, ckex, clt_finished, clt_random;\n local_var dh_privkey, pubkey;\n local_var dh_x, e, embedded_mac, embedded_srv_finished;\n local_var end, hs, i,keyblk, len, mac, mac_size;\n local_var master, msg, n, padlen, parsed, pkt, plain, port;\n local_var premaster, rec, recs, skex, soc, srv_finished, srv_random;\n local_var start, version, x;\n\n # Get a socket to perform a handshake.\n port = _ssl['port'];\n soc = open_sock_ssl(port);\n if (!soc)\n return ssl3_set_error('ssl3_connect(): Failed to connect to port ' + port + '.');\n\n version = _ssl['version'];\n cipher = _ssl['cipher'];\n\n # Make a ClientHello msg.\n msg =\n mkword(version) + # Client version\n dec2hex(num:unixtime()) + # Challenge, epoch portion\n rand_str(length:28) + # Challenge, random portion\n ssl_vldata_put(data:'', len:1) + # Session ID\n ssl_vldata_put(data:cipher, len:2) + # Cipher spec\n ssl_vldata_put(data:'\\x00', len:1) + # Compression spec\n ssl_vldata_put(data:tls_ext_ec(keys(curve_nid.tls)), len:2); # supported curves\n msg = ssl_mk_handshake_msg(data:msg, type:SSL3_HANDSHAKE_TYPE_CLIENT_HELLO);\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n\n # Send the ClientHello record.\n send(socket:soc, data:rec);\n\n # Parse the ClientHello record.\n parsed = ssl_parse(blob:rec);\n clt_random = mkdword(parsed['time']) + parsed['random'];\n\n # Start collecting the bodies of handshake messages, which are used\n # to generate the encrypted Finished message.\n hs = substr(rec, 5, strlen(rec) - 1);\n\n # Read records one at a time. Expect to see at a minimum:\n # ServerHello, Certificate, and ServerHelloDone.\n while (TRUE)\n {\n # Receive records from the server.\n recs = recv_ssl(socket:soc);\n if (isnull(recs))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server did not respond to ClientHello.');\n }\n\n # Collect the body of the message, including all records.\n hs += substr(recs, 5, strlen(recs) - 1);\n\n # ServerHello: Extract the random data for computation of keys.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_HELLO\n );\n\n if (!isnull(rec))\n {\n # Check handshake version returned by the server, and ensure\n # that it hasn't downgraded the version.\n if (rec['handshake_version'] != _ssl['version'])\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': SSL/TLS protocol version mismatch.');\n }\n\n srv_random = mkdword(rec['time']) + rec['random'];\n\n # Wacko SSL servers might return a cipher suite not in the\n # client's request list.\n if (!ssl3_cipher_in_list(mkword(rec['cipher_spec']), _ssl['cipher']))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server returned a cipher suite not in list supported by client.');\n }\n\n # Store the negotiated cipher suite.\n _ssl['cipher'] = rec['cipher_spec'];\n _ssl['cipher_desc'] = ssl3_get_cipher_desc();\n }\n\n # Certificate: Extract the server's public key.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_CERTIFICATE\n );\n\n if (!isnull(rec) && max_index(rec['certificates']) > 0)\n {\n # First cert in the chain should be the server cert.\n cert = parse_der_cert(cert:rec['certificates'][0]);\n if (isnull(cert))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server certificate could not be parsed.');\n }\n\n cert = cert['tbsCertificate'];\n }\n\n # Server Key Exchange.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_KEY_EXCHANGE\n );\n\n if (!isnull(rec['data']))\n skex = ssl_parse_srv_kex(blob:rec['data'], cipher:_ssl['cipher_desc']);\n\n # Certificate Request.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_CERTIFICATE_REQUEST\n );\n\n if (!isnull(rec['data']))\n _ssl['clt_cert_requested'] = TRUE;\n\n # Server Hello Done.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_HELLO_DONE\n );\n\n if (!isnull(rec)) break;\n }\n\n # Packet will contain ClientCertificate, ClientKeyExchange,\n # ChangeCipherSpec, and Finished.\n pkt = '';\n\n # Create an empty client certificate if one is requested.\n if (_ssl['clt_cert_requested'])\n {\n # Send an empty certificate for now. TLSv1.0 says the client can\n # send an empty certificate, but not sure what SSLv3 says.\n msg = ssl_mk_handshake_msg(\n type : SSL3_HANDSHAKE_TYPE_CERTIFICATE,\n data : ssl_vldata_put(data:NULL,len:3)\n );\n hs += msg;\n\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n pkt += rec;\n }\n\n # Process ServerCertificate and ServerKeyExchange messages.\n var desc_kex = cipher_field(name:_ssl['cipher_desc'], field:\"kex\");\n if (desc_kex =~ \"RSA($|\\()\")\n {\n if (isnull(cert))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': No server certificate was found.');\n }\n\n if (isnull(cert['subjectPublicKeyInfo']) || isnull(cert['subjectPublicKeyInfo'][1]))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': A server certificate with an unsupported algorithm was found.');\n }\n\n n = cert['subjectPublicKeyInfo'][1][0];\n e = cert['subjectPublicKeyInfo'][1][1];\n if(isnull(n) || isnull(e))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': Failed to extract public key from server certificate.');\n }\n\n # Create the premaster secret.\n premaster = mkword(version) + rand_str(length:46);\n\n # Encrypt the premaster secret with server's RSA public key.\n ckex = rsa_public_encrypt(data:premaster, n:n, e:e);\n\n # Encode the client key exchange data.\n #\n # It looks like TLS 1.0 and up prepend a two-byte length, but the\n # RFC is vague.\n if (_ssl['version'] >= TLS_10)\n ckex = ssl_vldata_put(data:ckex, len:2);\n }\n else if (desc_kex =~ \"ECDH($|\\()\" && ecc_functions_available())\n {\n if (isnull(skex))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': no ServerKeyExchange info (ECDH).');\n }\n\n # Generate the client private key\n dh_privkey = rand_str(length:16);\n\n # Compute the premaster secret\n premaster = ecc_scalar_multiply(\n curve_nid:curve_nid.tls[skex['named_curve']],\n scalar:dh_privkey,\n x:substr(skex['pubkey'], 1, (strlen(skex['pubkey'])) / 2),\n y:substr(skex['pubkey'], (strlen(skex['pubkey']) / 2) + 1)\n );\n # Just the X coordinate of the curve point is used\n premaster = ecc_fe2osp(element:premaster.x, curve_nid:curve_nid.tls[skex['named_curve']]);\n\n # Encode the client's DH public key\n pubkey = ecc_scalar_multiply(\n curve_nid:curve_nid.tls[skex['named_curve']],\n scalar:dh_privkey\n );\n\n pubkey.x = ecc_fe2osp(element:pubkey.x, curve_nid:curve_nid.tls[skex['named_curve']]);\n pubkey.y = ecc_fe2osp(element:pubkey.y, curve_nid:curve_nid.tls[skex['named_curve']]);\n\n ckex = ssl_vldata_put(\n # Uncompressed curve point encoding\n data:'\\x04' + pubkey.x + pubkey.y,\n len:1\n );\n }\n else if (desc_kex =~ \"DH($|\\()\")\n {\n if (isnull(skex))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': no ServerKeyExchange info (DH).');\n }\n\n # Generate the client private key,\n x = rand_str(length:16);\n\n # Compute g^x mod p.\n dh_x = bn_mod_exp(skex['dh_g'], x, skex['dh_p']);\n\n # Compute the premaster secret.\n premaster = bn_mod_exp(skex['dh_y'], x, skex['dh_p']);\n\n # Encode the client key exchange data.\n ckex = ssl_vldata_put(data:dh_x, len:2);\n }\n else\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': unsupported key exchange method ' + _ssl['cipher_desc'] + '.');\n }\n\n # Create a ClientKeyExchange message.\n msg = ssl_mk_handshake_msg(type:SSL3_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE, data:ckex);\n hs += msg;\n\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n pkt += rec;\n\n # Compute the keys.\n master = ssl_calc_master(\n premaster : premaster,\n c_random : clt_random,\n s_random : srv_random,\n version : version\n );\n\n # For troubleshooting problems, when a PCAP is provided by a customer\n # and we need to see the encrypted application data records.\n set_kb_item(\n name:\"nss_keylog/\" + SCRIPT_NAME,\n value:\"CLIENT_RANDOM \" + hexstr(clt_random) + \" \" + hexstr(master)\n );\n\n keyblk = ssl_derive_keyblk(\n master : master,\n c_random : clt_random,\n s_random : srv_random,\n version : version\n );\n\n if (!ssl3_set_keys(keyblk))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect(): ssl3_set_keys() failed.');\n }\n\n # Compute the Finished value for the client.\n clt_finished = ssl_calc_finished(master:master, handshake:hs, is_client:TRUE, version:version);\n msg = ssl_mk_handshake_msg(type:SSL3_HANDSHAKE_TYPE_FINISHED, data:clt_finished);\n\n # Compute the Finished value for the server.\n #\n # The server has one more handshake message (the client's Finished)\n # to include when computing its Finished value.\n hs += msg;\n srv_finished = ssl_calc_finished(master:master, handshake:hs, is_client:FALSE, version:version);\n\n # Compute the HMAC of the Finished message for the client.\n mac = ssl3_mac(data:msg, type:SSL3_CONTENT_TYPE_HANDSHAKE);\n\n # Append the HMAC to the message.\n msg += mac;\n\n # Encrypt the client Finished message\n msg = ssl3_encrypt(msg);\n\n # Append the ChangeCipherSpec and Finished records to the packet.\n pkt += ssl_mk_record(type:SSL3_CONTENT_TYPE_CHANGECIPHERSPEC, data:mkbyte(1), version:version);\n pkt += ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n\n # Send the packet.\n send(socket:soc, data:pkt);\n\n while (TRUE)\n {\n # Receive records from the server.\n recs = recv_ssl(socket:soc);\n if (isnull(recs))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server did not send the Finished message.');\n }\n\n # Finished, but it's encrypted so we can't access the handshake\n # type with ssl_parse().\n rec = ssl_find(\n blob:recs,\n encrypted:TRUE,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE\n );\n if (isnull(rec)) continue;\n\n # Decrypt the record's body.\n plain = ssl3_decrypt(rec['data']);\n\n # Get the length of the padding.\n len = strlen(plain);\n padlen = getbyte(blob:plain, pos:len - 1);\n mac_size = strlen(_ssl['enc_mac_key']);\n # Check pad length\n if (padlen + 1 + mac_size > len)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': invalid padlen '+padlen+'.');\n }\n\n # Check pad bytes for TLS 1.0\n # Each pad byte must be the same as the padlen, per TLS 1.0 RFC\n if(_ssl['version'] >= TLS_10)\n {\n for (i = 0; i < padlen; i++)\n {\n if(ord(plain[len - 2 -i]) != padlen)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': invalid block cipher padding.');\n }\n }\n }\n\n # Extract the MAC.\n end = len - (padlen + 1) - 1;\n start = end - mac_size + 1;\n embedded_mac = substr(plain, start, end);\n\n # Extract the Finished record.\n end = start - 1;\n start = 0;\n msg = substr(plain, start, end);\n\n # Extract the server's Finished value.\n #\n # Handshake message data starts after the 1-byte handshake type\n # and 3-byte handshake message length.\n embedded_srv_finished = substr(msg, 1 + 3);\n\n # Check the embedded MAC against ours.\n mac = ssl3_mac(data:msg, type:SSL3_CONTENT_TYPE_HANDSHAKE, client:FALSE);\n if (mac != embedded_mac)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': MACs do not match, failed to decrypt server Finished message.');\n }\n\n # Check the embedded Finished value against ours.\n if (srv_finished != embedded_srv_finished)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': bad server Finished message.');\n }\n\n # All tests have been passed, so the handshake phase is complete.\n break;\n }\n\n _ssl['sock'] = soc;\n _ssl['clt_seq']++;\n _ssl['srv_seq']++;\n\n return TRUE;\n}\n\n##\n# Initialize the SSL structure.\n#\n# @param port Port on which to make an SSL connection.\n# @param cipher_list A list of cipher suite IDs to support.\n# @param version The SSL version ID.\n#\n# @return TRUE if nothing went wrong.\n##\nfunction ssl3_init(port, cipher_list, version)\n{\n local_var cipher, supported;\n\n # Check for the existence of some crypto functions.\n if (!defined_func('bn_mod_exp'))\n {\n return ssl3_set_error('function bn_mod_exp() not defined.');\n }\n if (!defined_func('rsa_public_encrypt'))\n {\n return ssl3_set_error('function rsa_public_encrypt() not defined.');\n }\n if (!defined_func('aes_cbc_encrypt'))\n {\n return ssl3_set_error('function aes_cbc_encrypt() not defined.');\n }\n if (!defined_func('aes_cbc_decrypt'))\n {\n return ssl3_set_error('function aes_cbc_decrypt() not defined.');\n }\n\n # Check SSL version.\n if (version != SSL_V3 && version != TLS_10)\n {\n return ssl3_set_error('SSL/TLS version ' + hexstr(mkword(version)) + ' is not supported.');\n }\n _ssl['version'] = version;\n\n # Check cipher suites.\n supported =\n ciphers['TLS1_CK_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_3DES_EDE_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_DES_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA'];\n\n foreach cipher (cipher_list)\n {\n if (!ssl3_cipher_in_list(cipher, supported))\n return ssl3_set_error(FALSE, 'cipher suite ' + hexstr(cipher) + ' is not supported.');\n }\n\n # Initially set to a list of cipher suites supported by the client.\n # When ServerHello is received, it's set to the agreed cipher.\n _ssl['cipher'] = '';\n foreach cipher (cipher_list)\n {\n _ssl['cipher'] += cipher;\n }\n\n # Sequence number is incremented for each SSL record sent in each\n # direction. It's 64 bits long and used when computing the MAC of a\n # message. We use a 32-bit sequence number here as we don't expect\n # to use more than 2^32 records. When the 64-bit number is required\n # for certain operations, we just prepend 4 zero bytes in the front.\n _ssl['clt_seq'] = 0;\n _ssl['srv_seq'] = 0;\n\n # SSL uses big endian format.\n set_byte_order(BYTE_ORDER_BIG_ENDIAN);\n\n # Keep track of whether the mitigation techniques are seen.\n _ssl['empty_rec'] = FALSE;\n _ssl['one_byte_rec'] = FALSE;\n\n # Whether a certificate has been requested by the server.\n _ssl['clt_cert_req'] = FALSE;\n\n # Keep track of received, unprocessed application data.\n _ssl['app_data'] = '';\n\n # Number of application data records received\n _ssl['app_recs'] = 0;\n\n _ssl['port'] = port;\n\n return TRUE;\n}\n\nget_kb_item_or_exit('SSL/Supported');\n\n# Get a port that uses SSL.\nport = get_ssl_ports(fork:TRUE);\n\nif (isnull(port))\n exit(1, 'The host does not appear to have any SSL-based services.');\n\n# Find out if the port is open.\nif (!get_port_state(port))\n audit(AUDIT_PORT_CLOSED, port);\n\n# Supported cipher suites used by this script.\ncipher_list = make_list(\n ciphers['TLS1_CK_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_3DES_EDE_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_DES_CBC_SHA']\n);\n\nif (ecc_functions_available())\n{\n # This list will be flattened on its own by make_list().\n cipher_list = make_list(\n cipher_list,\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA']\n );\n}\n\n\n# Try TLS 1.0 first.\nif (!ssl3_init(port:port, version:TLS_10, cipher_list:cipher_list))\n exit(1, 'ssl3_init() failed on port ' + port + ': ' + ssl3_get_lasterror());\n\n# If that failed, try SSL 3.0.\nif (!ssl3_connect())\n{\n if (!ssl3_init(port:port, version:SSL_V3, cipher_list:cipher_list))\n exit(1, 'ssl3_init() failed on port ' + port + ': ' + ssl3_get_lasterror());\n\n if (!ssl3_connect()) exit(1, ssl3_get_lasterror());\n}\n\n# Send some data to the SSL port so that some data can be returned in\n# order to test whether empty or one-byte records are used.\n\n# Create a simple HTTP GET request.\nhttp_req = http_mk_req(port:port, host:get_host_ip(), method:'GET', item:'/', add_headers:make_array('Connection','keep-alive'));\n\nsvc = known_service(port:port);\n\n# Create a service-specific message to solicit a response in order to\n# test for an empty or one-byte record.\nif (svc == 'www') req = http_mk_buffer_from_req(req:http_req);\nelse if (svc == 'smtp') req = 'EHLO client.example.org\\r\\n';\nelse if (svc == 'ftp') req = 'HELP\\r\\n';\nelse if (svc == 'ldap') req = ldap_bind_request();\nelse if (svc == 'imap') req = 'nessus CAPABILITY\\r\\n';\n\n# The following are not tested.\nelse if (svc == 'pop3') req = 'CAPA\\r\\n';\nelse if (svc == 'nntp') req = 'CAPABILITIES\\r\\n';\nelse if (svc == 'acap') req = 'nessus NOOP\\r\\n';\nelse if (svc == 'xmpp') req = '<nessus />\\n';\nelse if (svc == 'telnet') req = mkbyte(CMD_IAC) + mkbyte(CMD_DO) + mkbyte(5); # Do Status\n\n# Unknown service, send an HTTP request.\nelse req = http_mk_buffer_from_req(req:http_req);\n\n#\n# Read at least 2 application data records\n#\n# The fix for BEAST in IBMJSSE2 is to split the application data record to\n# 1/(n-1), except the first application data record.\n# So we need the second application data record to test whether it is split.\n#\nwhile(_ssl['app_recs'] < 2)\n{\n\n # Send the request.\n if (!ssl3_write(req))\n exit(1, ssl3_get_lasterror());\n\n # Read until no more application data from remote server\n data = ssl3_read();\n\n # Check response.\n if (isnull(data)) exit(1, ssl3_get_lasterror());\n if( data == '') exit(0, 'The service listening on port ' + port + ' did not return any data.');\n\n # 0/n split-record mitigation technique (OpenSSL)\n if (_ssl['empty_rec'])\n exit(0, 'The service listening on port ' + port + ' appears to use empty SSL/TLS records.');\n\n # 1/(n-1) split-record mitigation technique (MS)\n if (_ssl['one_byte_rec'])\n exit(0, 'The service listening on port ' + port + ' appears to use one-byte SSL/TLS records.');\n\n}\n\n# The SSL 3.0/TLS 1.0 server accepts a block-based cipher suite, but\n# doesn't use any mitigation techniques, so it is likely vulnerable.\nif (report_verbosity > 0)\n security_warning(port:port, extra:'\\nNegotiated cipher suite: ' + _ssl['cipher_desc'] + '\\n');\nelse\n security_warning(port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:40", "description": "The remote host is affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.", "cvss3": {}, "published": "2012-01-10T00:00:00", "type": "nessus", "title": "MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS12-006.NASL", "href": "https://www.tenable.com/plugins/nessus/57474", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57474);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"MSFT\", value:\"MS12-006\");\n script_xref(name:\"IAVB\", value:\"2012-B-0006\");\n script_xref(name:\"MSKB\", value:\"2585542\");\n script_xref(name:\"MSKB\", value:\"2638806\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It may be possibe to obtain sensitive information from the remote\nWindows host using the Secure Channel security package.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by an information disclosure\nvulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols\ndue to a flaw in the way the initialization vector (IV) is selected\nwhen operating in cipher-block chaining (CBC) modes. A\nman-in-the-middle attacker can exploit this to obtain plaintext HTTP\nheader data, by using a blockwise chosen-boundary attack (BCBA) on an\nHTTPS session, in conjunction with JavaScript code that uses the HTML5\nWebSocket API, the Java URLConnection API, or the Silverlight\nWebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for XP, 2003, Vista, 2008, 7,\nand 2008 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS12-006';\nkbs = make_list('2585542', '2638806');\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nwinver = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(xp:'3', win2003:'2', vista:'2', win7:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvuln = 0;\nif (winver == '5.2')\n{\n rootfile = hotfix_get_systemroot();\n if (!rootfile) exit(1, \"Can't get the system root.\");\n\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:rootfile);\n path = ereg_replace(pattern:\"^[A-Za-z](.*)\", replace:\"\\1\", string:rootfile);\n\n login = kb_smb_login();\n pass = kb_smb_password();\n domain = kb_smb_domain();\n port = kb_smb_transport();\n\n if(! smb_session_init(timeout: get_read_timeout() + 10)) audit(AUDIT_FN_FAIL, \"smb_session_init\");\n\n hcf_init = TRUE;\n\n rc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n winsxs = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\WinSxS\", string:rootfile);\n files = list_dir(basedir:winsxs, level:0, dir_pat:\"WinHTTP\", file_pat:\"^winhttp\\.dll$\", max_recurse:1);\n\n vuln += hotfix_check_winsxs(os:'5.2', sp:2, files:files, versions:make_list('5.2.3790.4929'), max_versions:make_list('5.2.3790.9999'), bulletin:bulletin, kb:'2638806');\n}\n\nkb = '2585542';\nif (!is_accessible_share()) exit(1, \"is_accessible_share() failed.\");\nif (\n # Windows 7 / Server 2008 R2\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Schannel.dll\", version:\"6.1.7601.21861\", min_version:\"6.1.7601.21000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Schannel.dll\", version:\"6.1.7601.17725\", min_version:\"6.1.7601.17000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Schannel.dll\", version:\"6.1.7600.21092\", min_version:\"6.1.7600.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Schannel.dll\", version:\"6.1.7600.16915\", min_version:\"6.1.7600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Vista / Windows Server 2008\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Schannel.dll\", version:\"6.0.6002.22742\", min_version:\"6.0.6002.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Schannel.dll\", version:\"6.0.6002.18541\", min_version:\"6.0.6002.18000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 2003\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Schannel.dll\", version:\"5.2.3790.4935\", dir:\"\\System32\", bulletin:bulletin, kb:kb) ||\n\n # Windows XP\n hotfix_is_vulnerable(os:\"5.1\", sp:3, arch:\"x86\", file:\"Schannel.dll\", version:\"5.1.2600.6175\", dir:\"\\System32\", bulletin:bulletin, kb:kb)\n)\n{\n vuln++;\n hotfix_check_fversion_end();\n}\nhotfix_check_fversion_end();\n\nif (vuln)\n{\n set_kb_item(name:\"SMB/Missing/\"+bulletin, value:TRUE);\n hotfix_security_warning();\n\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, 'affected');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:41", "description": "The version of Oracle HTTP Server installed on the remote host is affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.", "cvss3": {}, "published": "2015-01-27T00:00:00", "type": "nessus", "title": "Oracle Fusion Middleware Security Service Information Disclosure (January 2015 CPU) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:http_server"], "id": "ORACLE_HTTP_SERVER_CPU_JAN_2015_LDAP.NASL", "href": "https://www.tenable.com/plugins/nessus/81003", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81003);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Fusion Middleware Security Service Information Disclosure (January 2015 CPU) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle HTTP Server installed on the remote host is\naffected by an information disclosure vulnerability, known as BEAST,\nin the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the\ninitialization vector (IV) is selected when operating in cipher-block\nchaining (CBC) modes. A man-in-the-middle attacker can exploit this to\nobtain plaintext HTTP header data, by using a blockwise\nchosen-boundary attack (BCBA) on an HTTPS session, in conjunction with\nJavaScript code that uses the HTML5 WebSocket API, the Java\nURLConnection API, or the Silverlight WebClient API.\");\n # https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?75c6cafb\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2015 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_http_server_installed.nbin\");\n script_require_keys(\"Oracle/OHS/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"oracle_rdbms_cpu_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"Oracle/OHS/Installed\");\ninstalls = get_kb_list_or_exit(\"Oracle/OHS/*/Version\");\nhascomp = FALSE;\n\n# For this check, we need Middleware home which should be\n# oracle_common one directory up\nforeach install (keys(installs))\n{\n mwohome = install - 'Oracle/OHS/';\n mwohome = mwohome - '/Version';\n\n mwohome = ereg_replace(pattern:'^(/.*/).*$', string:mwohome, replace:\"\\1oracle_common\");\n\n # Make sure the component that is being patched exists in\n # the Middleware home\n if (find_oracle_component_in_ohome(ohome:mwohome, compid:'oracle.ldap.rsf'))\n {\n hascomp = TRUE;\n mwinstalls[mwohome] = installs[install];\n }\n}\n\npatches = make_array();\npatches['12.1.3.0'] = make_list('19485414','22557350', '26398022', '24329181', '27244723', '30112527', '30692958');\npatches['12.1.2.0'] = make_list('19485397', '21768251', '21773977');\n\nif(hascomp)\n{\n oracle_product_check_vuln(\n product : 'Oracle HTTP Server',\n installs : mwinstalls,\n patches : patches\n );\n}\nelse exit(0, 'No Middleware Homes were found with the oracle.ldap.rsf component.');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:44", "description": "NSS_NSPR_JSS 3.13.1 Solaris_x86: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.\nDate this patch was last updated by Sun : Feb/08/12", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 125359-15 (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:125359", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_125359-15.NASL", "href": "https://www.tenable.com/plugins/nessus/107926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107926);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Solaris 10 (x86) : 125359-15 (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 125359-15\");\n script_set_attribute(attribute:\"description\", value:\n\"NSS_NSPR_JSS 3.13.1 Solaris_x86: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.\nDate this patch was last updated by Sun : Feb/08/12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://getupdates.oracle.com/readme/125359-15\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install patch 125359-15 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:125359\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWjss\", version:\"4.2.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWpr\", version:\"4.6.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWprd\", version:\"4.6.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtls\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtlsd\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtlsu\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWjss / SUNWpr / SUNWprd / SUNWtls / SUNWtlsd / SUNWtlsu\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:27", "description": "The latest version of Firefox and Thunderbird have the following changes :\n\n - Added Type Inference, significantly improving JavaScript performance\n\n - Added support for querying Do Not Track status via JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nNotable nss changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only (contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "nessus", "title": "Fedora 15 : firefox-9.0.1-1.fc15 / gnome-python2-extras-2.25.3-35.fc15.4 / nspr-4.8.9-2.fc15 / etc (2011-17399)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:gnome-python2-extras", "p-cpe:/a:fedoraproject:fedora:nspr", "p-cpe:/a:fedoraproject:fedora:nss", "p-cpe:/a:fedoraproject:fedora:nss-softokn", "p-cpe:/a:fedoraproject:fedora:nss-util", "p-cpe:/a:fedoraproject:fedora:perl-gtk2-mozembed", "p-cpe:/a:fedoraproject:fedora:thunderbird", "p-cpe:/a:fedoraproject:fedora:thunderbird-lightning", "p-cpe:/a:fedoraproject:fedora:xulrunner", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-17399.NASL", "href": "https://www.tenable.com/plugins/nessus/57622", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17399.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57622);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n\n script_name(english:\"Fedora 15 : firefox-9.0.1-1.fc15 / gnome-python2-extras-2.25.3-35.fc15.4 / nspr-4.8.9-2.fc15 / etc (2011-17399)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The latest version of Firefox and Thunderbird have the following\nchanges :\n\n - Added Type Inference, significantly improving JavaScript\n performance\n\n - Added support for querying Do Not Track status via\n JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nNotable nss changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext\nattack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by\ndefault. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable\nit.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error\nmessage and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only\n(contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://rsapss.hboeck.de/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rsapss.hboeck.de/\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072222.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?47ee3616\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072223.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12cc855e\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072224.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0bf1b5d3\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072225.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3c745d9a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072226.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?648a9ef9\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072227.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ab134ef\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072228.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2aa50f32\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072229.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9f1fb28a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072230.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e3ea6b9\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072231.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a402c324\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird-lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"firefox-9.0.1-1.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"gnome-python2-extras-2.25.3-35.fc15.4\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nspr-4.8.9-2.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-3.13.1-10.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-softokn-3.13.1-15.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-util-3.13.1-3.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"perl-Gtk2-MozEmbed-0.09-1.fc15.8\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"thunderbird-9.0-4.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"thunderbird-lightning-1.1-0.1.rc1.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"xulrunner-9.0.1-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / gnome-python2-extras / nspr / nss / nss-softokn / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:44", "description": "Matthias Andree reports :\n\nFetchmail version 6.3.9 enabled 'all SSL workarounds' (SSL_OP_ALL) which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can make the application (fetchmail) encrypt some data for him -- which is not easily the case.\n\nStream ciphers (such as RC4) are unaffected.\n\nCredits to Apple Product Security for reporting this.", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "nessus", "title": "FreeBSD : fetchmail -- chosen plaintext attack against SSL CBC initialization vectors (18ce9a90-f269-11e1-be53-080027ef73ec) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:fetchmail", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_18CE9A90F26911E1BE53080027EF73EC.NASL", "href": "https://www.tenable.com/plugins/nessus/61725", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61725);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"FreeBSD : fetchmail -- chosen plaintext attack against SSL CBC initialization vectors (18ce9a90-f269-11e1-be53-080027ef73ec) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Matthias Andree reports :\n\nFetchmail version 6.3.9 enabled 'all SSL workarounds' (SSL_OP_ALL)\nwhich contains a switch to disable a countermeasure against certain\nattacks against block ciphers that permit guessing the initialization\nvectors, providing that an attacker can make the application\n(fetchmail) encrypt some data for him -- which is not easily the case.\n\nStream ciphers (such as RC4) are unaffected.\n\nCredits to Apple Product Security for reporting this.\");\n # https://vuxml.freebsd.org/freebsd/18ce9a90-f269-11e1-be53-080027ef73ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1aeae316\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:fetchmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"fetchmail>=6.3.9<6.3.22\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:14", "description": "- Added a patch to fix errors in the pkcs11n.h header file. (bmo#702090)\n\n - update to 3.13.1 RTM\n\n - better SHA-224 support (bmo#647706)\n\n - fixed a regression (causing hangs in some situations) introduced in 3.13 (bmo#693228)\n\n - update to 3.13.0 RTM\n\n - SSL 2.0 is disabled by default\n\n - A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n - SHA-224 is supported\n\n - Ported to iOS. (Requires NSPR 4.9.)\n\n - Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code\n\n - Added NSS_GetVersion to return the NSS version string\n\n - Added experimental support of RSA-PSS to the softoken only\n\n - NSS_NoDB_Init does not try to open /pkcs11.txt and /secmod.db anymore (bmo#641052, bnc#726096)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : mozilla-nss (openSUSE-2011-100) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2011-100.NASL", "href": "https://www.tenable.com/plugins/nessus/74514", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-100.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74514);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : mozilla-nss (openSUSE-2011-100) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- Added a patch to fix errors in the pkcs11n.h header\n file. (bmo#702090)\n\n - update to 3.13.1 RTM\n\n - better SHA-224 support (bmo#647706)\n\n - fixed a regression (causing hangs in some situations)\n introduced in 3.13 (bmo#693228)\n\n - update to 3.13.0 RTM\n\n - SSL 2.0 is disabled by default\n\n - A defense against the SSL 3.0 and TLS 1.0 CBC chosen\n plaintext attack demonstrated by Rizzo and Duong\n (CVE-2011-3389) is enabled by default. Set the\n SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n - SHA-224 is supported\n\n - Ported to iOS. (Requires NSPR 4.9.)\n\n - Added PORT_ErrorToString and PORT_ErrorToName to return\n the error message and symbolic name of an NSS error code\n\n - Added NSS_GetVersion to return the NSS version string\n\n - Added experimental support of RSA-PSS to the softoken\n only\n\n - NSS_NoDB_Init does not try to open /pkcs11.txt and\n /secmod.db anymore (bmo#641052, bnc#726096)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=726096\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected mozilla-nss packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libfreebl3-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libfreebl3-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsoftokn3-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsoftokn3-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-certs-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-certs-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-debugsource-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-devel-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-sysinit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-sysinit-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-tools-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-tools-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libfreebl3 / libfreebl3-32bit / libfreebl3-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:06", "description": "This plugin has been deprecated and is no longer functional. It was originally written to check Microsoft's workaround for CVE-2011-3389, but was replaced by plugin 57474 which checks for the patch that fixes this CVE.", "cvss3": {}, "published": "2011-09-29T00:00:00", "type": "nessus", "title": "Deprecated", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2013-05-13T00:00:00", "cpe": ["cpe:/a:microsoft:ie"], "id": "SMB_KB2588513.NASL", "href": "https://www.tenable.com/plugins/nessus/56333", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2012/02/08. Deprecated by smb_nt_ms12-006.nasl.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56333);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n\n script_name(english:\"Deprecated\");\n script_summary(english:\"Checks if RC4 has been prioritized.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"This plugin has been deprecated and is no longer functional. It\nwas originally written to check Microsoft's workaround for\nCVE-2011-3389, but was replaced by plugin 57474 which checks for\nthe patch that fixes this CVE.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://technet.microsoft.com/en-us/security/advisory/2588513\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Use smb_nt_ms12-006.nasl (plugin ID 57474) instead\");\n\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nwinver = get_kb_item_or_exit('SMB/WindowsVersion');\n\nif (winver != '6.0') exit(1, 'The workaround only applies to Windows Vista and 2008.');\n\nname = kb_smb_name();\nport = kb_smb_transport();\nif (!get_port_state(port)) exit(1, 'Port '+port+' is not open.');\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1, 'Can\\'t open socket on port '+port+'.');\nsession_init(socket:soc, hostname:name);\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:'IPC$');\nif (rc != 1)\n{\n NetUseDel();\n exit(1, 'Can\\'t connect to IPC$ share.');\n}\n\n# Connect to the remote registry\nhklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);\nif (isnull(hklm))\n{\n\n NetUseDel();\n exit(1, 'Can\\'t connect to remote registry.');\n}\n\nvuln = FALSE;\nsuites = make_list();\nkey = 'SOFTWARE\\\\Policies\\\\Microsoft\\\\Cryptography\\\\Configuration\\\\SSL\\\\00010002';\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n item = RegQueryValue(handle:key_h, item:'Functions');\n if (isnull(item)) vuln = TRUE;\n else suites = split(item[1], sep:',', keep:FALSE);\n RegCloseKey(handle:key_h);\n}\nRegCloseKey(handle:hklm);\nNetUseDel();\n\nif ((max_index(suites) < 1) && !vuln) exit(1, 'Couldn\\'t get the SSL Cipher Suite Order from the remote host.');\n\nif (\n !vuln &&\n suites[0] != 'TLS_RSA_WITH_RC4_128_SHA' &&\n suites[0] != 'TLS_RSA_WITH_RC4_128_MD5' &&\n suites[0] != 'SSL_CK_RC4_128_WITH_MD5'\n) vuln = TRUE;\n \n\nif (vuln)\n{\n if (report_verbosity > 0)\n {\n report = '\\n The \\'RC4\\' algorithm hasn\\'t been prioritized on the remote host.\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse exit(0, 'The host is not affected.');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:10", "description": "The version of IBM Tivoli Storage Manager installed on the remote host is 6.3.x prior to 6.3.4.200. It is, therefore, affected by a vulnerability that could allow a remote attacker to perform a statistical timing attack known as 'Lucky Thirteen'.", "cvss3": {}, "published": "2014-08-11T00:00:00", "type": "nessus", "title": "IBM Tivoli Storage Manager Server 6.3.x < 6.3.4.200 Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:tivoli_storage_manager"], "id": "IBM_TSM_SERVER_6_3_4_200.NASL", "href": "https://www.tenable.com/plugins/nessus/77120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77120);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM Tivoli Storage Manager Server 6.3.x < 6.3.4.200 Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote backup service is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM Tivoli Storage Manager installed on the remote host\nis 6.3.x prior to 6.3.4.200. It is, therefore, affected by a\nvulnerability that could allow a remote attacker to perform a\nstatistical timing attack known as 'Lucky Thirteen'.\");\n # http://www-01.ibm.com/support/docview.wss?uid=swg21672363\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9986de60\");\n # https://www.ibm.com/blogs/psirt/ibm-security-bulletin-tivoli-storage-manager-server-gskit-lucky-13-vulnerability-cve-2013-0169/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?002f4534\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM Tivoli Storage Manager 6.3.4.200 or later or disable\nSSL.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_storage_manager\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_tsm_detect.nasl\");\n script_require_keys(\"installed_sw/IBM Tivoli Storage Manager\");\n script_require_ports(\"Services/tsm-agent\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"install_func.inc\");\n\nport = get_service(svc:\"tsm-agent\",exit_on_fail:TRUE);\nprod = \"IBM Tivoli Storage Manager\";\nget_install_count(app_name:prod, exit_if_zero:TRUE);\ninstall = get_single_install(app_name:prod, port:port);\n\n# Install data\nversion = install[\"version\"];\n# We are only concerned with 6.3 specifically\nif(version !~ \"^6\\.3(\\.|$)\") audit(AUDIT_NOT_LISTEN, prod+\" 6.3\", port);\n\n# See if SSL is on for the port we're checking\nsslon = get_kb_item(\"Transports/TCP/\"+port);\nsslon = (sslon && sslon > ENCAPS_IP);\n\n# Work around is to turn SSL off\nif(!sslon && report_paranoia < 2) audit(AUDIT_LISTEN_NOT_VULN, prod, port);\n\nfix = \"6.3.4.200\";\nif(ver_compare(ver:version,fix:fix,strict:FALSE) < 0)\n{\n\n if(report_verbosity > 0)\n {\n report =\n '\\n Product : ' + prod +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_note(port:port,extra:report);\n } else security_note(port);\n} else audit(AUDIT_LISTEN_NOT_VULN, prod, port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:36", "description": "The remote host appears to be running Ipswitch IMail Server 11.x or 12.x older than version 12.3 and is, therefore, affected by an information disclosure vulnerability due to the included OpenSSL version.\n\nAn error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks.", "cvss3": {}, "published": "2014-07-14T00:00:00", "type": "nessus", "title": "Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ipswitch:imail"], "id": "IPSWITCH_IMAIL_12_3.NASL", "href": "https://www.tenable.com/plugins/nessus/76489", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76489);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CERT\", value:\" 737740\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote mail server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host appears to be running Ipswitch IMail Server 11.x or\n12.x older than version 12.3 and is, therefore, affected by an\ninformation disclosure vulnerability due to the included OpenSSL\nversion.\n\nAn error exists related to the SSL/TLS/DTLS protocols, CBC mode\nencryption and response time. An attacker could obtain plaintext\ncontents of encrypted traffic via timing attacks.\");\n # https://docs.ipswitch.com/_Messaging/IMailServer/v12.3/ReleaseNotes/index.htm\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9b35fe05\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imailserver.com/imail-software-upgrades\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20130205.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Ipswitch IMail Server version 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ipswitch:imail\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smtpserver_detect.nasl\", \"popserver_detect.nasl\", \"imap4_banner.nasl\");\n script_require_ports(\"Services/smtp\", 25, \"Services/pop3\", 110, \"Services/imap\", 143);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"imap_func.inc\");\ninclude(\"pop3_func.inc\");\ninclude(\"smtp_func.inc\");\n\nver = NULL;\nservice = NULL;\nsource = NULL;\n\n# - SMTP.\nports = get_kb_list(\"Services/smtp\");\nif (isnull(ports)) ports = make_list(25);\nforeach port (ports)\n{\n if (get_port_state(port) && !get_kb_item('SMTP/'+port+'/broken'))\n {\n banner = get_smtp_banner(port:port);\n # At least keep trying to find a banner\n if (isnull(banner) || strlen(banner) == 0) continue;\n\n if (\" (IMail \" >< banner)\n {\n pat = \"^[0-9][0-9][0-9] .+ \$IMail ([0-9.]+) [0-9]+-[0-9]+\$ NT-ESMTP Server\";\n matches = egrep(pattern:pat, string:banner);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n ver = item[1];\n service = \"SMTP\";\n source = match;\n break;\n }\n }\n }\n if (isnull(ver) && !thorough_tests) audit(AUDIT_SERVICE_VER_FAIL, \"IMail SMTP\", port);\n }\n else\n if (!thorough_tests) audit(AUDIT_NOT_LISTEN, \"IMail SMTP\", port);\n }\n}\n\n# - IMAP.\nif (isnull(ver))\n{\n ports = get_kb_list(\"Services/imap\");\n if (isnull(ports)) ports = make_list(143);\n foreach port (ports)\n {\n if (get_port_state(port))\n {\n banner = get_imap_banner(port:port);\n # At least keep trying to find a banner\n if (isnull(banner) || strlen(banner) == 0) continue;\n\n if (\" (IMail \" >< banner)\n {\n pat = \"IMAP4 Server[^(]+\$IMail ([0-9.]+) *([0-9]+-[0-9]+)?\$\";\n matches = egrep(pattern:pat, string:banner);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n ver = item[1];\n service = \"IMAP\";\n source = match;\n break;\n }\n }\n }\n if (isnull(ver) && !thorough_tests) audit(AUDIT_SERVICE_VER_FAIL, \"IMail IMAP\", port);\n }\n else\n if (!thorough_tests) audit(AUDIT_NOT_LISTEN, \"IMail IMAP\", port);\n }\n }\n}\n\n# - POP3\nif (isnull(ver))\n{\n ports = get_kb_list(\"Services/pop3\");\n if (isnull(ports)) ports = make_list(110);\n foreach port (ports)\n {\n if (get_port_state(port))\n {\n banner = get_pop3_banner(port:port);\n # At least keep trying to find a banner\n if (isnull(banner) || strlen(banner) == 0) continue;\n\n if (\" (IMail \" >< banner)\n {\n pat = \"NT-POP3 Server .+ \$IMail ([0-9.]+) [0-9]+-[0-9]+\$\";\n matches = egrep(pattern:pat, string:banner);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n item = eregmatch(pattern:pat, string:match);\n if (!isnull(item))\n {\n ver = item[1];\n service = \"POP3\";\n source = match;\n break;\n }\n }\n }\n if (isnull(ver) && !thorough_tests) audit(AUDIT_SERVICE_VER_FAIL, \"IMail POP3\", port);\n }\n else\n if (!thorough_tests) audit(AUDIT_NOT_LISTEN, \"IMail POP3\", port);\n }\n }\n}\n\nif (isnull(ver)) audit(AUDIT_SERVICE_VER_FAIL, \"Ipswitch IMail Server\", port);\n\n# There's a problem if the version is < 12.3\nif (\n ver =~ \"^(11|12)\\.\" &&\n ver_compare(ver:ver, fix:'12.3', strict:FALSE) < 0\n)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Service : ' + service +\n '\\n Version source : ' + source +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : 12.3' +\n '\\n';\n security_note(port:port,extra:report);\n }\n else security_note(port);\n\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Ipswitch IMail Server\", port, ver);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:16", "description": "A vulnerability exists in the TLS and DTLS protocols that may allow an attacker to recover plaintext from TLS/DTLS connections that use CBC-mode encryption. (CVE-2013-0169)\n\nNote: Stream ciphers, such as RC4, are not vulnerable to this issue.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TLS/DTLS 'Lucky 13' vulnerability (K14190)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL14190.NASL", "href": "https://www.tenable.com/plugins/nessus/78142", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K14190.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78142);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"F5 Networks BIG-IP : TLS/DTLS 'Lucky 13' vulnerability (K14190)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A vulnerability exists in the TLS and DTLS protocols that may allow an\nattacker to recover plaintext from TLS/DTLS connections that use\nCBC-mode encryption. (CVE-2013-0169)\n\nNote: Stream ciphers, such as RC4, are not vulnerable to this issue.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K14190\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K14190.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K14190\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\",\"10.0.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\",\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.4.0-11.6.3\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\",\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\",\"11.2.1-11.2.1HF15\",\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\",\"11.2.1HF16\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"12.1.0-12.1.0HF1\",\"12.0.0-12.0.0HF3\",\"11.6.1\",\"11.6.0-11.6.0HF7\",\"11.5.2-11.5.4HF1\",\"11.5.1-11.5.1HF10\",\"11.4.1-11.4.1HF10\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.4.0-14.0.0\",\"11.3.0HF2\",\"12.1.1-14.0.0\",\"12.1.0HF2\",\"12.0.0HF4\",\"11.6.1HF1\",\"11.6.0HF8\",\"11.5.4HF2\",\"11.5.1HF11\",\"11.4.1HF11\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"11.3.0\",\"11.2.1-11.2.1HF15\",\"10.2.1-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.4.0-11.4.1\",\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"11.2.1HF16\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"11.3.0\",\"11.2.1-11.2.1HF15\",\"10.2.1-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"11.2.1HF16\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"11.3.0-11.3.0HF1\",\"11.2.1-11.2.1HF3\",\"11.2.0-11.2.0HF3\",\"11.1.0-11.1.0HF5\",\"11.0.0-11.0.0HF4\",\"10.0.0-10.2.4HF4\",\"11.3.0\",\"11.2.1-11.2.1HF15\",\"10.2.1-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.3.0HF2\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"11.0.0HF5\",\"10.2.4HF6\",\"11.2.1HF16\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_note(port:0, extra:bigip_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:45", "description": "The latest version of Firefox and Thunderbird have the following changes :\n\n - Added Type Inference, significantly improving JavaScript performance\n\n - Added support for querying Do Not Track status via JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nUpdate nss to 3.13.1\n\nYou can find the new features and bug fixes in NSS 3.13 and 3.13.1 with these Bugzilla queries :\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI XED&classification=Components&query_format=advanced&target_milestone=3 .13&product=NSS\n\nand\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI XED&classification=Components&query_format=advanced&target_milestone=3 .13.1&product=NSS\n\nNotable changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only (contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-12-23T00:00:00", "type": "nessus", "title": "Fedora 16 : firefox-9.0-3.fc16 / nss-3.13.1-9.fc16 / nss-softokn-3.13.1-14.fc16 / etc (2011-17400)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:nss", "p-cpe:/a:fedoraproject:fedora:nss-softokn", "p-cpe:/a:fedoraproject:fedora:nss-util", "p-cpe:/a:fedoraproject:fedora:thunderbird", "p-cpe:/a:fedoraproject:fedora:thunderbird-lightning", "p-cpe:/a:fedoraproject:fedora:xulrunner", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-17400.NASL", "href": "https://www.tenable.com/plugins/nessus/57389", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17400.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57389);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(51133, 51134, 51135, 51136, 51137, 51138, 51139);\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n\n script_name(english:\"Fedora 16 : firefox-9.0-3.fc16 / nss-3.13.1-9.fc16 / nss-softokn-3.13.1-14.fc16 / etc (2011-17400)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The latest version of Firefox and Thunderbird have the following\nchanges :\n\n - Added Type Inference, significantly improving JavaScript\n performance\n\n - Added support for querying Do Not Track status via\n JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nUpdate nss to 3.13.1\n\nYou can find the new features and bug fixes in NSS 3.13 and 3.13.1\nwith these Bugzilla queries :\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI\nXED&classification=Components&query_format=advanced&target_milestone=3\n.13&product=NSS\n\nand\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI\nXED&classification=Components&query_format=advanced&target_milestone=3\n.13.1&product=NSS\n\nNotable changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext\nattack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by\ndefault. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable\nit.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error\nmessage and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only\n(contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://rsapss.hboeck.de/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rsapss.hboeck.de/\"\n );\n # https://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.13&product=NSS\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c50d6ac0\"\n );\n # https://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.13.1&product=NSS\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?132ae2a7\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071320.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1fa18268\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071321.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92f4593c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071322.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a6791be1\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071323.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?05d0db8f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071324.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b974e724\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af682fa6\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01c5fc18\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird-lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"firefox-9.0-3.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-3.13.1-9.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-softokn-3.13.1-14.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-util-3.13.1-3.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"thunderbird-9.0-4.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"thunderbird-lightning-1.1-0.1.rc1.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"xulrunner-9.0-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / nss / nss-softokn / nss-util / thunderbird / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:24", "description": "According to its SIP banner, the version of Asterisk running on the remote host is affected by the following vulnerabilities :\n\n - An information disclosure vulnerability, known as BEAST, exists in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API. (CVE-2011-3389)\n\n - An integer overflow condition exists in sip.conf due to improper validation of user-supplied input when handling 'timert1' values. A remote attacker can exploit this to cause a denial of service.\n\n - An unspecified flaw exists due to improper handling of FAT data in UDPTL packets. A remote attacker can exploit this to cause a denial of service.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2016-02-12T00:00:00", "type": "nessus", "title": "Asterisk Multiple Vulnerabilities (AST-2016-001 - AST-2016-003) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:digium:asterisk"], "id": "ASTERISK_AST_2016_003.NASL", "href": "https://www.tenable.com/plugins/nessus/88715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88715);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(\n 49778,\n 82651,\n 82656,\n 82670\n );\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Asterisk Multiple Vulnerabilities (AST-2016-001 - AST-2016-003) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A telephony application running on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its SIP banner, the version of Asterisk running on the\nremote host is affected by the following vulnerabilities :\n\n - An information disclosure vulnerability, known as BEAST,\n exists in the SSL 3.0 and TLS 1.0 protocols due to a\n flaw in the way the initialization vector (IV) is\n selected when operating in cipher-block chaining (CBC)\n modes. A man-in-the-middle attacker can exploit this\n to obtain plaintext HTTP header data, by using a\n blockwise chosen-boundary attack (BCBA) on an HTTPS\n session, in conjunction with JavaScript code that uses\n the HTML5 WebSocket API, the Java URLConnection API,\n or the Silverlight WebClient API. (CVE-2011-3389)\n\n - An integer overflow condition exists in sip.conf due to\n improper validation of user-supplied input when handling\n 'timert1' values. A remote attacker can exploit this to\n cause a denial of service.\n\n - An unspecified flaw exists due to improper handling of\n FAT data in UDPTL packets. A remote attacker can exploit\n this to cause a denial of service.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-003.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Asterisk version 11.21.1 / 13.7.1 / 11.6-cert12 /\n13.1-cert3. Alternatively, apply the appropriate patch referenced in\nthe vendor advisories.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/12\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:digium:asterisk\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"asterisk_detection.nasl\");\n script_require_keys(\"asterisk/sip_detected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"asterisk/sip_detected\");\n\nasterisk_kbs = get_kb_list_or_exit(\"sip/asterisk/*/version\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nis_vuln = FALSE;\nnot_vuln_installs = make_list();\nerrors = make_list();\n\nforeach kb_name (keys(asterisk_kbs))\n{\n vulnerable = 0;\n patch_only = FALSE;\n\n matches = eregmatch(pattern:\"/(udp|tcp)/([0-9]+)/version\", string:kb_name);\n if (isnull(matches))\n {\n errors = make_list(errors, \"Unexpected error parsing port number from '\"+kb_name+\"'.\");\n continue;\n }\n\n proto = matches[1];\n port = matches[2];\n version = asterisk_kbs[kb_name];\n\n if (version == 'unknown')\n {\n errors = make_list(errors, \"Unable to obtain version of install on \" + proto + \"/\" + port + \".\");\n continue;\n }\n\n banner = get_kb_item(\"sip/asterisk/\" + proto + \"/\" + port + \"/source\");\n if (!banner)\n {\n # We have version but banner is missing;\n # log error and use in version-check though.\n errors = make_list(errors, \"KB item 'sip/asterisk/\" + proto + \"/\" + port + \"/source' is missing.\");\n banner = 'unknown';\n }\n\n # Open Source 1.8.x\n # Patch does not change version.\n if (version =~ \"^1\\.8([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Open Source 11.x\n if (version =~ \"^11([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"11.21.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Open Source 12.x\n # Patch does not change version\n else if (version =~ \"^12([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Open Source 13.x\n else if (version =~ \"^13([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"13.7.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Asterisk Certified 1.8.28-certx\n # Patch does not change version.\n else if (version =~ \"^1\\.8\\.28([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Asterisk Certified 11.6-certx\n else if (version =~ \"^11\\.6([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"11.6-cert12\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Asterisk Certified 13.1-certx < 13.1-cert2\n else if (version =~ \"^13\\.1([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"13.1-cert3\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n if (vulnerable < 0 || patch_only == TRUE)\n {\n is_vuln = TRUE;\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed +\n '\\n';\n security_warning(port:port, proto:proto, extra:report);\n }\n else security_warning(port:port, proto:proto);\n }\n else not_vuln_installs = make_list(not_vuln_installs, version + \" on port \" + proto + \"/\" + port);\n}\n\nif (max_index(errors))\n{\n if (max_index(errors) == 1) errmsg = errors[0];\n else errmsg = 'Errors were encountered verifying installs : \\n ' + join(errors, sep:'\\n ');\n\n exit(1, errmsg);\n}\nelse\n{\n installs = max_index(not_vuln_installs);\n if (installs == 0)\n {\n if (is_vuln) exit(0);\n else audit(AUDIT_NOT_INST, \"Asterisk\");\n }\n else audit(AUDIT_INST_VER_NOT_VULN, \"Asterisk\", not_vuln_installs);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:19:14", "description": "NSS_NSPR_JSS 3.13.1 Solaris: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 M.\nDate this patch was last updated by Sun : Feb/08/12", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 125358-15 (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:125358", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_125358-15.NASL", "href": "https://www.tenable.com/plugins/nessus/107424", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107424);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Solaris 10 (sparc) : 125358-15 (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 125358-15\");\n script_set_attribute(attribute:\"description\", value:\n\"NSS_NSPR_JSS 3.13.1 Solaris: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 M.\nDate this patch was last updated by Sun : Feb/08/12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://getupdates.oracle.com/readme/125358-15\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install patch 125358-15 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:125358\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWjss\", version:\"4.2.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWpr\", version:\"4.6.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWprd\", version:\"4.6.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtls\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtlsd\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtlsu\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWjss / SUNWpr / SUNWprd / SUNWtls / SUNWtlsd / SUNWtlsu\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:08:58", "description": "The remote host is running a version of IBM Tivoli Directory Server and a version of IBM Global Security Kit (GSKit) that is affected by an information disclosure vulnerability. The Transport Layer Security (TLS) protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets. This type of exploitation is known as the 'Lucky Thirteen' attack.", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "nessus", "title": "IBM Tivoli Directory Server < 6.0.0.72 / 6.1.0.55 / 6.2.0.30 / 6.3.0.22 with GSKit < 7.0.4.45 / 8.0.14.27 TLS Side-Channel Timing Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:tivoli_directory_server", "cpe:/a:ibm:global_security_kit"], "id": "TIVOLI_DIRECTORY_SVR_SWG21638270.NASL", "href": "https://www.tenable.com/plugins/nessus/80481", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80481);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM Tivoli Directory Server < 6.0.0.72 / 6.1.0.55 / 6.2.0.30 / 6.3.0.22 with GSKit < 7.0.4.45 / 8.0.14.27 TLS Side-Channel Timing Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a library installed that is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of IBM Tivoli Directory Server\nand a version of IBM Global Security Kit (GSKit) that is affected by\nan information disclosure vulnerability. The Transport Layer Security\n(TLS) protocol does not properly consider timing side-channel attacks,\nwhich allows remote attackers to conduct distinguishing attacks and\nplain-text recovery attacks via statistical analysis of timing data\nfor crafted packets. This type of exploitation is known as the 'Lucky\nThirteen' attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21638270\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate fix based on the vendor's advisory :\n\n - 6.0.0.72-ISS-ITDS\n - 6.1.0.55-ISS-ITDS\n - 6.2.0.30-ISS-ITDS\n - 6.3.0.22-ISS-ITDS\n\nAlternatively, upgrade GSKit to 7.0.4.45 or 8.0.50.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:global_security_kit\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_gskit_installed.nasl\", \"tivoli_directory_svr_installed.nasl\");\n script_require_keys(\"installed_sw/IBM GSKit\", \"installed_sw/IBM Security Directory Server\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\n\ntds_name = \"IBM Security Directory Server\";\ntds_install = get_single_install(app_name:tds_name, exit_if_unknown_ver:TRUE);\n\ntds_ver = tds_install['version'];\ntds_path = tds_install['path'];\n\ntds_fix = NULL;\ntds_patch = NULL;\ngsk_ver_regex = NULL;\ngsk_fix = NULL;\n\n# Ensure that TDS version is affected.\nif (tds_ver =~ \"^6\\.0\\.\")\n{\n tds_fix = \"6.0.0.72\";\n tds_patch = \"6.0.0.72-ISS-ITDS\";\n gsk_ver_regex = \"^7\\.\";\n gsk_fix = '7.0.4.45';\n}\nelse if (tds_ver =~ \"^6\\.1\\.\")\n{\n tds_fix = \"6.1.0.55\";\n tds_patch = \"6.1.0.55-ISS-ITDS\";\n gsk_ver_regex = \"^7\\.\";\n gsk_fix = '7.0.4.45';\n}\nelse if (tds_ver =~ \"^6\\.2\\.\")\n{\n tds_fix = \"6.2.0.30\";\n tds_patch = \"6.2.0.30-ISS-ITDS\";\n gsk_ver_regex = \"^7\\.\";\n gsk_fix = '7.0.4.45';\n}\nelse if (tds_ver =~ \"^6\\.3\\.0($|[^0-9])\")\n{\n tds_fix = \"6.3.0.22\";\n tds_patch = \"6.3.0.22-ISS-ITDS\";\n gsk_ver_regex = \"^8\\.\";\n gsk_fix = '8.0.14.27 / 8.0.50.4';\n}\n\n# If the IF has been installed or the branch is not affected, exit.\nif (isnull(tds_fix) || ver_compare(ver:tds_ver, fix:tds_fix, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, tds_name, tds_ver, tds_path);\n\n# If we got this far, we need to look at GSKit.\ngsk_app = \"IBM GSKit\";\n\n# We don't bother to exit if we can't detect any GSKit installations\ngsk_installs = get_installs(app_name:gsk_app);\ngsk_report = NULL;\ngsk_vuln = 0;\n\nforeach gsk_install (gsk_installs[1])\n{\n gsk_ver = gsk_install['version'];\n gsk_path = gsk_install['path'];\n\n # There can only be a single install per major version. So we will\n # have at most one vulnerable install.\n if (gsk_ver !~ gsk_ver_regex) continue;\n\n if (\n (gsk_ver =~ \"^8\\.0\\.50\\.\"\n && ver_compare(ver:gsk_ver, fix:\"8.0.50.4\", strict:FALSE) == -1) ||\n (gsk_ver =~ \"^8\\.0\\.14\\.\"\n && ver_compare(ver:gsk_ver, fix:\"8.0.14.27\", strict:FALSE) == -1) ||\n (gsk_ver =~ \"^7\\.0\\.\"\n && ver_compare(ver:gsk_ver, fix:\"7.0.4.45\", strict:FALSE) == -1)\n )\n {\n gsk_report +=\n '\\n Path : ' + gsk_path +\n '\\n Installed GSKit Version : ' + gsk_ver +\n '\\n Fixed GSKit Version : ' + gsk_fix +\n '\\n';\n\n gsk_vuln++;\n }\n}\n\nport = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nif (report_verbosity > 0)\n{\n report =\n '\\nThe install of ' + tds_name + ' is vulnerable :' +\n '\\n' +\n '\\n Path : ' + tds_path +\n '\\n Installed version : ' + tds_ver +\n '\\n Fixed version : ' + tds_fix +\n '\\n' +\n '\\nInstall ' + tds_patch + ' to update installation.' +\n '\\n';\n\n if (!isnull(gsk_report))\n {\n instance = \" instance \"; is_are = \" is \";\n\n if (gsk_vuln > 1) {instance = \" instances \"; is_are = \" are \";}\n\n report +=\n '\\nAlso, the following vulnerable'+instance+'of '+gsk_app+is_are+'installed on the'+\n '\\nremote host :' +\n '\\n' +\n gsk_report;\n }\n\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:37:51", "description": "The version of IBM Global Security Kit (GSKit) installed on the remote host is 7.0.x prior to 7.0.4.45 or 8.0.14.x prior to 8.0.14.27.\nIt is, therefore, affected by an information disclosure vulnerability.\nThe Transport Layer Security (TLS) protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets. This type of exploitation is known as the 'Lucky Thirteen' attack.", "cvss3": {}, "published": "2013-07-10T00:00:00", "type": "nessus", "title": "IBM GSKit 7.x < 7.0.4.45 / 8.0.14.x < 8.0.14.27 TLS Side-Channel Timing Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:global_security_kit"], "id": "IBM_GSKIT_SWG21638270.NASL", "href": "https://www.tenable.com/plugins/nessus/67231", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67231);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM GSKit 7.x < 7.0.4.45 / 8.0.14.x < 8.0.14.27 TLS Side-Channel Timing Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a library installed that is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM Global Security Kit (GSKit) installed on the\nremote host is 7.0.x prior to 7.0.4.45 or 8.0.14.x prior to 8.0.14.27.\nIt is, therefore, affected by an information disclosure vulnerability.\nThe Transport Layer Security (TLS) protocol does not properly\nconsider timing side-channel attacks, which allows remote attackers\nto conduct distinguishing attacks and plain-text recovery attacks via\nstatistical analysis of timing data for crafted packets. This type of\nexploitation is known as the 'Lucky Thirteen' attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21638270\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to GSKit 7.0.4.45 / 8.0.14.27 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/10\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:global_security_kit\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_gskit_installed.nasl\", \"ibm_gskit_installed_nix.nbin\");\n script_require_keys(\"installed_sw/IBM GSKit\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = \"IBM GSKit\";\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nversion = install['version'];\npath = install['path'];\nfix = NULL;\n\nif (version =~ '^7\\\\.0\\\\.' && ver_compare(ver:version, fix:'7.0.4.45') < 0)\n fix = '7.0.4.45';\nelse if (version =~ '^8\\\\.0\\\\.14\\\\.' && ver_compare(ver:version, fix:'8.0.14.27') < 0)\n fix = '8.0.14.27';\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n\n# Default to Linux unless the RPM is not set\nport = 0;\nif (isnull(install['RPM']))\n{\n port = get_kb_item('SMB/transport');\n if (!port) port = 445;\n}\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix + '\\n';\n\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T14:37:47", "description": "According to its banner, the remote web server is running a version of OpenSSL 1.0.1 prior to 1.0.1e. The OpenSSL library is, therefore, reportedly affected by an incomplete fix for CVE-2013-0169.\n\nAn error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks.", "cvss3": {}, "published": "2013-02-13T00:00:00", "type": "nessus", "title": "OpenSSL 1.0.1 < 1.0.1e Information Disclosure", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2023-08-21T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_0_1E.NASL", "href": "https://www.tenable.com/plugins/nessus/64620", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64620);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/08/21\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"OpenSSL 1.0.1 < 1.0.1e Information Disclosure\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service may be affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote web server is running a version of\nOpenSSL 1.0.1 prior to 1.0.1e. The OpenSSL library is, therefore,\nreportedly affected by an incomplete fix for CVE-2013-0169.\n\nAn error exists related to the SSL/TLS/DTLS protocols, CBC mode\nencryption and response time. An attacker could obtain plaintext\ncontents of encrypted traffic via timing attacks.\");\n # https://www.mail-archive.com/openssl-announce@openssl.org/msg00125.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9167fa5f\");\n # https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0c4b72e9c0e3a75e0b89166540396dc3b58138b8\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a7f8a0c1\");\n # https://git.openssl.org/gitweb/?p=openssl-web.git;a=commitdiff;h=3668d99f1db0410ccd43b5edb88651ccf6e9ac48\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ecf84273\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL 1.0.1e or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"openssl_version.nasl\", \"openssl_nix_installed.nbin\", \"openssl_win_installed.nbin\");\n script_require_keys(\"installed_sw/OpenSSL\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras_openssl.inc');\n\nvar app_info = vcf::combined_get_app_info(app:'OpenSSL');\n\nvcf::check_all_backporting(app_info:app_info);\n\nvar constraints = [{ 'min_version' : \"1.0.1\", 'fixed_version' : '1.0.1e'}];\n\nvcf::openssl::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_NOTE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:22:22", "description": "The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the 'Lucky Thirteen' issue.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-15T00:00:00", "type": "nessus", "title": "IBM HTTP Server 8.5.0.0 <= 8.5.0.2 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.27 / 6.1.0.0 <= 6.1.0.45 (491407)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:http_server"], "id": "IBM_HTTP_SERVER_491407.NASL", "href": "https://www.tenable.com/plugins/nessus/144298", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144298);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\");\n script_bugtraq_id(57778);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM HTTP Server 8.5.0.0 <= 8.5.0.2 / 8.0.0.0 <= 8.0.0.6 / 7.0.0.0 <= 7.0.0.27 / 6.1.0.0 <= 6.1.0.45 (491407)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The TLS protocol 1.1 and 1.2\nand the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider\ntiming side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows\nremote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing\ndata for crafted packets, aka the 'Lucky Thirteen' issue.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/491407\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM HTTP Server version 8.5.5.0, 8.0.0.7, 7.0.0.29, 6.1.0.47 or later. Alternatively, upgrade to the minimal\nfix pack level required by the interim fix and then apply Interim Fix PI09443.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_http_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM HTTP Server (IHS)\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'IBM HTTP Server (IHS)';\nfix = 'Interim Fix PI09443';\n\napp_info = vcf::get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n if ('PI09443' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n { 'min_version' : '8.5.0.0', 'max_version' : '8.5.0.2', 'fixed_display' : '8.5.5.0 or Interim Fix PI09443'},\n { 'min_version' : '8.0.0.0', 'max_version' : '8.0.0.6', 'fixed_display' : '8.0.0.7 or Interim Fix PI09443'},\n { 'min_version' : '7.0.0.0', 'max_version' : '7.0.0.27', 'fixed_display' : '7.0.0.29 or Interim Fix PI09443'},\n { 'min_version' : '6.1.0.0', 'max_version' : '6.1.0.45', 'fixed_display' : '6.1.0.47 or Interim Fix PI09443'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_NOTE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:01", "description": "Several vulnerabilities have been discovered in lighttpd, a small and fast webserver with minimal memory footprint.\n\n - CVE-2011-4362 Xi Wang discovered that the base64 decoding routine which is used to decode user input during an HTTP authentication, suffers of a signedness issue when processing user input. As a result it is possible to force lighttpd to perform an out-of-bounds read which results in Denial of Service conditions.\n\n - CVE-2011-3389 When using CBC ciphers on an SSL enabled virtual host to communicate with certain client, a so called 'BEAST' attack allows man-in-the-middle attackers to obtain plaintext HTTP traffic via a blockwise chosen-boundary attack (BCBA) on an HTTPS session. Technically this is no lighttpd vulnerability. However, lighttpd offers a workaround to mitigate this problem by providing a possibility to disable CBC ciphers.\n\n This updates includes this option by default. System administrators are advised to read the NEWS file of this update (as this may break older clients).", "cvss3": {}, "published": "2012-01-12T00:00:00", "type": "nessus", "title": "Debian DSA-2368-1 : lighttpd - multiple vulnerabilities (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2011-4362"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:lighttpd", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2368.NASL", "href": "https://www.tenable.com/plugins/nessus/57508", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2368. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57508);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4362\");\n script_bugtraq_id(49778, 50851);\n script_xref(name:\"DSA\", value:\"2368\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Debian DSA-2368-1 : lighttpd - multiple vulnerabilities (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Several vulnerabilities have been discovered in lighttpd, a small and\nfast webserver with minimal memory footprint.\n\n - CVE-2011-4362\n Xi Wang discovered that the base64 decoding routine\n which is used to decode user input during an HTTP\n authentication, suffers of a signedness issue when\n processing user input. As a result it is possible to\n force lighttpd to perform an out-of-bounds read which\n results in Denial of Service conditions.\n\n - CVE-2011-3389\n When using CBC ciphers on an SSL enabled virtual host to\n communicate with certain client, a so called 'BEAST'\n attack allows man-in-the-middle attackers to obtain\n plaintext HTTP traffic via a blockwise chosen-boundary\n attack (BCBA) on an HTTPS session. Technically this is\n no lighttpd vulnerability. However, lighttpd offers a\n workaround to mitigate this problem by providing a\n possibility to disable CBC ciphers.\n\n This updates includes this option by default. System administrators\n are advised to read the NEWS file of this update (as this may break\n older clients).\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2011-4362\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2011-3389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/squeeze/lighttpd\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2011/dsa-2368\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the lighttpd packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.4.19-5+lenny3.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.4.28-2+squeeze1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lighttpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"lighttpd\", reference:\"1.4.19-5+lenny3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lighttpd\", reference:\"1.4.28-2+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lighttpd-doc\", reference:\"1.4.28-2+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lighttpd-mod-cml\", reference:\"1.4.28-2+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lighttpd-mod-magnet\", reference:\"1.4.28-2+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lighttpd-mod-mysql-vhost\", reference:\"1.4.28-2+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lighttpd-mod-trigger-b4-dl\", reference:\"1.4.28-2+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lighttpd-mod-webdav\", reference:\"1.4.28-2+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:23", "description": "The Opera browser received a security and bugfix update to 11.51.\n\nMore information can be found here:\nhttp://www.opera.com/docs/changelogs/unix/1151/\n\nCVE-2011-3388 - incorrect security information display CVE-2011-3389 - unspecified 'low severity issue, as reported by Thai Duong and Juliano Rizzo.'", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : opera (openSUSE-SU-2011:1025-1) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3388", "CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:opera", "p-cpe:/a:novell:opensuse:opera-gtk", "p-cpe:/a:novell:opensuse:opera-kde4", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_OPERA-110906.NASL", "href": "https://www.tenable.com/plugins/nessus/75984", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update opera-5115.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75984);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3388\", \"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : opera (openSUSE-SU-2011:1025-1) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Opera browser received a security and bugfix update to 11.51.\n\nMore information can be found here:\nhttp://www.opera.com/docs/changelogs/unix/1151/\n\nCVE-2011-3388 - incorrect security information display CVE-2011-3389 -\nunspecified 'low severity issue, as reported by Thai Duong and Juliano\nRizzo.'\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.opera.com/en/latest/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=716002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2011-09/msg00016.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected opera packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera-kde4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"opera-11.51-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"opera-gtk-11.51-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"opera-kde4-11.51-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opera\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:59", "description": "The remote Mac OS X host has a version of Apple Xcode installed that is prior to 4.4. It is, therefore, affected by multiple vulnerabilities :\n\n - An information disclosure vulnerability, known as BEAST, exists in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.\n (CVE-2011-3389)\n\n - An information disclosure vulnerability exists that may allow a specially crafted App Store application to read entries in the keychain. (CVE-2012-3698)", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "nessus", "title": "Apple Xcode < 4.4 Multiple Vulnerabilities (Mac OS X) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-3698"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:apple:xcode"], "id": "MACOSX_XCODE_4_4.NASL", "href": "https://www.tenable.com/plugins/nessus/61413", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61413);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-3698\");\n script_bugtraq_id(49778, 54679);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Apple Xcode < 4.4 Multiple Vulnerabilities (Mac OS X) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Mac OS X host has a version of Apple Xcode installed that is prior to 4.4. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An information disclosure vulnerability, known as BEAST, exists in the SSL 3.0 and TLS 1.0 protocols due\n to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining\n (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using\n a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that\n uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.\n (CVE-2011-3389)\n\n - An information disclosure vulnerability exists that may allow a specially crafted App Store application to\n read entries in the keychain. (CVE-2012-3698)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5416\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Xcode version 4.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-3698\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:xcode\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_xcode_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Apple Xcode\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nget_kb_item_or_exit('Host/local_checks_enabled');\n\nos = get_kb_item('Host/MacOSX/Version');\nif (empty_or_null(os))\n audit(AUDIT_OS_NOT, 'macOS or Mac OS X');\n\napp_info = vcf::get_app_info(app:'Apple Xcode');\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { 'fixed_version' : '4.4' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:45", "description": "Multiple vulnerabilities has been found and corrected in curl :\n\ncurl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. A work-around has been added to mitigate the problem (CVE-2011-3389).\n\ncurl is vulnerable to a data injection attack for certain protocols through control characters embedded or percent-encoded in URLs (CVE-2012-0036).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2012-04-16T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : curl (MDVSA-2012:058)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0036"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:curl", "p-cpe:/a:mandriva:linux:curl-examples", "p-cpe:/a:mandriva:linux:lib64curl-devel", "p-cpe:/a:mandriva:linux:lib64curl4", "p-cpe:/a:mandriva:linux:libcurl-devel", "p-cpe:/a:mandriva:linux:libcurl4", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2012-058.NASL", "href": "https://www.tenable.com/plugins/nessus/58759", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:058. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58759);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0036\");\n script_bugtraq_id(49778, 51665);\n script_xref(name:\"MDVSA\", value:\"2012:058\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Mandriva Linux Security Advisory : curl (MDVSA-2012:058)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities has been found and corrected in curl :\n\ncurl is vulnerable to a SSL CBC IV vulnerability when built to use\nOpenSSL for the SSL/TLS layer. A work-around has been added to\nmitigate the problem (CVE-2011-3389).\n\ncurl is vulnerable to a data injection attack for certain protocols\nthrough control characters embedded or percent-encoded in URLs\n(CVE-2012-0036).\n\nThe updated packages have been patched to correct these issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://curl.haxx.se/docs/CVE-2012-0036.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://curl.haxx.se/docs/adv_20120124B.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://curl.haxx.se/docs/manpage.html#--ssl-allow-beast\");\n script_set_attribute(attribute:\"see_also\", value:\"https://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTSSLOPTIONS\");\n script_set_attribute(attribute:\"see_also\", value:\"http://thread.gmane.org/gmane.comp.web.curl.library/34659\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:curl-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64curl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64curl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"curl-7.20.1-2.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"curl-examples-7.20.1-2.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64curl-devel-7.20.1-2.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64curl4-7.20.1-2.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libcurl-devel-7.20.1-2.2mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libcurl4-7.20.1-2.2mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"curl-7.21.7-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"curl-examples-7.21.7-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64curl-devel-7.21.7-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64curl4-7.21.7-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libcurl-devel-7.21.7-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libcurl4-7.21.7-1.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:08", "description": "Multiple vulnerabilities has been found and corrected in fetchmail :\n\nFetchmail version 6.3.9 enabled all SSL workarounds (SSL_OP_ALL) which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can make the application (fetchmail) encrypt some data for him -- which is not easily the case (aka a BEAST attack) (CVE-2011-3389).\n\nA denial of service flaw was found in the way Fetchmail, a remote mail retrieval and forwarding utility, performed base64 decoding of certain NTLM server responses. Upon sending the NTLM authentication request, Fetchmail did not check if the received response was actually part of NTLM protocol exchange, or server-side error message and session abort. A rogue NTML server could use this flaw to cause fetchmail executable crash (CVE-2012-3482).\n\nThis advisory provides the latest version of fetchmail (6.3.22) which is not vulnerable to these issues.", "cvss3": {}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : fetchmail (MDVSA-2013:037)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-3482"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:fetchmail", "p-cpe:/a:mandriva:linux:fetchmail-daemon", "p-cpe:/a:mandriva:linux:fetchmailconf", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-037.NASL", "href": "https://www.tenable.com/plugins/nessus/66051", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:037. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66051);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-3482\");\n script_bugtraq_id(49388, 49778, 54987);\n script_xref(name:\"MDVSA\", value:\"2013:037\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Mandriva Linux Security Advisory : fetchmail (MDVSA-2013:037)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities has been found and corrected in fetchmail :\n\nFetchmail version 6.3.9 enabled all SSL workarounds (SSL_OP_ALL) which\ncontains a switch to disable a countermeasure against certain attacks\nagainst block ciphers that permit guessing the initialization vectors,\nproviding that an attacker can make the application (fetchmail)\nencrypt some data for him -- which is not easily the case (aka a BEAST\nattack) (CVE-2011-3389).\n\nA denial of service flaw was found in the way Fetchmail, a remote mail\nretrieval and forwarding utility, performed base64 decoding of certain\nNTLM server responses. Upon sending the NTLM authentication request,\nFetchmail did not check if the received response was actually part of\nNTLM protocol exchange, or server-side error message and session\nabort. A rogue NTML server could use this flaw to cause fetchmail\nexecutable crash (CVE-2012-3482).\n\nThis advisory provides the latest version of fetchmail (6.3.22) which\nis not vulnerable to these issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.fetchmail.info/fetchmail-SA-2012-01.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.fetchmail.info/fetchmail-SA-2012-02.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected fetchmail, fetchmail-daemon and / or fetchmailconf\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fetchmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fetchmail-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fetchmailconf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"fetchmail-6.3.22-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"fetchmail-daemon-6.3.22-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"fetchmailconf-6.3.22-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:11:02", "description": "nss 3.12.8-1+squeeze11 fixes two security issues :\n\nCVE-2011-3389\n\nSSL 3.0 and TLS 1.0 connections were vulnerable to some chosen plaintext attacks which allowed man-in-the middle attackers to obtain plaintext HTTP headers on an HTTPS session. This issue is known as the 'BEAST' attack.\n\nCVE-2014-1569\n\nPossible information leak with too-permissive ASN.1 DER decoding of length.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-154-1 : nss security update (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2014-1569"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnss3-1d", "p-cpe:/a:debian:debian_linux:libnss3-1d-dbg", "p-cpe:/a:debian:debian_linux:libnss3-dev", "p-cpe:/a:debian:debian_linux:libnss3-tools", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-154.NASL", "href": "https://www.tenable.com/plugins/nessus/82137", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-154-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82137);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2014-1569\");\n script_bugtraq_id(49388, 49778, 71675);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Debian DLA-154-1 : nss security update (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"nss 3.12.8-1+squeeze11 fixes two security issues :\n\nCVE-2011-3389\n\nSSL 3.0 and TLS 1.0 connections were vulnerable to some chosen\nplaintext attacks which allowed man-in-the middle attackers to obtain\nplaintext HTTP headers on an HTTPS session. This issue is known as the\n'BEAST' attack.\n\nCVE-2014-1569\n\nPossible information leak with too-permissive ASN.1 DER decoding of\nlength.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2015/02/msg00008.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/squeeze-lts/nss\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-1d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-1d-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libnss3-1d\", reference:\"3.12.8-1+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss3-1d-dbg\", reference:\"3.12.8-1+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss3-dev\", reference:\"3.12.8-1+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss3-tools\", reference:\"3.12.8-1+squeeze11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:49", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a 'BEAST' attack. (CVE-2011-3389)\n\n - Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read.\n (CVE-2012-3482)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : fetchmail (multiple_vulnerabilities_in_fetchmail) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-3482"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.0", "p-cpe:/a:oracle:solaris:fetchmail"], "id": "SOLARIS11_FETCHMAIL_20121016.NASL", "href": "https://www.tenable.com/plugins/nessus/80605", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80605);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-3482\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : fetchmail (multiple_vulnerabilities_in_fetchmail) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The SSL protocol, as used in certain configurations in\n Microsoft Windows and Microsoft Internet Explorer,\n Mozilla Firefox, Google Chrome, Opera, and other\n products, encrypts data by using CBC mode with chained\n initialization vectors, which allows man-in-the-middle\n attackers to obtain plaintext HTTP headers via a\n blockwise chosen-boundary attack (BCBA) on an HTTPS\n session, in conjunction with JavaScript code that uses\n (1) the HTML5 WebSocket API, (2) the Java URLConnection\n API, or (3) the Silverlight WebClient API, aka a 'BEAST'\n attack. (CVE-2011-3389)\n\n - Fetchmail 5.0.8 through 6.3.21, when using NTLM\n authentication in debug mode, allows remote NTLM servers\n to (1) cause a denial of service (crash and delayed\n delivery of inbound mail) via a crafted NTLM response\n that triggers an out-of-bounds read in the base64\n decoder, or (2) obtain sensitive information from memory\n via an NTLM Type 2 message with a crafted Target Name\n structure, which triggers an out-of-bounds read.\n (CVE-2012-3482)\");\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a913f44\");\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-fetchmail\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?90390bc0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Solaris 11/11 SRU 12.4.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:fetchmail\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^fetchmail$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"fetchmail\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.0.12.0.4.0\", sru:\"SRU 12.4\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : fetchmail\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"fetchmail\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:19", "description": "The Mozilla NSS libraries were updated to version 3.13.1 to fix various bugs and security problems.\n\nFollowing security issues were fixed :\n\n - SSL 2.0 is disabled by default\n\n - A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n bnc#\n\n - SHA-224 is supported\n\n - NSS_NoDB_Init does not try to open /pkcs11.txt and /secmod.db anymore (bmo#641052, bnc#726096) (CVE-2011-3640)\n\nAlso following bugs were fixed :\n\n - fix spec file syntax for qemu-workaround\n\n - Added a patch to fix errors in the pkcs11n.h header file. (bmo#702090)\n\n - better SHA-224 support (bmo#647706)\n\n - SHA-224 is supported\n\n - Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code\n\n - Added NSS_GetVersion to return the NSS version string\n\n - Added experimental support of RSA-PSS to the softoken only", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nss-201112 (openSUSE-SU-2012:0030-1) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2011-3640"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_NSS-201112-111220.NASL", "href": "https://www.tenable.com/plugins/nessus/75685", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update nss-201112-5564.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75685);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-3640\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : nss-201112 (openSUSE-SU-2012:0030-1) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Mozilla NSS libraries were updated to version 3.13.1 to fix\nvarious bugs and security problems.\n\nFollowing security issues were fixed :\n\n - SSL 2.0 is disabled by default\n\n - A defense against the SSL 3.0 and TLS 1.0 CBC chosen\n plaintext attack demonstrated by Rizzo and Duong\n (CVE-2011-3389) is enabled by default. Set the\n SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n bnc#\n\n - SHA-224 is supported\n\n - NSS_NoDB_Init does not try to open /pkcs11.txt and\n /secmod.db anymore (bmo#641052, bnc#726096)\n (CVE-2011-3640)\n\nAlso following bugs were fixed :\n\n - fix spec file syntax for qemu-workaround\n\n - Added a patch to fix errors in the pkcs11n.h header\n file. (bmo#702090)\n\n - better SHA-224 support (bmo#647706)\n\n - SHA-224 is supported\n\n - Added PORT_ErrorToString and PORT_ErrorToName to return\n the error message and symbolic name of an NSS error code\n\n - Added NSS_GetVersion to return the NSS version string\n\n - Added experimental support of RSA-PSS to the softoken\n only\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=726096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2012-01/msg00009.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2012-01/msg00021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss-201112 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libfreebl3-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libsoftokn3-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"mozilla-nss-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"mozilla-nss-certs-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"mozilla-nss-devel-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"mozilla-nss-sysinit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"mozilla-nss-tools-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.13.1-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-nss\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:19", "description": "Multiple vulnerabilities has been found and corrected in fetchmail :\n\nFetchmail version 6.3.9 enabled all SSL workarounds (SSL_OP_ALL) which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can make the application (fetchmail) encrypt some data for him -- which is not easily the case (aka a BEAST attack) (CVE-2011-3389).\n\nA denial of service flaw was found in the way Fetchmail, a remote mail retrieval and forwarding utility, performed base64 decoding of certain NTLM server responses. Upon sending the NTLM authentication request, Fetchmail did not check if the received response was actually part of NTLM protocol exchange, or server-side error message and session abort. A rogue NTML server could use this flaw to cause fetchmail executable crash (CVE-2012-3482).\n\nThis advisory provides the latest version of fetchmail (6.3.22) which is not vulnerable to these issues.", "cvss3": {}, "published": "2012-09-06T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : fetchmail (MDVSA-2012:149)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-3482"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:fetchmail", "p-cpe:/a:mandriva:linux:fetchmail-daemon", "p-cpe:/a:mandriva:linux:fetchmailconf", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2012-149.NASL", "href": "https://www.tenable.com/plugins/nessus/61992", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:149. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61992);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-3482\");\n script_bugtraq_id(49778, 54987);\n script_xref(name:\"MDVSA\", value:\"2012:149\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Mandriva Linux Security Advisory : fetchmail (MDVSA-2012:149)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities has been found and corrected in fetchmail :\n\nFetchmail version 6.3.9 enabled all SSL workarounds (SSL_OP_ALL) which\ncontains a switch to disable a countermeasure against certain attacks\nagainst block ciphers that permit guessing the initialization vectors,\nproviding that an attacker can make the application (fetchmail)\nencrypt some data for him -- which is not easily the case (aka a BEAST\nattack) (CVE-2011-3389).\n\nA denial of service flaw was found in the way Fetchmail, a remote mail\nretrieval and forwarding utility, performed base64 decoding of certain\nNTLM server responses. Upon sending the NTLM authentication request,\nFetchmail did not check if the received response was actually part of\nNTLM protocol exchange, or server-side error message and session\nabort. A rogue NTML server could use this flaw to cause fetchmail\nexecutable crash (CVE-2012-3482).\n\nThis advisory provides the latest version of fetchmail (6.3.22) which\nis not vulnerable to these issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.fetchmail.info/fetchmail-SA-2012-01.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.fetchmail.info/fetchmail-SA-2012-02.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected fetchmail, fetchmail-daemon and / or fetchmailconf\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fetchmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fetchmail-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fetchmailconf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", reference:\"fetchmail-6.3.22-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"fetchmail-daemon-6.3.22-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"fetchmailconf-6.3.22-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:27", "description": "Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-04T00:00:00", "type": "nessus", "title": "Fedora 18 : openssl-1.0.1e-3.fc18 (2013-2834)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openssl", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-2834.NASL", "href": "https://www.tenable.com/plugins/nessus/64982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-2834.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64982);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_bugtraq_id(57755, 57778);\n script_xref(name:\"FEDORA\", value:\"2013-2834\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 18 : openssl-1.0.1e-3.fc18 (2013-2834)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple security and bug fixes update from upstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=839735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=907589\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=908052\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099470.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e08fe822\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"openssl-1.0.1e-3.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:37:02", "description": "Versions of OpenSSL prior to 0.9.8y are reportedly affected by the following vulnerabilities :\n\n - An error exists related to the handling of OCSP response verification that could allow denial of service attacks. (CVE-2013-0166)\n\n - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)", "cvss3": {}, "published": "2013-06-11T00:00:00", "type": "nessus", "title": "OpenSSL < 0.9.8y / 1.0.1d / 1.0.0k Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2013-06-11T00:00:00", "cpe": [], "id": "801052.PRM", "href": "https://www.tenable.com/plugins/lce/801052", "sourceData": "Binary data 801052.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-04T14:49:42", "description": "Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, CVE-2013-1486 could have been exploited without user interaction if a user visited a malicious website.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-02-21T00:00:00", "type": "nessus", "title": "CentOS 6 : java-1.6.0-openjdk (CESA-2013:0273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:java-1.6.0-openjdk", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-src", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2013-0273.NASL", "href": "https://www.tenable.com/plugins/nessus/64730", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0273 and \n# CentOS Errata and Security Advisory 2013:0273 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64730);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"RHSA\", value:\"2013:0273\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"CentOS 6 : java-1.6.0-openjdk (CESA-2013:0273)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\nAn improper permission check issue was discovered in the JMX component\nin OpenJDK. An untrusted Java application or applet could use this\nflaw to bypass Java sandbox restrictions. (CVE-2013-1486)\n\nIt was discovered that OpenJDK leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher\nsuites were used. A remote attacker could possibly use this flaw to\nretrieve plain text from the encrypted packets by using a TLS/SSL\nserver as a padding oracle. (CVE-2013-0169)\n\nNote: If the web browser plug-in provided by the icedtea-web package\nwas installed, CVE-2013-1486 could have been exploited without user\ninteraction if a user visited a malicious website.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.11.8.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\");\n # https://lists.centos.org/pipermail/centos-announce/2013-February/019252.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34909601\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.6.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-1486\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-04T15:19:54", "description": "java-1_6_0-openjdk was updated to IcedTea 1.12.3 (bnc#804654) containing security and bugfixes :\n\n - Security fixes\n\n - S8006446: Restrict MBeanServer access (CVE-2013-1486)\n\n - S8006777: Improve TLS handling of invalid messages Lucky 13 (CVE-2013-0169)\n\n - S8007688: Blacklist known bad certificate (issued by DigiCert)\n\n - Backports\n\n - S8007393: Possible race condition after JDK-6664509\n\n - S8007611: logging behavior in applet changed\n\n - Bug fixes\n\n - PR1319: Support GIF lib v5.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0375-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-1486"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_6_0-openjdk", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-debuginfo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-debugsource", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo-debuginfo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2013-164.NASL", "href": "https://www.tenable.com/plugins/nessus/74906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-164.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74906);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-1486\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0375-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"java-1_6_0-openjdk was updated to IcedTea 1.12.3 (bnc#804654)\ncontaining security and bugfixes :\n\n - Security fixes\n\n - S8006446: Restrict MBeanServer access (CVE-2013-1486)\n\n - S8006777: Improve TLS handling of invalid messages Lucky\n 13 (CVE-2013-0169)\n\n - S8007688: Blacklist known bad certificate (issued by\n DigiCert)\n\n - Backports\n\n - S8007393: Possible race condition after JDK-6664509\n\n - S8007611: logging behavior in applet changed\n\n - Bug fixes\n\n - PR1319: Support GIF lib v5.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=804654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2013-03/msg00001.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1_6_0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-debuginfo-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-debugsource-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-demo-debuginfo-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-devel-debuginfo-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-javadoc-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"java-1_6_0-openjdk-src-1.6.0.0_b27.1.12.3-28.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_6_0-openjdk\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:36", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.\n (CVE-2013-0166)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the 'Lucky Thirteen' issue. (CVE-2013-0169)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : openssl (lucky_thirteen_vulnerability_in_solaris)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-0169"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:openssl"], "id": "SOLARIS11_OPENSSL_20130716.NASL", "href": "https://www.tenable.com/plugins/nessus/80719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80719);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0166\", \"CVE-2013-0169\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : openssl (lucky_thirteen_vulnerability_in_solaris)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1\n before 1.0.1d does not properly perform signature\n verification for OCSP responses, which allows remote\n OCSP servers to cause a denial of service (NULL pointer\n dereference and application crash) via an invalid key.\n (CVE-2013-0166)\n\n - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0\n and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and\n other products, do not properly consider timing\n side-channel attacks on a MAC check requirement during\n the processing of malformed CBC padding, which allows\n remote attackers to conduct distinguishing attacks and\n plaintext-recovery attacks via statistical analysis of\n timing data for crafted packets, aka the 'Lucky\n Thirteen' issue. (CVE-2013-0169)\");\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a913f44\");\n # https://blogs.oracle.com/sunsecurity/lucky-thirteen-vulnerability-in-solaris-openssl\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d8ba7ad\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Solaris 11.1.7.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:openssl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^openssl$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.7.0.5.0\", sru:\"SRU 11.1.7.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : openssl\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"openssl\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:30:21", "description": "The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0169", "CVE-2013-2116"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:f5:big-ip:acceleration_manager", "cpe:/a:f5:big-ip:access_policy_manager", "cpe:/a:f5:big-ip:advanced_firewall_manager", "cpe:/a:f5:big-ip:application_security_manager", "cpe:/a:f5:big-ip:application_visibility_and_reporting", "cpe:/a:f5:big-ip:global_traffic_manager", "cpe:/a:f5:big-ip:link_controller", "cpe:/a:f5:big-ip:local_traffic_manager", "cpe:/a:f5:big-ip:policy_enforcement_manager", "cpe:/a:f5:big-ip:protocol_security_manager", "cpe:/a:f5:big-ip:wan_optimization_manager", "cpe:/a:f5:big-ip:web_accelerator_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL15637.NASL", "href": "https://www.tenable.com/plugins/nessus/78199", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL15637.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78199);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2013-0169\", \"CVE-2013-2116\");\n script_bugtraq_id(57778, 60215);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in\nGnuTLS 2.12.23 allows remote attackers to cause a denial of service\n(buffer over-read and crash) via a crafted padding length. NOTE: this\nmight be due to an incorrect fix for CVE-2013-0169.\");\n # http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15637.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?86d6ebf4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL15637.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip:web_accelerator_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL15637\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.4.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.4.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.4.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:19", "description": "Several vulnerabilities have been discovered in cURL, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2011-3389 This update enables OpenSSL workarounds against the 'BEAST' attack. Additional information can be found in the cURL advisory\n\n - CVE-2012-0036 Dan Fandrich discovered that cURL performs insufficient sanitising when extracting the file path part of an URL.", "cvss3": {}, "published": "2012-01-31T00:00:00", "type": "nessus", "title": "Debian DSA-2398-2 : curl - several vulnerabilities (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0036"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:curl", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2398.NASL", "href": "https://www.tenable.com/plugins/nessus/57738", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2398. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57738);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0036\");\n script_bugtraq_id(49388, 49778, 51665);\n script_xref(name:\"DSA\", value:\"2398\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Debian DSA-2398-2 : curl - several vulnerabilities (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Several vulnerabilities have been discovered in cURL, an URL transfer\nlibrary. The Common Vulnerabilities and Exposures project identifies\nthe following problems :\n\n - CVE-2011-3389\n This update enables OpenSSL workarounds against the\n 'BEAST' attack. Additional information can be found in\n the cURL advisory\n\n - CVE-2012-0036\n Dan Fandrich discovered that cURL performs insufficient\n sanitising when extracting the file path part of an URL.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658276\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2011-3389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://curl.haxx.se/docs/CVE-2011-3389.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2012-0036\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/squeeze/curl\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2012/dsa-2398\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the curl packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 7.18.2-8lenny6.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"curl\", reference:\"7.18.2-8lenny6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"curl\", reference:\"7.21.0-2.1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl3\", reference:\"7.21.0-2.1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl3-dbg\", reference:\"7.21.0-2.1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl3-gnutls\", reference:\"7.21.0-2.1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl4-gnutls-dev\", reference:\"7.21.0-2.1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl4-openssl-dev\", reference:\"7.21.0-2.1+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:49", "description": "The version of Opera installed on the remote Windows host is prior to 11.51. It is, therefore, affected by multiple vulnerabilities :\n\n - An unspecified error can allow an insecure or malicious site to cause the browser to display security information belonging to another, secure site in the address bar. This causes the insecure or malicious site to appear to be part of, or secured by, a third-party site. (CVE-2011-3388)\n\n - An information disclosure vulnerability, known as BEAST, exists in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API. (CVE-2011-3389)", "cvss3": {}, "published": "2011-09-01T00:00:00", "type": "nessus", "title": "Opera < 11.51 Multiple Vulnerabilities (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3388", "CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:opera:opera_browser"], "id": "OPERA_1151.NASL", "href": "https://www.tenable.com/plugins/nessus/56042", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56042);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3388\", \"CVE-2011-3389\");\n script_bugtraq_id(49388, 49978);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Opera < 11.51 Multiple Vulnerabilities (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Opera installed on the remote Windows host is prior to\n11.51. It is, therefore, affected by multiple vulnerabilities :\n\n - An unspecified error can allow an insecure or malicious\n site to cause the browser to display security\n information belonging to another, secure site in the\n address bar. This causes the insecure or malicious site\n to appear to be part of, or secured by, a third-party\n site. (CVE-2011-3388)\n\n - An information disclosure vulnerability, known as BEAST,\n exists in the SSL 3.0 and TLS 1.0 protocols due to a\n flaw in the way the initialization vector (IV) is\n selected when operating in cipher-block chaining (CBC)\n modes. A man-in-the-middle attacker can exploit this\n to obtain plaintext HTTP header data, by using a\n blockwise chosen-boundary attack (BCBA) on an HTTPS\n session, in conjunction with JavaScript code that uses\n the HTML5 WebSocket API, the Java URLConnection API,\n or the Silverlight WebClient API. (CVE-2011-3389)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20130223093835/http://www.opera.com/support/kb/view/1000/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20170915045026/http://www.opera.com:80/docs/changelogs/windows/1151/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Opera 11.51 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:opera:opera_browser\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"opera_installed.nasl\");\n script_require_keys(\"SMB/Opera/Version\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"SMB/Opera/Version\");\nversion_ui = get_kb_item(\"SMB/Opera/Version_UI\");\n\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui; \n\nfixed_version = \"11.51.1087.0\";\n\n# Check if we need to display full version info in case of Alpha/Beta/RC\nmajor_minor = eregmatch(string:version, pattern:\"^([0-9]+\\.[0-9]+)\");\nif (major_minor[1] == \"11.51\")\n{\n fixed_version_report = fixed_version;\n version_report = version;\n}\nelse\n fixed_version_report = \"11.51\";\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n if (report_verbosity > 0)\n {\n install_path = get_kb_item(\"SMB/Opera/Path\");\n\n report = \n '\\n Path : ' + install_path +\n '\\n Installed version : ' + version_report +\n '\\n Fixed version : ' + fixed_version_report +\n '\\n';\n security_warning(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_warning(port:get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nelse exit(0, \"The host is not affected since Opera \"+version_report+\" is installed.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:15", "description": "The Mozilla NSS libraries were updated to version 3.13.1 to fix various bugs and security problems.\n\nFollowing security issues were fixed: dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 SSL 2.0 is disabled by default dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default.\nSet the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it. bnc# dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 SHA-224 is supported dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 NSS_NoDB_Init does not try to open /pkcs11.txt and /secmod.db anymore (bmo#641052, bnc#726096) (CVE-2011-3640)\n\nAlso following bugs were fixed: dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 fix spec file syntax for qemu-workaround dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added a patch to fix errors in the pkcs11n.h header file. (bmo#702090) dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 better SHA-224 support (bmo#647706) dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 SHA-224 is supported dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added NSS_GetVersion to return the NSS version string dbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added experimental support of RSA-PSS to the softoken only", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nss-201112 (openSUSE-SU-2012:0030-1) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2011-3640"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_NSS-201112-111220.NASL", "href": "https://www.tenable.com/plugins/nessus/75980", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update nss-201112-5564.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75980);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-3640\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : nss-201112 (openSUSE-SU-2012:0030-1) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Mozilla NSS libraries were updated to version 3.13.1 to fix\nvarious bugs and security problems.\n\nFollowing security issues were fixed: dbg114-nss-201112-5564\nnew_updateinfo nss-201112-5564 SSL 2.0 is disabled by default\ndbg114-nss-201112-5564 new_updateinfo nss-201112-5564 A defense\nagainst the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack\ndemonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default.\nSet the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it. bnc#\ndbg114-nss-201112-5564 new_updateinfo nss-201112-5564 SHA-224 is\nsupported dbg114-nss-201112-5564 new_updateinfo nss-201112-5564\nNSS_NoDB_Init does not try to open /pkcs11.txt and /secmod.db anymore\n(bmo#641052, bnc#726096) (CVE-2011-3640)\n\nAlso following bugs were fixed: dbg114-nss-201112-5564 new_updateinfo\nnss-201112-5564 fix spec file syntax for qemu-workaround\ndbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added a patch to\nfix errors in the pkcs11n.h header file. (bmo#702090)\ndbg114-nss-201112-5564 new_updateinfo nss-201112-5564 better SHA-224\nsupport (bmo#647706) dbg114-nss-201112-5564 new_updateinfo\nnss-201112-5564 SHA-224 is supported dbg114-nss-201112-5564\nnew_updateinfo nss-201112-5564 Added PORT_ErrorToString and\nPORT_ErrorToName to return the error message and symbolic name of an\nNSS error code dbg114-nss-201112-5564 new_updateinfo nss-201112-5564\nAdded NSS_GetVersion to return the NSS version string\ndbg114-nss-201112-5564 new_updateinfo nss-201112-5564 Added\nexperimental support of RSA-PSS to the softoken only\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=726096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2012-01/msg00009.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2012-01/msg00021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss-201112 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libfreebl3-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libfreebl3-debuginfo-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libsoftokn3-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libsoftokn3-debuginfo-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-certs-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-certs-debuginfo-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-debuginfo-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-debugsource-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-devel-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-sysinit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-sysinit-debuginfo-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-tools-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-nss-tools-debuginfo-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.13.1-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.13.1-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-nss\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:27:03", "description": "The Opera browser received a security and bugfix update to 11.51.\n\nMore information can be found here:\nhttp://www.opera.com/docs/changelogs/unix/1151/\n\nCVE-2011-3388 - incorrect security information display CVE-2011-3389 - unspecified 'low severity issue, as reported by Thai Duong and Juliano Rizzo.'", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : opera (openSUSE-SU-2011:1025-1) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3388", "CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:opera", "p-cpe:/a:novell:opensuse:opera-gtk", "p-cpe:/a:novell:opensuse:opera-kde4", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_OPERA-110906.NASL", "href": "https://www.tenable.com/plugins/nessus/75697", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update opera-5115.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75697);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3388\", \"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : opera (openSUSE-SU-2011:1025-1) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Opera browser received a security and bugfix update to 11.51.\n\nMore information can be found here:\nhttp://www.opera.com/docs/changelogs/unix/1151/\n\nCVE-2011-3388 - incorrect security information display CVE-2011-3389 -\nunspecified 'low severity issue, as reported by Thai Duong and Juliano\nRizzo.'\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.opera.com/en/latest/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=716002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2011-09/msg00016.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected opera packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera-kde4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"opera-11.51-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"opera-gtk-11.51-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"opera-kde4-11.51-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opera\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ibm": [{"lastseen": "2023-02-12T17:34:51", "description": "## Summary\n\nSSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the \u201cBEAST\u201d attack. SSL protocol is used by the IBM FlashSystem V840.\n\n## Vulnerability Details\n\n**CVE-ID**: [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>) \n \n**DESCRIPTION**: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols when using a Cipher-Block Chaining (CBC) based cryptographic algorithm. By persuading a victim to visit a Web site, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt HTTPS sessions and obtain sensitive information. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [**_http://xforce.iss.net/xforce/xfdb/70069_**](<http://xforce.iss.net/xforce/xfdb/70069>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM FlashSystem V840 including machine type and models (MTMs) for all available code levels. MTMs affected include 9846-AC0, 9846-AC1, 9848-AC0, and 9848-AC1. \n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nFlashSystem V840 MTMs: \n\n9846-AE1,\n\n9848-AE1,\n\n9846-AC0,\n\n9846-AC1,\n\n9848-AC0,\n\n9848-AC1\n\n| A code fix is now available. The VRMF of this code level is 1.1.3.8 (or later) for the storage enclosure nodes (-AEx) and 7.4.0.4 for the control nodes (-ACx)| None| This vulnerability has been remediated in firmware versions 1.1.3.8 (-AEx) and 7.4.0.4 (-ACx) \n \n_For firmware versions released earlier than 1.1.3.8 for the storage enclosure nodes and 7.4.0.4 for the control nodes, IBM recommends upgrading to a fixed, supported version/release/platform of the product._ \n \n_For both enclosure types (-AEx & -ACx):_ \nYou should verify applying this fix does not cause any compatibility issues. The fix is being released with the fix to the Bar Mitzvah attack and so disables RC4 stream cipher in all cases and does not allow it to be re-enabled. Even so, if you change the security setting you will expose yourself to the BEAST attack described above. IBM recommends that you review your entire environment to identify levels of SSL protocol being used. \n \nThe system is vulnerable until all enclosures have their SSL protocol level is set to 3 using \u201cchsecurity\u201d. \n \n_For the control nodes (-ACx): _ \nOnce you have upgraded the system you should use the CLI command \u201clssecurity\u201d to determine the current minimum level of SSL protocol allowed. If it is less than level 3 (which allows only TLS 1.2 with ciphers exclusive to TLS 1.2) then modify it with CLI command \u201cchsecurity\u201d. This could cause systems connected to this system via SSL to stop working because they require upgrade or reconfiguration to allow them to use TLS 1.2 with exclusive ciphers. Upgrade those systems or use \u201cchsecurity\u201d again to reduce the minimum level this system uses until the connection works again. \n \n[_SAN Volume Controller 7.4 Knowledge Center - lssecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_lssecurity.html?lang=en>) \n[_SAN Volume Controller 7.4 Knowledge Centre - chsecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_chsecurity.html?lang=en>) \n \n_For the storage enclosures (-AEx):_ \nYou should verify applying this fix does not cause any compatibility issues. The fix is being released with the fix to the Bar Mitzvah attack and so disables RC4 stream cipher in all cases and does not allow it to be re-enabled. Even so, if you change the security setting you will expose yourself to the BEAST attack described above. IBM recommends that you review your entire environment to identify levels of SSL protocol being used. \n\nOnce you have upgraded the system with this fix you should use the CLI command:\n\nsvcinfo lssecurity\n\nto determine the current minimum level of SSL protocol allowed. If it is less than level 3 (which allows only TLS 1.2 with ciphers exclusive to TLS 1.2), then modify it with CLI command:\n\nsvctask chsecurity \u2013sslprotocol 3\n\nThis could cause systems connected to this system via SSL to stop working because they require upgrade or reconfiguration to allow them to use TLS 1.2 with exclusive ciphers. Upgrade those systems or use \u201csvctask chsecurity\u201d again to reduce the minimum level this system uses until the connection works again.\n\n_For firmware versions released earlier than 1.1.3.8, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n \n \n[_Link to FlashSystem V840 fixes_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash+high+availability+systems&product=ibm/StorageSoftware/IBM+FlashSystem+V840&release=All&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:28", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL and TLS protocols affect the IBM FlashSystem V840 (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2018-06-18T00:09:28", "id": "DDCE3DF1C0F2F3507A59F94E81A8ADEA101DC8CB5DCFAEE3754B7E7CBB0C41CB", "href": "https://www.ibm.com/support/pages/node/690445", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:50:01", "description": "## Summary\n\nSecurity Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS (BEAST) Mitigations (CVE-2011-3389)\n\n## Vulnerability Details\n\n## Summary\n\nThe SSL 3.0 and TLS 1.0 protocols when used with Cipher Block Chaining (CBC) mode with chained initialization vectors may allow man-in-the-middle attackers to obtain plaintext HTTP headers.\n\n## Content\n\n**Vulnterability Details**\n\n**Product** | **Affected Versions** \n---|--- \nIBM Flex System Integrated Management Module v2 (IMM2) | 1.00 to 2.00 \nIBM System x Integrated Management Module v2 (IMM2) | 1.00 to 2.50 \nIBM Flex System Chassis Management Module (CMM) | 1.00 to 1.40.2Q \n(2PET10A to 2PET10Q) \nIBM Flex System Manager (FSM) | 1.0.0 to 1.3.0 \nIBM BladeCenter Advanced Management Module (AMM) | 1.00 to 3.64g \n(BPET64G) \n \n## \n\n**CVE ID:** [CVE-2011-3389](<https://vulners.com/cve/CVE-2011-3389>)\n\n**Description:**\n\nThe SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack. (From the [National Vulnerability Database](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389>))\n\nCVSS: \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/70069> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\nList the affected versions/releases/platforms, as best possible.\n\n * Flex System Chassis Management Module, Option part number 68Y7029\n * Flex System Enterprise Chassis, type 7893, any model\n * Flex System Enterprise Chassis, type 8721, any model\n * Flex System Enterprise Chassis, type 8724, any model\n * Flex System x220 Compute Node, Types 7906, 2585, any model\n * Flex System x240 Compute Node, Types 8737, 8738, 7863, any model\n * Flex System x440 Compute Node, Type 7917, any model\n * Flex System Manager Node, Types 7955, 8731, 8734, any model\n * Flex System V7000 Dual Controller Storage Node, Type 4939, any model\n * System x3100 M4, Type 2582, any model\n * System x3250 M4,Type 2583, any model\n * System x3300 M4, Type 7382, any model\n * System x3500 M4, Type 7383, any model\n * System x3530 M4, Type 7160, any model\n * System x3550 M4, Type 7914, any model\n * System x3630 M4, Type 7158, any model\n * System x3630 M4 HD, Type 5466, any model\n * System x3650 M4, Type 7915, any model\n * System x3650 M4 HD, Type 5460, any model\n * System x3750 M4, Types 8722, 8733, 8752, any model\n * iDataPlex dx360 M4, Types 7912, 7913, any model\n * IBM System x iDataPlex Direct Water Cooled dx360 M4 server, Types 7918, 7919, any model\n * BladeCenter HS23, Types 7875, 1929, any model\n * BladeCenter HS23E, Types 8038, 8039, any model\n * IBM BladeCenter S\n * IBM BladeCenter H\n * IBM BladeCenter E\n * IBM BladeCenter HT\n * IBM Advanced Management module\n\n## Remediation:\n\nBrowsers contain a mitigation for this issue, as described below under \u201cMitigation(s).\u201d The following firmware versions also support TLS 1.2, which is not vulnerable to this issue. Firmware updates are available through [IBM Fix Central](<http://www.ibm.com/support/fixcentral>).\n\n**Product** | **Recommended Version** \n---|--- \nIBM Flex System Integrated Management Module v2 (IMM2) | 3.50 (1AOO50B) or newer \nIBM System x Integrated Management Module v2 (IMM2) | 3.65 (1AOO50D) or newer \nIBM Flex System Chassis Management Module (CMM) | v1.50.1F (2PET12F) or newer \nIBM Flex System Manager (FSM) | \n\n1.3.1 or newer \n \n \nIBM BladeCenter Advanced Management Module (AMM) | v3.66B or newer \n \nMany ports on the Integrated Management Module v2, Chassis Management Module, and Flex System Manager can be restricted to use only the TLS 1.2 version of the SSL/TLS protocol. For additional information please see the following document: [ http://pic.dhe.ibm.com/infocenter/flexsys/information/index.jsp?topic=%2Fcom.ibm.acc.8731.doc%2Fusing_tls12.html](<http://pic.dhe.ibm.com/infocenter/flexsys/information/index.jsp?topic=%2Fcom.ibm.acc.8731.doc%2Fusing_tls12.html>) Please note that when using the firmware versions listed above configuring the Chassis Management Module automatically configures any Integrated Management Module v2 and Power Service Processor in the chassis. The instructions given for configuring the IMM2 are only required for IMM2 outside the IBM Flex Systems chassis.\n\n## Workaround\n\nNone\n\n## Mitigation\n\nMozilla Firefox, Internet Explorer, Google Chrome, and Opera contain a browser-side mitigation for this issue. It is known as the 1/n-1 splitting mitigation. Communication between browsers and servers is protected as long as the system with the browser has an up-to-date version of Java and up to date version of Mozilla Firefox, Internet Explorer, Google Chrome, or Opera. If using Internet Explorer, it\u2019s also important to have the appropriate Windows patch, as described here: <http://technet.microsoft.com/en-us/security/bulletin/ms12-006> In other words, if all users who access the system have up to date software, the connection to the system is not vulnerable to this attack. Consult Java and browser documentation for specific information regarding which patches should be applied or which version should be used.\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n * <http://xforce.iss.net/xforce/xfdb/70069>\n\n## Related Information:\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www-304.ibm.com/connections/blogs/PSIRT/?lang=en_us>) \n \n \n\n\n## Acknowledgement\n\nNone \n \n\n\n## Change History\n\n10 September 2013: Original copy published \n06 December 2013:\u00c2 Added information regarding additional affected products \n10 January 2014: Added information regarding additional affected products and the feature to restrict to TLS 1.2.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.\n\n**Note:** According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2022-05-16T16:03:13", "type": "ibm", "title": "Security Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS (BEAST) Mitigations (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2022-05-16T16:03:13", "id": "30CDD497090F8940455238317492E01063AFC3CC537C3C8827026D302DFD0F4B", "href": "https://www.ibm.com/support/pages/node/863100", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:51:44", "description": "## Summary\n\nBrowser Exploit Against SSL/TLS (a.k.a. BEAST) vulnerability is observed. In TLS 1.0 and earlier, it is possible to predict the Initialization Vector (IV) of the block cipher encryption. This allows a man-in-the-middle attacker to guess the plaintext being encrypted. The affected products are in TLS 1.0 and earlier.\n\n## Vulnerability Details\n\n** Third Party Entry: **PSIRT-ADV0016851 \n** DESCRIPTION: ** \nCVSS Base score: 4.7 \nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nTNPM Wireline| 1.4.0 \nTNPM Wireline| 1.4.1 \nTNPM Wireline| 1.4.2 \nTNPM Wireline| 1.4.3 \nTNPM Wireline| 1.4.4 \nTNPM Wireline| 1.4.5 \n \n\n\n## Remediation/Fixes\n\nThis issue can be addressed by disabling TLS below version TLSv1.2 and just keep TLSv1.2 \n\n 1. Modify this file:\n\n\u2026/IBM/WebSphere/AppServer/products/sklm/config/SKLMConfig.properties \n \nLook for property \nTransportListener.ssl.protocols = SSL_TLS \nUpdate the property to have value TLSv1.2, as shown below: \nTransportListener.ssl.protocols=TLSv1.2 \n \nThis will only enable TLS version 1.2. \nSave the file\n\n 2. Log in to WAS Admin Console.\n\nSecurity > 'SSL certificate and key management > SSL configurations > NodeDefaultSSLSettings > Quality of protection (QoP) settings'. \nWAS GUI - Security > SSL certificate and key management, and under Related Items, click SSL configurations. \nSelect each SSL Configuration described below, like NodeDefaultSSLSettings - Quality of protection (QoP) settings under Additional Properties \u2013 Protocol \u2013 select desired protocol: TLSv1.2 - Apply and Save.\n\n 3. Modify this file:\n\n.../IBM/WebSphere/AppServer/profiles/KLMProfile/properties/ssl.client.props \nLook for property \n'com.ibm.ssl.protocol' \n \nUpdate the property to have value TLSv1.2, as shown below: \ncom.ibm.ssl.protocol=TLSv1.2 \n \nSave the file\n\n 4. Restart WebSphere Server. \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-08-25T12:33:00", "type": "ibm", "title": "Security Bulletin: BEAST security vulnerability in IBM Tivoli Netcool Performance Manager for Wireline( CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2020-08-25T12:33:00", "id": "2E6D778793B990B68E72041D95DBC2B227927F08D97BCA9E118EC96F940B7A01", "href": "https://www.ibm.com/support/pages/node/6322533", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-06T17:37:01", "description": "## Summary\n\nEarlier versions of the Transport Layer Security (TLS) protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. Customers can avoid the vulnerability byfollowing workarounds recommended by IBM.\n\n## Vulnerability Details\n\n## Abstract\n\nEarlier versions of the Transport Layer Security (TLS) protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. \nCustomers can avoid the vulnerability by following workarounds recommended by IBM. \n\n\n## Content\n\n**VULNERABILITY DETAILS:** \n\n\n**CVE ID:** CVE-2011-3389 \n\n**DESCRIPTION:**\n\nA potential vulnerability has been identified in older versions of the Transport Layer Security (TLS, formerly known as Secure Socket Layer or SSL) protocol that may be utilized by the Browser-Based Interface (BBI) feature in IBM Networking Operating System (NOS) (formerly known as BLADE Operating System). NOS runs on IBM System Networking Ethernet switches (as well as legacy Blade Network Technology (BNT) Ethernet switches). Because BBI is the only feature in NOS to use the TLS protocol as of the date of this bulletin, Customers who do not run BBI on their IBM Ethernet switches are not impacted by this vulnerability. It is possible that future NOS features could use TLS protocols; there are instructions on how to avoid the vulnerability in such situations in the \u201cWorkaround\u201d section below.\n\nThis attack against the TLS protocol is also known as BEAST, and it exploits the use of chained initialization vectors in early versions of the protocol. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt TLS sessions and obtain sensitive information such as user authentication cookies that could be further leveraged to obtain sensitive information such as account credentials. The attack does not require local network access or physical access to the network and is therefore remotely exploitable, but specialized knowledge and techniques are required to execute this attack. A successful exploit will not impact integrity or availability of transmitted data, but the confidentiality of network traffic may be affected, although the attacker would not be able to control what data are accessed.\n\nSSLv3 and TLS 1.0 are the older versions of this protocol that are susceptible to this vulnerability; newer versions of TLS \u2013 1.1 and 1.2 \u2013 are not. IBM NOS has supported TLS 1.1 and 1.2 since NOS version 6.7, but even these recent versions of NOS continue to support SSLv3 and TLS 1.0 as well. Therefore, even recent versions of NOS that support TLS 1.1 and 1.2 may be susceptible to this vulnerability if a user uses the switch to communicate with TLS peers that only support the older vulnerable versions of the protocol.\n\n**CVSS v2 Base Score:** 4.3 \n**CVSS Environmental Score*:** Undefined\n\n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**AFFECTED PRODUCTS AND VERSIONS:**\n\nThis vulnerability potentially affects all IBM System Networking Ethernet switches and legacy BNT Ethernet switches (including those used in IBM Flex Systems and IBM BladeCenter products). This includes versions and releases that are no longer in support.\n\n**REMEDIATION:**\n\nNone.\n\n**WORKAROUND:**\n\nCustomers can avoid this vulnerability altogether by not using the BBI feature on their IBM Ethernet switches; instead, customers would use Secure Shell (SSH) to administer the device via command line. IBM recommends that customers running versions of NOS that are older than NOS 6.7 not use BBI, as those versions of NOS do not support TLS 1.1 and 1.2. IBM recommends that customers running NOS 6.7 or later on their IBM Ethernet switches who want to continue using BBI do so to communicate only with Web browsers that also support TLS 1.1 and 1.2. Similarly, to the extent any future NOS features use the TLS protocol, IBM recommends that customers use those features only to communicate with TLS peers that also support TLS 1.1 and 1.2.\n\n**MITIGATION:**\n\nNone.\n\n \n**REFERENCES:**\n\n * [_Complete CVSS Guide_](<http://www.first.org/cvss/cvss-guide.html>)\n * [_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n * [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>)\n * [X-Force Vulnerability Database](<http://xforce.iss.net/xforce/xfdb/70069>)\n \n**RELATED INFORMATION:** [_ IBM Secure Engineering Web Portal_](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**CHANGE HISTORY:**\n\n \n<October 10, 2013>: Original Copy Published.\n\n \n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. \n\nNote: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2023-04-14T14:32:25", "type": "ibm", "title": "Security Bulletin: Vulnerability in Transport Layer Security Protocol\n Used in IBM System Networking Ethernet Switches (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2023-04-14T14:32:25", "id": "5EFA13785CC30ADD58A09C8067C048A172DF46A415459750DB97A4B2E8C6095E", "href": "https://www.ibm.com/support/pages/node/863230", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:47:17", "description": "## Summary\n\nSSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the \u201cBEAST\u201d attack. SSL protocol is used by SAN Volume Controller and Storwize Family.\n\n## Vulnerability Details\n\n**CVE-ID**: [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>) \n \n**DESCRIPTION**: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols when using a Cipher-Block Chaining (CBC) based cryptographic algorithm. By persuading a victim to visit a Web site, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt HTTPS sessions and obtain sensitive information. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [**_http://xforce.iss.net/xforce/xfdb/70069_**](<http://xforce.iss.net/xforce/xfdb/70069>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n\n## Affected Products and Versions\n\nIBM SAN Volume Controller \nIBM Storwize V7000 \nIBM Storwize V5000 \nIBM Storwize V3700 \nIBM Storwize V3500 \n \nAll products are affected when running supported releases 1.1 to 7.3. Release 7.4 is not affected once the minimum SSL protocol level has been set (see below).\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500 to the following code levels or higher: \n \n7.3.0.10 \n7.4.0.4 \n \n[_Latest SAN Volume Controller Code_](<http://www-01.ibm.com/support/docview.wss?rs=591&uid=ssg1S1001707>) \n[_Latest Storwize V7000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003705>) \n[_Latest Storwize V5000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004336>) \n[_Latest Storwize V3700 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004172>) \n[_Latest Storwize V3500 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004171>) \n \nIf running 7.4.0.0 code before 7.4.0.4, please run one of the following commands ... \n \nchsecurity -sslprotocol 2 \nchsecurity -sslprotocol 3 \n \n[_SAN Volume Controller 7.4 Knowledge Centre - chsecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_chsecurity.html?lang=en>) \n \nThe default SSL protocol in 7.4.0.4 and 7.3.0.10 is not vulnerable and so running chsecurity not necessary. \n \nIBM recommends that you review your entire environment to identify levels of SSL protocol being used.\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2022-08-20T00:54:31", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2022-08-20T00:54:31", "id": "4BED10A9B77647D47155BEF6AEAE7754FE7B1E83A7CC5B95FC30366FA2805FDD", "href": "https://www.ibm.com/support/pages/node/690173", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:44:34", "description": "## Abstract\n\nEarlier versions of the Transport Layer Security (TLS) protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. Customers can avoid the vulnerability by following workarounds recommended by IBM.\n\n## Content\n\n**VULNERABILITY DETAILS:**\n\n \n**CVE ID****:** CVE-2011-3389 \n\n**DESCRIPTION:**\n\nA potential vulnerability has been identified in older versions of the Transport Layer Security (TLS, formerly known as Secure Socket Layer or SSL) protocol that may be utilized by the Browser-Based Interface (BBI) feature in IBM Networking Operating System (NOS) (formerly known as BLADE Operating System). NOS runs on IBM System Networking Ethernet switches (as well as legacy Blade Network Technology (BNT) Ethernet switches). Because BBI is the only feature in NOS to use the TLS protocol as of the date of this bulletin, Customers who do not run BBI on their IBM Ethernet switches are not impacted by this vulnerability. It is possible that future NOS features could use TLS protocols; there are instructions on how to avoid the vulnerability in such situations in the \u201cWorkaround\u201d section below. \n\nThis attack against the TLS protocol is also known as BEAST, and it exploits the use of chained initialization vectors in early versions of the protocol. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt TLS sessions and obtain sensitive information such as user authentication cookies that could be further leveraged to obtain sensitive information such as account credentials. The attack does not require local network access or physical access to the network and is therefore remotely exploitable, but specialized knowledge and techniques are required to execute this attack. A successful exploit will not impact integrity or availability of transmitted data, but the confidentiality of network traffic may be affected, although the attacker would not be able to control what data are accessed. \n\nSSLv3 and TLS 1.0 are the older versions of this protocol that are susceptible to this vulnerability; newer versions of TLS \u2013 1.1 and 1.2 \u2013 are not. IBM NOS has supported TLS 1.1 and 1.2 since NOS version 6.7, but even these recent versions of NOS continue to support SSLv3 and TLS 1.0 as well. Therefore, even recent versions of NOS that support TLS 1.1 and 1.2 may be susceptible to this vulnerability if a user uses the switch to communicate with TLS peers that only support the older vulnerable versions of the protocol. \n\n**CVSS v2 Base Score:** 4.3 \n**CVSS Environmental Score***: Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**AFFECTED PRODUCTS AND VERSIONS:**\n\nThis vulnerability potentially affects all IBM System Networking Ethernet switches and legacy BNT Ethernet switches (including those used in IBM Flex Systems and IBM BladeCenter products). This includes versions and releases that are no longer in support. \n\n**REMEDIATION:**\n\nNone.\n\n**WORKAROUND:**\n\nCustomers can avoid this vulnerability altogether by not using the BBI feature on their IBM Ethernet switches; instead, customers would use Secure Shell (SSH) to administer the device via command line. IBM recommends that customers running versions of NOS that are older than NOS 6.7 not use BBI, as those versions of NOS do not support TLS 1.1 and 1.2. \n\nIBM recommends that customers running NOS 6.7 or later on their IBM Ethernet switches who want to continue using BBI do so to communicate only with Web browsers that also support TLS 1.1 and 1.2. Similarly, to the extent any future NOS features use the TLS protocol, IBM recommends that customers use those features only to communicate with TLS peers that also support TLS 1.1 and 1.2. \n\n**MITIGATION:**\n\nNone.\n\n \n**REFERENCES:**\n\n[\u00b7 _Complete CVSS Guide_](<http://www.first.org/cvss/v2/guide>) \n[\u00b7 _On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[\u00b7 _CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>) \n[\u00b7 _X-Force Vulnerability Database_](<http://xforce.iss.net/xforce/xfdb/70069>)\n\n**RELATED INFORMATION:**\n\n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>)\n\n**CHANGE HISTORY:**\n\n<October 10, 2013>: Original Copy Published.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. \n\nNote: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Product\":{\"code\":\"SG9VJE\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8264T\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SG9VCJ\",\"label\":\"Power System G Series Rackswitch\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}},{\"Product\":{\"code\":\"SGLV6E\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8052- 7309, 1455\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SGLV7C\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8124, 8124E - 7309, 0446, 1455\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SGLV3H\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8264-7309, 0446, 1455\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SG9VCJ\",\"label\":\"Power System G Series Rackswitch\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}},{\"Product\":{\"code\":\"SGLUET\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8316\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {}, "published": "2022-09-26T22:21:32", "type": "ibm", "title": "Security Bulletin: Vulnerability in Transport Layer Security Protocol Used in IBM System Networking Ethernet Switches (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2022-09-26T22:21:32", "id": "269B504D34D7B9BDD776A87F2BEC62D1CD4CA692AD0765FE50BEF0B6FFC0283F", "href": "https://www.ibm.com/support/pages/node/677963", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-09-09T11:26:01", "description": "## Summary\n\nSecurity Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)\n\n## Vulnerability Details\n\n## Security Bulletin \n \n--- \n \nSummary \n--- \n \nSSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the \u201cBEAST\u201d attack. SSL protocol is used by SAN Volume Controller and Storwize Family.\n\n## Vulnerability Details \n \n--- \n \n**CVE-ID**: [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>) \n \n**DESCRIPTION**: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols when using a Cipher-Block Chaining (CBC) based cryptographic algorithm. By persuading a victim to visit a Web site, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt HTTPS sessions and obtain sensitive information. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [**_http://xforce.iss.net/xforce/xfdb/70069_**](<http://xforce.iss.net/xforce/xfdb/70069>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions \n \n--- \n \nIBM SAN Volume Controller \nStorwize V7000 for Lenovo \nStorwize V5000 for Lenovo \nStorwize V3700 for Lenovo \nStorwize V3500 for Lenovo \n \nAll products are affected when running supported releases 1.1 to 7.3. Release 7.4 is not affected once the minimum SSL protocol level has been set (see below).\n\n## Remediation/Fixes \n \n--- \n \nLenovo recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, Storwize V7000, V5000, V3700 and V3500 for Lenovo to the following code level or higher: \n \n7.4.0.0 \n \n[ _Latest SAN Volume Controller Code_](<http://www-01.ibm.com/support/docview.wss?rs=591&uid=ssg1S1001707>) \n[_Latest Storwize V7000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003705>) \n[_Latest Storwize V5000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004336>) \n[_Latest Storwize V3700 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004172>) \n[_Latest Storwize V3500 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004171>) \n \nOnce you have upgraded the system you should use the CLI command \u201clssecurity\u201d to determine the current minimum level of SSL protocol allowed. If it is less than level 3 (which allows only TLS 1.2 with ciphers exclusive to TLS 1.2) then modify it with CLI command \u201cchsecurity\u201d. This could cause systems connected to this system via SSL to stop working because they require upgrade or reconfiguration to allow them to use TLS 1.2 with exclusive ciphers. Upgrade those systems or use \u201cchsecurity\u201d again to reduce the minimum level this system uses until the connection works again. \n \nThe system is vulnerable until its SSL protocol level is set to 3 using \u201cchsecurity\u201d. \n \n[ _SAN Volume Controller 7.4 Knowledge Center - lssecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_lssecurity.html?lang=en>) \n[ _SAN Volume Controller 7.4 Knowledge Centre - chsecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_chsecurity.html?lang=en>) \n \nLenovo recommends that you review your entire environment to identify levels of SSL protocol being used.\n\n## Workarounds and Mitigations \n \n--- \n \nAlthough Lenovo recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2023-03-29T01:48:02", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2023-03-29T01:48:02", "id": "54F08A3E75F1334BAEA6B9D028356C7A554BD574E0B0139E6023C9756DA9A6B6", "href": "https://www.ibm.com/support/pages/node/865966", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:37:36", "description": "## Summary\n\nPrevious releases of IBM Rational Automation Framework are affected by a vulnerability in Java that may allow remote attackers to execute plaintext-recovery attacks.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n \n**CVE ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n** \nDescription: **Unspecified vulnerability in IBM Java Runtime Environment may allow remote attackers to conduct distinguishing attacks and plaintext-recovery via statistical analysis of timing data for crafted packets. \n \nNote that despite the public disclosure, the issue is largely theoretical and very difficult to exploit in real world scenarios. \n_ \n_**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational Automation Framework 3.0.1 and earlier on all supported platforms.\n\n## Remediation/Fixes\n\nUpgrade to [Rational Automation Framework Fix Pack 1 (3.0.1.1) for 3.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24035725>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:48:04", "type": "ibm", "title": "Security Bulletin: Java Vulnerability in Rational Automation Framework (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-06-17T04:48:04", "id": "17F2DE1F272EBF8E1F0E16B3A3D0C121D7F53002360A33B2E318E8910C665E9D", "href": "https://www.ibm.com/support/pages/node/234127", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:05", "description": "## Abstract\n\nThe IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. Oracle has released April 2013 critical patch updates (CPU) which contain security vulnerability fixes and the IBM Java SDK that WebSphere Partner Gateway ships is affected.\n\n## Content\n\n**VULNERABILITY DETAILS** \n \nCVE-2013-0169 - The TLS protocol does not properly consider timing side-channel attacks, which could allow remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**DESCRIPTION:** \nThis Security Bulletin addresses the security vulnerabilities that have shipped with the IBM SDK and is part of the Oracle April 2013 critical patch updates (CPU). For details on these updates please refer to the Reference section of this bulletin. \n \n**Versions Affected.** \n \nWebSphere Partner Gateway Express Edition Versions 6.0 through 6.0.0.3 \n \n \n**REMEDIATION: **\n\nWebSphere Application Server JRE has to be updated to 1.4.2 SR13-FP17. Please contact IBM support to avail the IFix.\n\n**REFERENCES: **\n\n* [_IBM Security Alerts_](<http://www.ibm.com/developerworks/java/jdk/alerts>)\n* [_Oracle Java SE Critical Patch Update Advisory - April 2013_](<http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html>)\n* [_Java on IBM i_](<https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en>)\n* [_Complete CVSS Guide _](<http://www.first.org/cvss/v2/guide>)\n* [_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n* [_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) [_xforce.iss.net/xforce/xfdb/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)\n* [_WebSphere Application Server Recommended Fixes Page _](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n\n**RELATED INFORMATION: **\n\n \nNone \n \n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSDKML\",\"label\":\"WebSphere Partner Gateway - Express\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"6.0.0.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Express for the Oracle CPU April 2013.", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "476070037D8C6B95A023CADE7B7B8E36D86FE85A0AE9BDFC8D5FB131FC5DB6F9", "href": "https://www.ibm.com/support/pages/node/230325", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:37:38", "description": "## Summary\n\nSSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169)\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVEID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>)\n\n \n \n**Description:** \nA weakness in the handling of CBC cipher suites in SSL, TLS and DTLS exploits timing differences arising during MAC processing. OpenSSL versions affected include 1.0.1c, 1.0.0j and 0.9.8x. \n\n**Note: ** This vulnerability is only partially mitigated when OpenSSL is used in conjunction with the OpenSSL FIPS Object Module and the FIPS mode of operation is enabled.\n\n \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> for the current score. \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Rational Build Forge version 8.0 and all earlier versions.\n\n## Remediation/Fixes\n\nUpgrade to [Rational Build Forge Fix Pack 1 (8.0.0.1) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24035921>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:47:31", "type": "ibm", "title": "Security Bulletin: Rational Build Forge Security Advisory (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-06-17T04:47:31", "id": "B2A692687E0D397416E3549B4377E5B3319BF086A451607250B307F6DEECCF53", "href": "https://www.ibm.com/support/pages/node/231539", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:37:35", "description": "## Summary\n\nThe IBM GSKit component used in Rational RequisitePro is susceptible to a Transport Layer Security protocol vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVEID: **[CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n \n**Description: **The IBM GSKit component used in Rational RequisitePro is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets. \n \nThe IBM GSKit is used if RequisitePro is configured to use LDAP authentication using SSL. If your RequisitePro deployment is not using LDAP configured with SSL, then your deployment is not sensitive to this attack when authenticating to the LDAP server. \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector: **(AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational RequisitePro 7.1.1.x \nRational RequisitePro 7.1.2.x \nRational RequisitePro 7.1.3.7 and previous versions \nRational RequisitePro 7.1.4.0\n\n## Remediation/Fixes\n\nUpgrade to one of the below versions of IBM Rational RequisitePro \n\n * 7.1.4.x: [Rational RequisitePro Fix Pack 1 (7.1.4.1) for 7.1.4](<http://www.ibm.com/support/docview.wss?uid=swg24035667>)\n * 7.1.3.x: [Rational RequisitePro Fix Pack 8 (7.1.3.8) for 7.1.3](<http://www.ibm.com/support/docview.wss?uid=swg24035666>)\n * 7.1.2.x: Upgrade to 7.1.3.8 or 7.1.4.1\n * 7.1.1.x: Upgrade to 7.1.3.8 or 7.1.4.1\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:48:08", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Rational RequisitePro with a potential for a TLS attack (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-06-17T04:48:08", "id": "3258D879016CCEB97F8F543943D502B2C423771C5D452641CB88919F035248B5", "href": "https://www.ibm.com/support/pages/node/234337", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T21:26:04", "description": "## Abstract\n\nDownload an update to the TS3400 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL.\n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \nA security vulnerability was found in OpenSSL version 1.0.1c (along with other earlier versions). For a complete list of OpenSSL Vulnerabilities by version, please refer to: [_http://www.openssl.org/news/vulnerabilities.html_](<http://www.openssl.org/news/vulnerabilities.html>) \n \nThe IBM TS3400 tape library firmware has been updated to contain a newer version of OpenSSL. \n \n**CVEID: **CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nAll TS3400 tape libraries with firmware versions lower than 0040. \n \n**REMEDIATION: ** \nThe recommended solution involves applying the fix, which is contained in firmware version 0040 and above. The fix remediates the vulnerability by updating OpenSSL to version 1.0.1d. \n \n**Fix:** \nApply firmware version 0040 or later, available from IBM Fix Central [_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>) \n \n**Workaround(s):** \nNone \n \n**Mitigation(s):** \nConnect the library directly to a workstation or private network that is trusted (i.e., access to the workstation or network is controlled or limited to persons that would all have administrator privileges or persons that can be trusted not to attempt to hack into the library). \n \n**REFERENCES**\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/v2/guide>)\n * [__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _\n * [__CVE-2013-0169____ __](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>)\n * _X-Force Vulnerability Database_ [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>)\n * **RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**ACKNOWLEDGEMENT** \nNone \n \n**CHANGE HISTORY** \n14 June 2013: Original Copy Published \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"STCDUHL\",\"label\":\"Tape systems-\\u003ETS3400 Tape Library (3577)\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Not Applicable\",\"Edition\":\"Standard\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {}, "published": "2022-09-26T04:23:14", "type": "ibm", "title": "Security Bulletin: IBM TS3400 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-26T04:23:14", "id": "C53887B5065E8CBF2E75B8207E4CC5546F907715375F0C60DDEEACFD8829F5D5", "href": "https://www.ibm.com/support/pages/node/689221", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-24T05:56:37", "description": "## Abstract\n\nGSKit is used by IBM DB2 for SSL support. The version of GSKit iused by DB2 is vulnerable to the \u201cLucky Thirteen\u201d security vulnerability. By default, DB2 does not use SSL for client-server communication and therefore DB2 is vulnerable only if SSL is enabled.\n\n## Content\n\n**VULNERABILITY DETAILS** \n \n \n**CVE ID: CVE-2013-0169** \n \n**Description:** \n \nThe Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit may impact the confidentiality of information but the integrity of data, or the availability of the system would not be compromised. \n \n \n**CVSS:** \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PLATFORMS:** \n \nThe following IBM DB2 and DB2 Connect V9.1, V9.5, V9.7 and V10.1 editions running on AIX, Linux, HP, Solaris and Windows. \n \nIBM\u00ae DB2\u00ae Express Edition \nIBM\u00ae DB2\u00ae Workgroup Server Edition \nIBM\u00ae DB2\u00ae Enterprise Server Edition \nIBM\u00ae DB2\u00ae Advanced Enterprise Server Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Application Server Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Enterprise Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Unlimited Edition for System i\u00ae \nIBM\u00ae DB2\u00ae Connect\u2122 Unlimited Edition for System z\u00ae \n \nThe following IBM V9.8 editions running on AIX and Linux: \n \nIBM\u00ae DB2\u00ae pureScale\u2122 Feature for Enterprise Server Edition \n \n \n**REMEDIATION: ** \n \nThe recommended solution is to apply the appropriate fix for this vulnerability. \n \n \n**FIX:** \nThe fix for this vulnerability is available for download for DB2 and DB2 Connect release V9.7 FP9 and V10.1 FP3a/FP4. \n \nFor DB2 and DB2 Connect V9.5 and V9.8, the fix is planned to be made available in future fix packs. \n \nDB2 and DB2 Connect V9.1 are no longer supported and therefore no patch will be made available. Please upgrade to a supported version of DB2 or DB2 Connect, as applicable, and apply the fix. Customers who have an extended support contract for this version may contact support to request a fix under the terms of their contract. \n \nA special build with an interim patch for this issue may be requested for DB2 and DB2 Connect V9.5 FP9 & FP10 and V9.8 FP5. Please contact your service representative to request the special build and reference the APAR number for the release you want. \n\n\n \n**Release**| **APAR**| **Download URL** \n---|---|--- \nV9.5 | [_IC90385_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90385>)| Not available. Please contact technical support. \nV9.7 FP9 | [_IC90395_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90395>)| <http://www.ibm.com/support/docview.wss?uid=swg24036646> \nV9.8| [_IC90396_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90396>)| Not available. Please contact technical support. \nV10.1 FP3a| [_IC90397_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90397>)| <http://www.ibm.com/support/docview.wss?uid=swg24037557> \nV10.1 FP4| [_IC90397_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC90397>)| <http://www.ibm.com/support/docview.wss?uid=swg24037466> \n \n \n \n**Contact Technical Support:**\n\nIn the United States and Canada dial **1-800-IBM-SERV** \nView the support [_contacts for other countries_](<http://www.ibm.com/planetwide/>) outside of the United States. \nElectronically [_open a Service Request_](<http://www.ibm.com/software/data/db2/support/db2_9/probsub.html>) with DB2 Technical Support. \n\n \n \n \n\n\n**WORKAROUND:**\n\nNone.\n\n \n\n\n**MITIGATION:**\n\nNone.\n\n \n \n \n**REFERENCES**: \n[\uf0b7__Complete CVSS v2 Guide__](<http://www.first.org/cvss/v2/guide>) \n[\uf0b7__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[\uf0b7__X-Force Vulnerability Database - 81902__](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[\uf0b7__CVE-2013-0169__](<https://vulners.com/cve/CVE-2013-0169>) \n \n \n[](<http://www.appsecinc.com/resources/alerts/>) \n**CHANGE HISTORY: ** \nMay 31, 2013: Original version published. \nDecember 16, 2013: Added V9.7 FP9 download URL. \nMarch 19, 2014: Updated V10.1 special build fix pack level to FP2 & FP3. \nJune 6, 2014: Updated V10.1 FP3a and FP4 download URL. \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS_ \n \n**_Note:_**_ IBM\u2019s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM\u2019s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion._\n\n[{\"Product\":{\"code\":\"SSEPGG\",\"label\":\"Db2 for Linux, UNIX and Windows\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\"Security \\/ Plug-Ins - Security Vulnerability\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"9.8;9.7;9.5;9.1;10.1\",\"Edition\":\"Advanced Enterprise Server;Enterprise Server;Express;Express-C;Personal;Workgroup Server\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}},{\"Product\":{\"code\":\"SSEPDU\",\"label\":\"Db2 Connect\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2022-09-25T23:13:40", "type": "ibm", "title": "Security Bulletin: IBM DB2 is impacted by a vulnerability in the IBM GSKit library (CVE-2013-0169).", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T23:13:40", "id": "AD3DEE6A50AC4F6651955CE510E56DC0170683854BF573E9389CCA2769B638B1", "href": "https://www.ibm.com/support/pages/node/494939", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:37:36", "description": "## Summary\n\nThe IBM GSKit component used in Rational ClearQuest is susceptible to a Transport Layer Security protocol vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVE ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n \n**Description: **The IBM GSKit component used in Rational ClearQuest is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets. \n \nThe IBM GSKit is used if ClearQuest is configured to use LDAP authentication using SSL. If your ClearQuest deployment is not using LDAP configured with SSL, then your deployment is not sensitive to this attack when authenticating to the LDAP server. \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational ClearQuest Web 7.1 through 7.1.2.10, 8.0 through 8.0.0.7, and 8.0.1\n\n## Remediation/Fixes\n\nUpgrade to one of the below versions of IBM Rational ClearQuest \n\n * [Rational ClearQuest Fix Pack 1 (8.0.1.1) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24035656>)\n * [Rational ClearQuest Fix Pack 8 (8.0.0.8) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24035654>)\n * 7.1.2.12: Upgrade to either 8.0.0.8 or 8.0.1.1 [](<http://www.ibm.com/support/docview.wss?&uid=swg24035652>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:47:41", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Rational ClearQuest with potential for TLS Attack (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-06-17T04:47:41", "id": "BC14F6832E7A855373319126E5CF0A69CAAC1369B245AE25C03158E47AD57D0A", "href": "https://www.ibm.com/support/pages/node/232691", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-24T05:56:18", "description": "## Abstract\n\nThe Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \nCVE-2013-0169 \n \n**DESCRIPTION: ** \n \nA weakness in the handling of cipher-block chaining (CBC) ciphersuites in Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) could lead to plaintext recovery of sensitive information by exploiting timing differences arising during message authentication codes (MAC) processing. The CVSS score is based on IBM X-Force rankings, which sets the access complexity for this vulnerability as Medium. \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit may impact the confidentiality of information but the integrity of data, or the availability of the system would not be compromised. \n \n**CVEID:** \nCVE-2013-0169 \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \n**_CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_** \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nPRODUCT VERSIONS AFFECTED \n \n\n\nPRODUCT version| GSKit Version \n---|--- \nTivoli Directory Server V6.0 \nTivoli Directory Server V6.1 \nTivoli Directory Server V6.2| GSKit 7.0 \nTivoli Directory Server V6.3| GSKit 8.0 \n \n \n**REMEDIATION: ** \nThe vulnerability is fixed in the following versions of the IBM GSKit libraries. \n\n* GSKit v8 Common Criteria stream build 8.0.14.27\n* GSKit v8 service stream build 8.0.50.4\n* GSKit v7 service stream build 7.0.4.45\n \n \nTivoli Directory Server fixes for entitled customers on Fix Central provide access to the latest GSKit build available as of their publication. \n \nFor access to GSKit 8.0.14.27: \n* [_Upgrade to Tivoli Directory Server 6.3.0.22_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.3.0.22&platform=All&function=all>)\n \n \nFor access to GSKit 7.0.4.45: \n* [_Upgrade to Tivoli Directory Server 6.2.0.30_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.2.0.30&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.1.0.55_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.1.0.55&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.0.0.72_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.0.0.72&platform=All&function=all>)\n \n \n \n**_Workaround(s):_** \nNone \n \n**_Mitigation(s):_** \nNone \n \n**REFERENCES: **\n* [__Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>)\n* [__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n* [__CVE-2013-0169__](<https://vulners.com/cve/CVE-2013-0169>)\n* [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)\n* [_IBM Security Alerts_](<https://www.ibm.com/developerworks/java/jdk/alerts/>)\n* [_Upgrade to Tivoli Directory Server 6.3.0.22_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.3.0.22&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.2.0.30_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.2.0.30&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.1.0.55_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.1.0.55&platform=All&function=all>)\n* [_Upgrade to Tivoli Directory Server 6.0.0.72_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.0.0.72&platform=All&function=all>) \n\n \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n \n \n**ACKNOWLEDGEMENT** \nNone \n \n \n \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSVJJU\",\"label\":\"IBM Security Directory Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"6.0;6.1;6.2;6.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2022-09-26T05:45:55", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Directory Server can be affected by a vulnerability in the IBM GSKit library (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-26T05:45:55", "id": "236329FBB4C57928A51AF5989855EBBE8AEFC2496ED2345E1CE8C703B7EA9BD5", "href": "https://www.ibm.com/support/pages/node/493881", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:25:57", "description": "## Abstract\n\nCVE-2013-0169 - The Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \n \nCVE-2013-0169 \n**The Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. ** \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit may impact the confidentiality of information but the integrity of data, or the availability of the system would not be compromised. \n \n**CVEID:** \nCVE-2013-0169 \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> \nCVSS Environmental Score*: Undefined \n**_CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_** \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nTFIM v6.2, 6.2.1, 6.2.2 \nTFIMBG v6.2, 6.2.1, 6.2.2 \n \n**REMEDIATION: ** \nThe vulnerability is fixed in the following versions of the IBM GSKit libraries. \n \n\u2022 GSKit v7 service stream build 7.0.4.45 \n \nContact your IBM Level 2 support team to obtain the fixed version of the IBM GSKit library. \n \n**_Workaround(s):_** \nNone \n \n**_Mitigation(s):_** \nNone \n \n**REFERENCES: ** \n[\uf0b7 __Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>) \n[\uf0b7 __On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[\uf0b7 __CVE-2013-0169__](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n[\uf0b7 _https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[\uf0b7 _IBM Security Alerts_](<https://www.ibm.com/developerworks/java/jdk/alerts/>) \n \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n \n \n**ACKNOWLEDGEMENT** \nNone \n \n \n \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._ \n \n\n\n[{\"Product\":{\"code\":\"SSZSXU\",\"label\":\"Tivoli Federated Identity Manager\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"}],\"Version\":\"6.2;6.2.1;6.2.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}},{\"Product\":{\"code\":\"SS4J57\",\"label\":\"Tivoli Federated Identity Manager Business Gateway\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"6.2;6.2.1;6.2.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":null,\"label\":null}}]", "cvss3": {}, "published": "2022-09-25T23:13:40", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway can be affected by a vulnerability in the IBM GSKit library (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T23:13:40", "id": "76B052C00B7D3B7660A204A6BD72087C4E84FB5E8C7CEA95BE48BBACC2FC5AD0", "href": "https://www.ibm.com/support/pages/node/489993", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T17:45:45", "description": "## Summary\n\nThe Lucky Thirteen attack is a cryptographic timing attack against implementations of the Transport Layer Security (TLS) protocol that use the CBC mode of operation. An attacker could perform main in the middle attacks to successfully obtain plain text from the secure channel. \n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nTNPM Wireline| 1.4.0 \nTNPM Wireline| 1.4.1 \nTNPM Wireline| 1.4.2 \nTNPM Wireline| 1.4.3 \nTNPM Wireline| 1.4.4 \nTNPM Wireline| 1.4.5 \n \n## Remediation/Fixes\n\nRefer to the following security bulletin for vulnerability details and information about fixes addressed by WebSphere Application Server shipped with Tivoli Netcool Performance Manager for Wireline.\n\n<https://www.ibm.com/support/pages/node/227769>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-05-07T04:56:20", "type": "ibm", "title": "Security Bulletin: A security vulnerability in IBM Websphere affects IBM Tivoli Netcool Performance Manager for Wireline (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-0169"], "modified": "2020-05-07T04:56:20", "id": "FFCC3373408F02CC542763623853BD92D404CF7A56813566A2A692A6EC5C572D", "href": "https://www.ibm.com/support/pages/node/6206785", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-24T05:56:35", "description": "## Abstract\n\nPotential Security Exposure with IBM HTTP Server for WebSphere Application Server\n\n## Content\n\n**VULNERABILITY DETAILS: **\n\n**CVE ID: ****_CVE-2013-0169 (PM85211) _**** \n \nDESCRIPTION: **The TLS protocol in the GSKIT component of the IBM HTTP Server does not properly consider timing side-channel attacks, which could allow a remote attacker to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. ** \n \nCVSS:** _ \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_** \n \nAFFECTED VERSIONS: **This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: \n\u00b7 Version 8.5 \n\u00b7 Version 8 \n\u00b7 Version 7 \n\u00b7 Version 6.1 \n\n**REMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical \n\n**_Fix:_** Apply a Fix Pack or PTF containing this APAR PM85211, as noted below: \n\n**For affected versions of IBM HTTP Server for WebSphere Application Server:**\n\n**For V8.5.0.0 through 8.5.0.2 Full Profile:**\n\n* Apply Interim Fix [PM85211](<http://www-01.ibm.com/support/docview.wss?uid=swg24035061>)\n \n\\--OR-- \n* Apply Fix Pack 8.5.5.0 or later.\n\n** For V8.0.0.0 through 8.0.0.6:**\n\n* Apply Interim Fix [PM85211](<http://www-01.ibm.com/support/docview.wss?uid=swg24035061>)\n \n\\--OR-- \n* Apply Fix Pack 8.0.0.7 or later.\n* \n**For V7.0.0.0 through 7.0.0.27:**\n* Apply Interim Fix [PM85211](<http://www-01.ibm.com/support/docview.wss?uid=swg24035061>)\n \n\\--OR-- \n* Apply Fix Pack 7.0.0.29 or later.\n \n \n**For V6.1.0.0 through 6.1.0.45:**\n* Apply Interim Fix [PM85211](<http://www-01.ibm.com/support/docview.wss?uid=swg24035061>)\n \n\\--OR-- \n* Apply Fix Pack 6.1.0.47 or later.\n\n\u00b7 **_Workaround(s):_** None \n \n\u00b7 **_Mitigation(s):_** None\n\n \n \n**Important note: **IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [_System z Security web site_](<http://www-03.ibm.com/systems/z/solutions/security_subintegrity.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk. \n \n \nFor additional details and information on WebSphere Application Server product updates: \n* For Distributed, see [_Recommended fixes for WebSphere Application Server._](<http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n* For z/OS, see [_APAR/PTF Tables by version for IBM WebSphere Application Server for z/OS_](<http://www.ibm.com/support/docview.wss?uid=swg27006970>). \n \n\n\n**REFERENCES:**_ \n_[](<https://www-304.ibm.com/support/docview.wss?uid=swg21496117&wv=1>)[_\u00b7 ___Complete CVSS Guide__](<https://www.first.org/cvss/v2/guide>)_ _[](<http://www.first.org/cvss/cvss-guide.html>)_ __ \n_[_\u00b7 ___On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _[](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _ \n[](<https://www-304.ibm.com/support/docview.wss?uid=swg21496117&wv=1>)[_\u00b7 ___CVE-2013-0169__](<https://vulners.com/cve/CVE-2013-0169>)[](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-xxxx>)[](<http://www.first.org/cvss/cvss-guide.html>)_ _[_xforce.iss.net/xforce/xfdb/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)_ __ \n_\n\n \n \n \n\n\n**CHANGE HISTORY:** \n\u00b7 _30 May 2013: Original copy published_\n\n \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n**_ \nNote: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSEQTP\",\"label\":\"WebSphere Application Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Security\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"8.5;8.0;7.0;6.1\",\"Edition\":\"Base;Developer;Express;Network Deployment\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSEQTJ\",\"label\":\"IBM HTTP Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Base Server\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"8.5;8.0;7.0;6.1\",\"Edition\":\"All Editions\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-09-25T23:13:40", "type": "ibm", "title": "Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169 PM85211", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T23:13:40", "id": "3F34D8EA25B1CFED1F77BE0A29D70083D293CF0532267E430A4F453410CE1576", "href": "https://www.ibm.com/support/pages/node/491407", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:26:02", "description": "## Abstract\n\nCVE-2013-0169 - The Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \n \n**CVE-2013-0169** \nA weakness in the handling of cipher-block chaining (CBC) ciphersuites in Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) could lead to plaintext recovery of sensitive information by exploiting timing differences arising during message authentication codes (MAC) processing. The CVSS score is based on IBM X-Force rankings, which sets the access complexity for this vulnerability as Medium. \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit may have a limited impact on the confidentiality of information but neither the integrity of data nor the availability of the system would be compromised.** \n \n** \n**CVEID:** \nCVE-2013-0169 \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nIBM Tivoli Key Lifecycle Manager v1, v2 and v2.0.1 \n \n \n**REMEDIATION: ** \nApply the latest Interim Fix for the Websphere Application Server (WAS) v6.1 used with Tivoli Key Lifecycle Manager: \n[_PM87524: SHIP SDK 5 SR16 FP2 FOR WSAS V6.1.0.X_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034996>) \n \nMore information on this Interim Fix can be found in the following security bulletin: \n \n[_Security Bulletin: WebSphere Application Server - Oracle CPU April 2013_](<http://www-01.ibm.com/support/docview.wss?uid=swg21635983&myns=swgws&mynp=OCSSEQTP&mync=E>) \n \n \n \n**_Workaround(s):_** \nNone \n \n**_Mitigation(s):_** \nNone \n \n**REFERENCES: ** \n[\u00b7 __Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>) \n[\u00b7 __On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _ \n[\u00b7 __CVE-2013-0169__](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n[\u00b7 _https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[\u00b7 _PM87524: SHIP SDK 5 SR16 FP2 FOR WSAS V6.1.0.X_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034996>) \n[\u00b7 _Security Bulletin: WebSphere Application Server - Oracle CPU April 2013_](<http://www-01.ibm.com/support/docview.wss?uid=swg21635983&myns=swgws&mynp=OCSSEQTP&mync=E>) \n \n \n \n**RELATED INFORMATION: ** \n[\u00b7 _IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[\u00b7 _IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**ACKNOWLEDGEMENT** \nNone \n \n \n \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSWPVP\",\"label\":\"IBM Security Key Lifecycle Manager\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"1.0;2.0;2.0.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {}, "published": "2022-09-25T23:13:40", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Key Lifecycle Manager can be affected by a vulnerability in the IBM Java Runtime Environment (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T23:13:40", "id": "511A2CEA23CFB8B15C62F78EE3A158E3C8F986D7D0E152D292B641365BBD08F1", "href": "https://www.ibm.com/support/pages/node/496033", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:35", "description": "## Abstract\n\nIBM DB2 Recovery Expert for Linux, UNIX and Windows uses the IBM Java Runtime Environment (JRE) and is affected by a vulnerability issue in the IBM JRE.\n\n## Content\n\n**VULNERABILITY DETAILS:** \n \n**CVE ID: **CVE-2013-0169 \n \n**DESCRIPTION: ** \nThe TLS protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \n** CVSS:**\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [**_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_**](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n--- \n \n**AFFECTED PRODUCTS: ** \n \nIBM DB2 Recovery Expert for Linux, UNIX, and Windows version 3.1.0.0 through 4.1.0.0 \n \n**REMEDIATION:** \n \n**VENDOR FIX: ** \n \nDB2 Recovery Expert V4.1.0 \n \nInstall Interim Fix 1 (4.1.0.0_IF1) \n \nDB2 Recovery Expert V3.1.0 \n \nYou must replace the IBM JRE that is installed with IBM DB2 Recovery Expert with the latest IBM JRE. Detailed instructions are provided in the technote \u201cUpdating the JRE for DB2 Recovery Expert for Linux, UNIX and Windows. See <http://www-01.ibm.com/support/docview.wss?uid=swg21644942> \n \nFor further assistance contact IBM Technical Support. \n \n**WORKAROUND: ** \nNone \n \n**MITIGATION:** \nNone \n \n**REFERENCES:** \n[_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[_X-Force Vulnerability Database_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n \n \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**CHANGE HISTORY: ** \n**_07/25/2013: Original version published_** \n \n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash._ \n_ _ \n_Note: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SS8QJD\",\"label\":\"DB2 Recovery Expert for Linux, UNIX and Windows\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"4.1.0;3.1.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: DB2 Recovery Expert for Linux, UNIX and Windows affected by vulnerability in IBM Java JRE (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "61C29B2018A4B8DC7247FEB87D67D749F5AB58D20D16FB7F0426B1B9762B49FF", "href": "https://www.ibm.com/support/pages/node/228889", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:35:22", "description": "## Summary\n\nIBM Rational ClearCase includes an IBM Java SDK that is based on the Oracle JDK. Oracle has released April 2013 critical patch updates (CPU) which contain security vulnerability fixes and the IBM Java SDK has been updated to incorporate those updates.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVE ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n \n**Description:** The TLS protocol does not properly consider timing side-channel attacks, which could allow remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector: **(AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational ClearCase, Remote Client, 7.1 through 7.1.2.11, 8.0 through 8.0.0.7, and 8.0.1 \n \n**Note:** The vulnerability only affects ClearCase Remote Client. \n\n * If your deployment does not use ClearCase Remote Client, it is _not vulnerable_. \n * If your deployment does not use SSL (https) between ClearCase Remote Client and CM Server or CCRC WAN Server, it is _not vulnerable_.\n\n## Remediation/Fixes\n\nUpgrade to one of the below versions of IBM Rational ClearCase: \n\n\n * [Rational ClearCase Fix Pack 1 (8.0.1.1) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24035657>)\n * [Rational ClearCase Fix Pack 8 (8.0.0.8) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24035655>)\n * [Rational ClearCase Fix Pack 12 (7.1.2.12) for 7.1.2](<http://www.ibm.com/support/docview.wss?uid=swg24035653>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Rational ClearCase (Java component) with potential for TLS Attack (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-07-10T08:34:12", "id": "9767587F564D9C9625F74EB5AC595ABB7605EE6BA3253E7CAEBC767879A17130", "href": "https://www.ibm.com/support/pages/node/232887", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-20T21:35:20", "description": "## Summary\n\nThe IBM GSKit component used in Rational ClearCase is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVE ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>) \n \n**Description: **The IBM GSKit component used in Rational ClearCase is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as \"Lucky Thirteen.\" The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets. \n \nThe IBM GSKit is used if ClearCase on Windows platforms is configured to integrate with IBM Rational ClearQuest with communication over SSL (https). This applies to Base CC/CQ integrations using Change Management Interface (CMI) and to UCM-enabled CQ integration via OSLC. If your ClearCase deployment is not using these integrations with ClearQuest, or not using SSL with the integrations, then your deployment is not sensitive to this attack. The UCM-enabled CQ integration without using OSLC (SQUID) is not sensitive to this attack. \n \nIf your deployment does not use ClearCase on Windows, it is not sensitive to this attack. \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/81902> for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational ClearCase 7.1 through 7.1.2.11, 8.0 through 8.0.0.7, and 8.0.1\n\n## Remediation/Fixes\n\nUpgrade to one of the below versions of IBM Rational ClearCase \n\n * [Rational ClearCase Fix Pack 1 (8.0.1.1) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24035657>)\n * [Rational ClearCase Fix Pack 8 (8.0.0.8) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24035655>)\n * 7.1.2.12: Upgrade to 8.0.0.8 or 8.0.1.1 [](<http://www.ibm.com/support/docview.wss?&uid=swg24035652>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Rational ClearCase (GSKit component) with potential for TLS Attack (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2018-07-10T08:34:12", "id": "0CA57BDC2A5B29D7A05B000C9F4660CECD108471C93FE144B5B5B7B541E5DB80", "href": "https://www.ibm.com/support/pages/node/232881", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:37", "description": "## Abstract\n\nPotential security vulnerabilities exist in the IBM Java SDK that is shipped with the IBM FileNet Business Process Manager.\n\n## Content\n\nThe products that are listed below can be affected by security vulnerabilities as reported by Oracle April 2013 Critical Patch updates: \n \n\u00b7 IBM FileNet Business Process Manager 4.5.1, 5.0.0/5.1.0 \n \n**Vulnerability details: ** \n \nThe following security vulnerabilities exist in the IBM Java SDK shipped with IBM Business Process Manager 4.5.1, 5.0.0/5.1.0 \n \n**CVSS:** \nCVEID: CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**Affected products and versions: ** \nProduct: IBM Business Process Manager 4.5.1, 5.0.0/5.1.0 \u2013 including all fix packs \n \n**Remediation: ** \n \n_Apply the following fixes:_\n\n**_Fix*_**| **_Component-VRMF_**| **_How to acquire fix_** \n---|---|--- \n_4.5.1 interim fix_| _4.5.1.4-P8PE_ \n_4.5.1.2-P8PS_ \n_4.5.1.3-P8PA_| [_4.5.1.4-P8PE-IF002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Engine&release=4.5.1.4&platform=All&function=all>) \n[_4.5.1.2-P8PS-IF002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Simulator&release=4.5.1.2&platform=All&function=all>) \n[_4.5.1.3-P8PA-IF002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Analyzer&release=4.5.1.3&platform=All&function=all>) \n_5.0.0/5.1.0 GA fix pack_| _5.0.0.5-P8PE_ \n_5.0.0.2-P8PS_ \n_5.0.0.4-P8CA_| [_5.0.0.5-P8PE-FP005_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Engine&release=5.0.0.0&platform=All&function=all>) \n[_5.0.0.2-P8PS-FP002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/FileNet+Process+Simulator&release=5.0.0.0&platform=All&function=all>) \n[_5.0.0.4-P8CA-FP004_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet+Product+Family&product=ibm/Information+Management/Case+Analyzer&release=5.0.0.3&platform=All&function=all>) \n \nNote: BPM 5.0 and BPM 5.1 are patched by the same 5.0.0.x patch streams. \n \n**_Workaround(s):_** \n**None** \n \n**_Mitigation(s):_** \n**None** \n \n**References: ** \n[__Complete CVSS Guide__](<http://www.first.org/cvss/v2/guide>)_ _ \n[__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n \n \n**Related information: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n\n\n_*The CVSS Environment Score is customer environment-specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSNW2F\",\"label\":\"FileNet P8 Platform\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Process Engine\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"}],\"Version\":\"5.1;5.0;4.5.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: IBM FileNet Business Process Manager \u2013 Oracle Critical Patch Updates April 2013 (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "C43295EDCDB671C41F9E96483F5E89378A947A89F40869B467F309DBF973E6B7", "href": "https://www.ibm.com/support/pages/node/231021", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:26:30", "description": "## Abstract\n\nThe IBM JRE that is embedded in the InfoSphere Data Replication Dashboard has a security vulnerability that affects SSL connections to the dashboard web server.\n\n## Content\n\n**VULNERABILITY**** DETAILS:** \n \n**CVE ID: CVE-2013-0169** \n \n**DESCRIPTION: **The TLS protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks by using statistical analysis of timing data for crafted packets, also known as the \"Lucky Thirteen\" issue. \n \n**CVSS:** \nCVSS Base Score: 4.3 \n_CVSS Temporal Score: See _[__https://exchange.xforce.ibmcloud.com/vulnerabilities/81902__](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)_ for the current score CVSS Environmental Score*: Undefined_ \n_CVSS Vector: ___(AV:N/AC:H/Au:N/C:P/I:N/A:N)__ \n \n**AFFECTED PRODUCTS:** \nVersions 10.2, 10.1 and 9.7 of InfoSphere Data Replication Dashboard are affected. \n \n**REMEDIATION:** \nThe recommended solution is to upgrade the product to the latest version. \n \n**FIX:** \nThe vulnerability fixes require upgrading the product to version 10.2.1.0-b343 or higher. Download the latest version of InfoSphere Data Replication Dashboard from [_http://www-01.ibm.com/support/docview.wss?uid=swg24023065_](<http://www-01.ibm.com/support/docview.wss?uid=swg24023065>) \n \n**WORKAROUND:** \nNone known. \n \n**MITIGATION:** \nNone known. \n \n**REFERENCES:** \n[_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[_X-Force Vulnerability Database_](<http://xforce.iss.net/>) \n[_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal_](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>)** ** \n \n**CHANGE HISTORY**: \n25-Oct-2013: Original version published \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSDP5R\",\"label\":\"InfoSphere Replication Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Monitoring\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1;10.2;9.7\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2022-09-25T22:39:39", "type": "ibm", "title": "Security Bulletin: InfoSphere Data Replication Dashboard is affected by a vulnerability in the IBM JRE (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T22:39:39", "id": "C4FDDC1384D8FD0DDE8B004DBBC87A757834460AE92B55B9C87335F27F45968F", "href": "https://www.ibm.com/support/pages/node/500021", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:29", "description": "## Abstract\n\nIBM InfoSphere Optim Performance Manager uses the IBM Java Runtime Environment (JRE) and is affected by a vulnerability in the IBM JRE.\n\n## Content\n\n \n**VULNERABILITY DETAILS:** \n \n**CVE ID: **CVE-2013-0169 \n \n**DESCRIPTION: ** \nThe TLS protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \n**CVSS:** \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS: ** \n \nIBM Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 4.1 through 4.1.1 \n \nIBM InfoSphere Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 5.1 through 5.3 \n \n**REMEDIATION:** \n \n**FIX(ES): ** \n \nYou must replace the IBM JRE that is installed with IBM InfoSphere Optim Performance Manager for DB2 on Linux, UNIX, and Windows with the latest IBM JRE. Detailed instructions are provided in the technote _\u201c_[__Updating the IBM JRE for InfoSphere Optim Performance Manager__](<http://www.ibm.com/support/docview.wss?uid=swg21640535>)_\u201d_. \n \n \n**WORKAROUND(S): ** \nNone known. \n \n**MITIGATION(S):** \nNone known. \n \n**REFERENCES:** \n[_Complete CVSS Guide_](<http://www.first.org/cvss/v2/guide>) \n[_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[_X-Force Vulnerability Database_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \n[_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) \n \n \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**CHANGE HISTORY: ** \n07-30-2013: Original version published \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSBH2R\",\"label\":\"InfoSphere Optim Performance Manager for Db2 for Linux, UNIX, and Windows\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"5.3;5.2;5.1.1.1;5.1.1;5.1;4.1.1;4.1.0.1;4.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SSBH2R\",\"label\":\"InfoSphere Optim Performance Manager for Db2 for Linux, UNIX, and Windows\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":null,\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"4.1.0.1;4.1.1\",\"Edition\":\"Enterprise;Workgroup;Content Manager;Extended\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: InfoSphere Optim Performance Manager affected by vulnerability in IBM JAVA JRE (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "540B5BFC7425C0A1AEC2AE0E39CAFAA87610B3C5A51646F532BF2994455918B4", "href": "https://www.ibm.com/support/pages/node/229181", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-24T05:56:45", "description": "## Abstract\n\nDownload an update to the TS3310 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL.\n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \nA security vulnerability was found in OpenSSL version 1.0.1c (along with other earlier versions). For a complete list of OpenSSL Vulnerabilities by version, please refer to: [_http://www.openssl.org/news/vulnerabilities.html_](<http://www.openssl.org/news/vulnerabilities.html>) \n \nThe IBM TS3310 tape library firmware has been updated to contain a newer version of OpenSSL. \n \n \n**CVEID: **CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nAll TS3310 tape libraries with firmware versions lower than 636G. \n \n \n**REMEDIATION: ** \nThe recommended solution involves applying the fix, which is contained in firmware version 636G and above. The fix remediates the vulnerability by updating OpenSSL to version 1.0.1d. \n \n \n**Fix:** \nApply firmware version 636G or later, available from IBM Fix Central [_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>) \n \n \n**Workaround(s):** \nNone \n \n**Mitigation(s):** \nConnect the library directly to a workstation or private network that is trusted (i.e., access to the workstation or network is controlled or limited to persons that would all have administrator privileges or persons that can be trusted not to attempt to hack into the library). \n \n**REFERENCES**\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/v2/guide>)\n * [__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _\n * [__CVE-2013-0169____ __](<https://vulners.com/cve/CVE-2013-0169>)\n * _X-Force Vulnerability Database_ [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>)\n * \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**ACKNOWLEDGEMENT** \nNone \n \n**CHANGE HISTORY** \n17 May 2013: Original Copy Published \n10 June 2013: Updated CVSS Base Score and CVSS Vector \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY_\n\n[{\"Product\":{\"code\":\"STCXRHW\",\"label\":\"TS3310 Tape Library (3576)\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"\",\"label\":\"N\\/A\"}],\"Version\":\"Not Applicable\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB26\",\"label\":\"Storage\"}}]", "cvss3": {}, "published": "2022-09-26T04:23:14", "type": "ibm", "title": "Security Bulletin: IBM TS3310 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-26T04:23:14", "id": "618A72A7D08892ADCD819AD422F802E0F22DD66F0926AF2D81288E8865A68EFC", "href": "https://www.ibm.com/support/pages/node/689167", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-29T18:27:10", "description": "## Abstract\n\nThe IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. The April 2013 Oracle Critical Patch Updates (CPU) contained various security vulnerability fixes for the Oracle JDKs. The IBM Java SDK that WebSphere Partner Gateway ships is similarly affected.\n\n## Content\n\n**VULNERABILITY DETAILS** \n \nCVE-2013-0169 - The TLS protocol does not properly consider timing side-channel attacks, which could allow remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>) \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n**DESCRIPTION:** \nThis Security Bulletin addresses the security vulnerabilities that have shipped with the IBM SDK and is part of the Oracle April 2013 critical patch updates (CPU). For details on these updates please refer to the Reference section of this bulletin. \n \n**Versions Affected.** \n \nWebSphere Partner Gateway Advanced/Enterprise Edition Versions 6.2 through 6.2.1.2 \n \n \n**REMEDIATION: ** \n \nUpgrade your JAVA SDK and Integrated FTP/SFTP JRE to an interim fix level as determined below. \n \n\n\n**_Fix_**| **_VRMF_**| **_APAR_**| **_How to acquire fix_** \n---|---|---|--- \n_WAS 7.0 IFIX_| _7.0.0.0 through 7.0.0.27 _| PM87521| [_PM87521_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034997>) \n_WAS 6.1 IFIX_| _6.1.0.0 through 6.1.0.45_| PM87524| [_PM87524_](<http://www-01.ibm.com/support/docview.wss?uid=swg24034996>) \n_WPG IFIX_| _6.2.1.2_| JR47328| [JR47328](<http://www.ibm.com/eserver/support/fixes/fixcentral/swg/quickorder?fixes=6.2.1.2-WS-WPG-IFJR47328&productid=WebSphere%20Partner%20Gateway%20Advanced%20Edition&brandid=5>) \n \n \n \n**REFERENCES: **\n* [_IBM Security Alerts_](<http://www.ibm.com/developerworks/java/jdk/alerts>)\n* [_Oracle Java SE Critical Patch Update Advisory - April 2013_](<http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html>)\n* [_Java on IBM i_](<https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en>)\n* [_Complete CVSS Guide _](<http://www.first.org/cvss/v2/guide>)\n* [_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n* [_CVE-2013-0169_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>) [_xforce.iss.net/xforce/xfdb/81902_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/81902>)\n* [_WebSphere Application Server Recommended Fixes Page _](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n \n**RELATED INFORMATION: ** \nNone \n \n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"SSDKKW\",\"label\":\"WebSphere Partner Gateway Advanced Edition\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"6.2.1.2\",\"Edition\":\"Advanced;Enterprise\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {}, "published": "2022-09-25T21:06:56", "type": "ibm", "title": "Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Advanced/Enterprise for the Oracle CPU April 2013.", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2022-09-25T21:06:56", "id": "ADCCD07ABE84A7FC8550F577A3823CD6D29F46A50A4065FB573165CDF08E84E1", "href": "https://www.ibm.com/support/pages/node/230323", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-09-27T23:05:17", "description": "## Abstract\n\nDownload an update to the TS2900 Tape Library, which contains a newer version of OpenSSL that fixes certain security vulnerabilities that were present in older versions of OpenSSL.\n\n## Content\n\n**VULNERABILITY DETAILS: ** \n \n**DESCRIPTION: ** \nA security vulnerability was found in OpenSSL version 1.0.1c (along with other earlier versions). For a complete list of OpenSSL Vulnerabilities by version, please refer to: [_http://www.openssl.org/news/vulnerabilities.html_](<http://www.openssl.org/news/vulnerabilities.html>) \n \nThe IBM TS2900 tape library firmware has been updated to contain a newer version of OpenSSL. \n \n \n**CVEID: **CVE-2013-0169 \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n \n**AFFECTED PRODUCTS AND VERSIONS: ** \nAll TS2900 tape libraries with firmware versions lower than 0026. \n \n \n**REMEDIATION: ** \nThe recommended solution involves applying the fix, which is contained in firmware version 0026 and above. The fix remediates the vulnerability by updating OpenSSL to version 1.0.1d. \n \n**Fix:** \nApply firmware version 0026 or later, available from IBM Fix Central [_http://www-933.ibm.com/support/fixcentral/_](<http://www-933.ibm.com/support/fixcentral/>) \n \n**Workaround(s):** \nNone \n \n**Mitigation(s):** \nConnect the library directly to a workstation or private network that is trusted (i.e., access to the workstation or network is controlled or limited to persons that would all have administrator privileges or persons that can be trusted not to attempt to hack into the library). \n \n \n**REFERENCES**\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/v2/guide>)\n * [__On-line Calculator V2__](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)_ _\n * [__CVE-2013-0169____ __](<https://vulners.com/cve/CVE-2013-0169>)\n * _X-Force Vulnerability Database_ [_http://xforce.iss.net/xforce/xfdb/81902_](<http://xforce.iss.net/xforce/xfdb/81902>)\n * \n**RELATED INFORMATION: ** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n \n**ACKNOWLEDGEMENT** \nNone \n \n**CHANGE HISTORY** \n07 June 2013: Original Copy Published \n\n\n_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _\n\n \n**_Note: _**_According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY._\n\n[{\"Product\":{\"code\":\"STCAPQJ\",\"label\":\"TS2900 Tape Autoloader\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Not Applicable\",\"Edition\":\"N\\/A\",\"Line of Business\":{\"code\":\"LOB26\",\"label\":\"Storage\"}}]", "cvss3": {}, "published": "2023-03-26T01:04:50", "type": "ibm", "title": "Security Bulletin: IBM TS2900 Tape Library update for security vulnerabilities in OpenSSL (CVE-2013-0169)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169"], "modified": "2023-03-26T01:04:50", "id": "43B76C333A7576029A83B6169787B1ACB6CA6F7F5FB81FE4498044B211FB42E4", "href": "https://www.ibm.com/support/pages/node/689189", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:38:15", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah Attack\" for SSL/TLS affects IBM Sterling Connect:Direct for Microsoft Windows.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Sterling Connect:Direct for Microsoft Windows 4.7.0 and earlier.\n\n## Remediation/Fixes\n\nIBM Sterling Connect:Direct for Microsoft Windows by default disables the RC4 stream cipher. If you enabled the RC4 stream cipher you are exposed to the RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\nTo disable RC4 stream ciphers, open the CD Secure+ Admin Tool and go through the list of node entries. For each entry, go to its TLS/SSL Protocol > TLS/SSL Options tab and remove any RC4 stream cipher from the list shown in the Enabled box. \n\nYou should verify applying this configuration change does not cause any compatibility issues.\n\n \n \nNote that the remaining available ciphers are generally CBC ciphers. CBC ciphers are vulnerable to [CVE-2011-3389](<https://vulners.com/cve/CVE-2011-3389>) (BEAST Attack). While the previous recommendation to mitigate CVE-2011-3389 was to not use CBC ciphers, there is now a fix available to mitigate CVE-2011-3389. Therefore IBM recommends to apply the following fix in addition to disabling RC4 stream ciphers: \n \n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nIBM Sterling Connect:Direct for Microsoft Windows| 4.5.00| [IT08243](<http://www.ibm.com/support/docview.wss?uid=swg1IT08243>)| Apply 4.5.00 patch 056, available on [IWM](<https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=swg-SterlngLegacyreq>) \nIBM Sterling Connect:Direct for Microsoft Windows| 4.5.01| [IT08243](<http://www.ibm.com/support/docview.wss?uid=swg1IT08243>)| Apply 4.5.01 patch 022, available on [IWM](<https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=swg-SterlngLegacyreq>) \nIBM Sterling Connect:Direct for Microsoft Windows| 4.6.0| [IT08243](<http://www.ibm.com/support/docview.wss?uid=swg1IT08243>)| Apply 4.6.0.5_iFix010, available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Sterling+Connect%3ADirect+for+Microsoft+Windows&release=4.6.0.5&platform=All&function=all>) \nIBM Sterling Connect:Direct for Microsoft Windows| 4.7.0| [IT08243](<http://www.ibm.com/support/docview.wss?uid=swg1IT08243>)| Apply 4.7.0.3_iFix005, available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Sterling+Connect%3ADirect+for+Microsoft+Windows&release=4.7.0.3&platform=All&function=all>) \n \nFor older unsupported versions IBM recommends upgrading to a fixed, supported version of the product. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-07-24T22:19:08", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Sterling Connect:Direct for Microsoft Windows (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389", "CVE-2015-2808"], "modified": "2020-07-24T22:19:08", "id": "4658C62A77F48A34C93A36AA5082184E598712E676A47847A2174B2175EB4DBB", "href": "https://www.ibm.com/support/pages/node/261419", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:38:25", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Sterling Connect:Direct for UNIX.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Sterling Connect:Direct for Unix 4.2.0 \nIBM Sterling Connect:Direct for Unix 4.1.0 \nIBM Sterling Connect:Direct for Unix 4.0.0\n\n## Remediation/Fixes\n\nIBM Sterling Connect:Direct for UNIX by default disables the RC4 stream cipher. If you enabled the RC4 stream cipher you are exposed to the RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\nTo disable RC4 stream ciphers, open the CD Secure+ Admin Tool and go through the list of node entries. For each entry, go to its TLS/SSL Protocol > TLS/SSL Options tab and remove any RC4 stream cipher from the list shown in the Enabled box. \n\nYou should verify applying this configuration change does not cause any compatibility issues.\n\n \n \nNote that the remaining available ciphers are generally CBC ciphers. CBC ciphers are vulnerable to [CVE-2011-3389](<https://vulners.com/cve/CVE-2011-3389>) (BEAST Attack). While the previous recommendation to mitigate CVE-2011-3389 was to not use CBC ciphers, there is now a fix available to mitigate CVE-2011-3389. Therefore IBM recommends to apply the following fix in addition to disabling RC4 stream ciphers: \n \nV.R.M.F| APAR| Remediation/First Fix \n---|---|--- \n4.2.0| IT08276| Apply 4.2.0.2 iFix 020, available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=4.2.0.2&platform=All&function=fixId&fixids=4.2.0.2*iFix020*&includeSupersedes=0>) \n4.1.0| IT08276| Apply 4.1.0.4 iFix 048, available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=4.1.0.4&platform=All&function=fixId&fixids=4.1.0.4*iFix048*&includeSupersedes=0>) \n4.0.0| IT08276| Apply 4.0.00 Fix 137, available on [_IWM_](<https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=swg-SterlngLegacyreq>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-07-24T22:19:08", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Sterling Connect:Direct for UNIX (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389", "CVE-2015-2808"], "modified": "2020-07-24T22:19:08", "id": "B5BA7A019881D4357D8DF943ED0F2EBF5D00B203B4AF8DE699E3A190780BD598", "href": "https://www.ibm.com/support/pages/node/263151", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:53:00", "description": "## Summary\n\nIBM Systems Director contains a version of IBM Java SDK that contained vulnerabilities CVE-2013-0169, CVE-2013-4002.\n\n## Vulnerability Details\n\n## Abstract\n\nIBM Systems Director contains a version of IBM Java SDK that contained vulnerabilities CVE-2013-0169, CVE-2013-4002.\n\n## Content\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2013-0169](<https://vulners.com/cve/CVE-2013-0169>)\n\n**Description:** Allows Remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/81902> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVE-ID:** [CVE-2013-4002](<https://vulners.com/cve/CVE-2013-4002>)\n\n**Description:** The XML Parser that is shipped with the IBM Java SDK is vulnerable to a denial of service attack.\n\nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/85260> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected products and versions\n\nFrom the IBM System Director command line enter **smcli lsver** to determine the level of IBM System Director installed.\n\nIBM Systems Director: 5.2.x, 6.1.x.x, 6.2.x.x, 6.3.x.x\n\n## Remediation:\n\nUpgrade to IBM systems Director 6.3.5, or open a PMR with support to request an APAR. Emergency fix may be provided where technically feasible.\n\nTo upgrade, visit [ Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Director&product=ibm/Director/SystemsDirector&release=6.3&platform=All&function=all>) and select SysDir6_3_5_<Platform> update package for IBM Systems Director.\n\n## Workaround(s) & Mitigation(s):\n\nNone\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>)\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n13 November 2014: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.\n\nNote: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T01:30:01", "type": "ibm", "title": "Security Bulletin: IBM Systems Director (ISD) is affected by vulnerabilities in the IBM Java SDK (CVE-2013-0169, CVE-2013-4002)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-4002"], "modified": "2019-01-31T01:30:01", "id": "635552E99951D8D5AEBD584BBE0C8D1EBBAE770AEE83BA96CDC88B692C2A1891", "href": "https://www.ibm.com/support/pages/node/865554", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2018-01-03T10:58:33", "description": "Check for the Version of nss-softokn", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863692", "href": "http://plugins.openvas.org/nasl.php?oid=863692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-softokn on Fedora 15\";\ntag_insight = \"Network Security Services Softoken Cryptographic Module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072230.html\");\n script_id(863692);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:36 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-softokn\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.13.1~15.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864070", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864070", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071322.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864070\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:55 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"firefox on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-06T13:06:49", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:864070", "href": "http://plugins.openvas.org/nasl.php?oid=864070", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 16\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071322.html\");\n script_id(864070);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:55 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:07:35", "description": "Check for the Version of thunderbird-lightning", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864037", "href": "http://plugins.openvas.org/nasl.php?oid=864037", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird-lightning on Fedora 16\";\ntag_insight = \"Lightning brings the Sunbird calendar to the popular email client,\n Mozilla Thunderbird. Since it's an extension, Lightning is tightly\n integrated with Thunderbird, allowing it to easily perform email-related\n calendaring tasks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071321.html\");\n script_id(864037);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:04:19 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird-lightning\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:58:28", "description": "Check for the Version of nss-util", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:863691", "href": "http://plugins.openvas.org/nasl.php?oid=863691", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-util on Fedora 15\";\ntag_insight = \"Utilities for Network Security Services and the Softoken module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072222.html\");\n script_id(863691);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:34 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-util\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-08T12:56:31", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:863696", "href": "http://plugins.openvas.org/nasl.php?oid=863696", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 15\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072224.html\");\n script_id(863696);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:48 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:57:30", "description": "Check for the Version of thunderbird-lightning", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:863699", "href": "http://plugins.openvas.org/nasl.php?oid=863699", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird-lightning on Fedora 15\";\ntag_insight = \"Lightning brings the Sunbird calendar to the popular email client,\n Mozilla Thunderbird. Since it's an extension, Lightning is tightly\n integrated with Thunderbird, allowing it to easily perform email-related\n calendaring tasks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072223.html\");\n script_id(863699);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:55 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird-lightning\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072227.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863694\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:44 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xulrunner'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"xulrunner on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-03T10:56:34", "description": "Check for the Version of gnome-python2-extras", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863695", "href": "http://plugins.openvas.org/nasl.php?oid=863695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 15\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072231.html\");\n script_id(863695);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:46 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for gnome-python2-extras FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.25.3~35.fc15.4\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863804", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863804", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863804\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:18:59 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for nss FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"nss on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-06T13:07:14", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:863693", "href": "http://plugins.openvas.org/nasl.php?oid=863693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 15\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072225.html\");\n script_id(863693);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:39 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for thunderbird FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~9.0~4.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: fetchmail", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071832", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071832", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_fetchmail16.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 18ce9a90-f269-11e1-be53-080027ef73ec\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71832\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 11:34:17 -0400 (Thu, 30 Aug 2012)\");\n script_name(\"FreeBSD Ports: fetchmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: fetchmail\n\nCVE-2011-3389\nThe SSL protocol, as used in certain configurations in Microsoft\nWindows and Microsoft Internet Explorer, Mozilla Firefox, Google\nChrome, Opera, and other products, encrypts data by using CBC mode\nwith chained initialization vectors, which allows man-in-the-middle\nattackers to obtain plaintext HTTP headers via a blockwise\nchosen-boundary attack (BCBA) on an HTTPS session, in conjunction with\nJavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java\nURLConnection API, or (3) the Silverlight WebClient API, aka a 'BEAST'\nattack.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"fetchmail\");\nif(!isnull(bver) && revcomp(a:bver, b:\"6.3.9\")>=0 && revcomp(a:bver, b:\"6.3.22\")<0) {\n txt += \"Package fetchmail version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864037", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864037", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071321.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864037\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:04:19 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird-lightning'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"thunderbird-lightning on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-08T14:03:20", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS12-006.", "cvss3": {}, "published": "2012-01-11T00:00:00", "type": "openvas", "title": "Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2020-01-07T00:00:00", "id": "OPENVAS:1361412562310902900", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902900", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902900\");\n script_version(\"2020-01-07T09:06:32+0000\");\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-07 09:06:32 +0000 (Tue, 07 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-01-11 09:47:46 +0530 (Wed, 11 Jan 2012)\");\n script_name(\"Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2585542\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/registry_enumerated\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this issue may allow attackers to perform limited\n man-in-the-middle attacks to inject data into the beginning of the application protocol stream to execute HTTP\n transactions, bypass authentication.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 7 Service Pack 1 and prior\n\n - Microsoft Windows XP Service Pack 3 and prior\n\n - Microsoft Windows 2K3 Service Pack 2 and prior\n\n - Microsoft Windows Vista Service Pack 1/2 and prior\n\n - Microsoft Windows Server 2008 Service Pack 1/2 and prior\");\n\n script_tag(name:\"insight\", value:\"A flaw exists is due to an error in Microsoft Windows SChannel (Secure Channel),\n when modifying the way that the Windows Secure Channel (SChannel) component sends and receives encrypted network packets.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS12-006.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win7:2, win2008:3) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath){\n exit(0);\n}\n\nif(hotfix_check_sp(win2003:3) > 0)\n{\n if(hotfix_missing(name:\"2585542\") == 1)\n {\n sysVer = fetch_file_version(sysPath:sysPath, file_name:\"system32\\Schannel.dll\");\n if(sysVer)\n {\n SP = get_kb_item(\"SMB/Win2003/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n if(version_is_less(version:sysVer, test_version:\"5.2.3790.4935\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n }\n else if(hotfix_missing(name:\"2638806\") == 1)\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nif(hotfix_missing(name:\"2585542\") == 0){\n exit(0);\n}\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"system32\\Schannel.dll\");\nif(!sysVer){\n exit(0);\n}\n\nif(hotfix_check_sp(xp:4) > 0)\n{\n SP = get_kb_item(\"SMB/WinXP/ServicePack\");\n if(\"Service Pack 3\" >< SP)\n {\n if(version_is_less(version:sysVer, test_version:\"5.1.2600.6175\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n SP = get_kb_item(\"SMB/WinVista/ServicePack\");\n if(!SP){\n SP = get_kb_item(\"SMB/Win2008/ServicePack\");\n }\n\n if(\"Service Pack 2\" >< SP)\n {\n if(version_in_range(version:sysVer, test_version:\"6.0.6002.18000\", test_version2:\"6.0.6002.18540\")||\n version_in_range(version:sysVer, test_version:\"6.0.6002.22000\", test_version2:\"6.0.6002.22741\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nelse if(hotfix_check_sp(win7:2) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"6.1.7600.16915\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7600.21000\", test_version2:\"6.1.7600.21091\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7601.17000\", test_version2:\"6.1.7601.17724\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7601.21000\", test_version2:\"6.1.7601.21860\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-06T13:07:05", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS12-006.", "cvss3": {}, "published": "2012-01-11T00:00:00", "type": "openvas", "title": "Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:902900", "href": "http://plugins.openvas.org/nasl.php?oid=902900", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms12-006.nasl 8276 2018-01-03 12:29:18Z asteins $\n#\n# Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation of this issue may allow attackers to perform limited\n man-in-the-middle attacks to inject data into the beginning of the\n application protocol stream to execute HTTP transactions, bypass\n authentication.\n Impact Level: Windows\";\ntag_affected = \"Microsoft Windows 7 Service Pack 1 and prior.\n Microsoft Windows XP Service Pack 3 and prior.\n Microsoft Windows 2K3 Service Pack 2 and prior.\n Microsoft Windows Vista Service Pack 1/2 and prior.\n Microsoft Windows Server 2008 Service Pack 1/2 and prior.\";\ntag_insight = \"A flaw exists is due to an error in Microsoft Windows SChannel (Secure Channel),\n when modifying the way that the Windows Secure Channel (SChannel) component\n sends and receives encrypted network packets.\";\ntag_solution = \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms12-006\";\ntag_summary = \"This host is missing an important security update according to\n Microsoft Bulletin MS12-006.\";\n\nif(description)\n{\n script_id(902900);\n script_version(\"$Revision: 8276 $\");\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 13:29:18 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-11 09:47:46 +0530 (Wed, 11 Jan 2012)\");\n script_name(\"Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2585542\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms12-006\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win7:2, win2008:3) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath){\n exit(0);\n}\n\n## Windows 2003\nif(hotfix_check_sp(win2003:3) > 0)\n{\n ## Check for Hotfix 2638806 (MS12-006)\n if(hotfix_missing(name:\"2585542\") == 1)\n {\n sysVer = fetch_file_version(sysPath, file_name:\"system32\\Schannel.dll\");\n if(sysVer)\n {\n SP = get_kb_item(\"SMB/Win2003/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n ## Check for Schannel.dll version < 5.2.3790.4935\n if(version_is_less(version:sysVer, test_version:\"5.2.3790.4935\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n }\n }\n else if(hotfix_missing(name:\"2638806\") == 1)\n {\n security_message(0);\n }\n exit(0);\n}\n\n## Check for Hotfix 2585542 (MS12-006)\nif(hotfix_missing(name:\"2585542\") == 0){\n exit(0);\n}\n\n## Get Version from file Schannel.dll\nsysVer = fetch_file_version(sysPath, file_name:\"system32\\Schannel.dll\");\nif(!sysVer){\n exit(0);\n}\n\n## Windows XP\nif(hotfix_check_sp(xp:4) > 0)\n{\n SP = get_kb_item(\"SMB/WinXP/ServicePack\");\n if(\"Service Pack 3\" >< SP)\n {\n ## Check for Schannel.dll version < 5.1.2600.6175\n if(version_is_less(version:sysVer, test_version:\"5.1.2600.6175\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n## Windows Vista and Windows Server 2008\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n SP = get_kb_item(\"SMB/WinVista/ServicePack\");\n if(!SP){\n SP = get_kb_item(\"SMB/Win2008/ServicePack\");\n }\n\n if(\"Service Pack 2\" >< SP)\n {\n ## Check for Schannel.dll version\n if(version_in_range(version:sysVer, test_version:\"6.0.6002.18000\", test_version2:\"6.0.6002.18540\")||\n version_in_range(version:sysVer, test_version:\"6.0.6002.22000\", test_version2:\"6.0.6002.22741\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n## Windows 7\nelse if(hotfix_check_sp(win7:2) > 0)\n{\n ## Grep for Schannel.dll version\n if(version_is_less(version:sysVer, test_version:\"6.1.7600.16915\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7600.21000\", test_version2:\"6.1.7600.21091\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7601.17000\", test_version2:\"6.1.7601.17724\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7601.21000\", test_version2:\"6.1.7601.21860\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863916", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863916", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071323.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863916\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:36:17 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for thunderbird FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"thunderbird on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~9.0~4.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:58:22", "description": "Check for the Version of xulrunner", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:863694", "href": "http://plugins.openvas.org/nasl.php?oid=863694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 15\";\ntag_insight = \"XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM\n applications that are as rich as Firefox and Thunderbird. It provides mechanisms\n for installing, upgrading, and uninstalling these applications. XULRunner also\n provides libxul, a solution which allows the embedding of Mozilla technologies\n in other projects and products.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072227.html\");\n script_id(863694);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:44 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:07:57", "description": "Check for the Version of nss-util", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864068", "href": "http://plugins.openvas.org/nasl.php?oid=864068", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-util on Fedora 16\";\ntag_insight = \"Utilities for Network Security Services and the Softoken module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071320.html\");\n script_id(864068);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:51 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-util\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863696", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863696", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072224.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863696\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:48 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"firefox on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863697", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863697", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072229.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863697\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:51 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for nss FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"nss on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~10.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863695", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072231.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863695\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:46 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for gnome-python2-extras FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnome-python2-extras'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"gnome-python2-extras on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.25.3~35.fc15.4\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863691", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072222.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863691\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:34 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"nss-util on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863699", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863699", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072223.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863699\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:55 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird-lightning'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"thunderbird-lightning on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:50:59", "description": "The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2398-2 (curl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71249", "href": "http://plugins.openvas.org/nasl.php?oid=71249", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2398_2.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2398-2 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"cURL is a command-line tool and library for transferring data with URL\nsyntax. It was discovered that the countermeasures against the\nDai/Rogaway chosen-plaintext attack on SSL/TLS (CVE-2011-3389,\nBEAST) cause interoperability issues with some server\nimplementations. This update ads the the CURLOPT_SSL_OPTIONS and\nCURLSSLOPT_ALLOW_BEAST options to the library, and the\n- --ssl-allow-beast option to the curl program.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze2.\n\nWe recommend that you upgrade your curl packages.\";\ntag_summary = \"The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202398-2\";\n\nif(description)\n{\n script_id(71249);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:55:40 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2398-2 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"curl\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:56:33", "description": "Check for the Version of perl-Gtk2-MozEmbed", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:863698", "href": "http://plugins.openvas.org/nasl.php?oid=863698", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"perl-Gtk2-MozEmbed on Fedora 15\";\ntag_insight = \"This module allows you to use the Mozilla embedding widget from Perl.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072228.html\");\n script_id(863698);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:53 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of perl-Gtk2-MozEmbed\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-Gtk2-MozEmbed\", rpm:\"perl-Gtk2-MozEmbed~0.09~1.fc15.8\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:07:52", "description": "Check for the Version of nspr", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nspr FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:863690", "href": "http://plugins.openvas.org/nasl.php?oid=863690", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nspr FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nspr on Fedora 15\";\ntag_insight = \"NSPR provides platform independence for non-GUI operating system\n facilities. These facilities include threads, thread synchronization,\n normal file and network I/O, interval timing and calendar time, basic\n memory management (malloc and free) and shared library linking.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072226.html\");\n script_id(863690);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:31 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nspr FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nspr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.9~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nspr FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863690", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863690", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nspr FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072226.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863690\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:31 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for nspr FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nspr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"nspr on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.9~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863698", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072228.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863698\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:53 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'perl-Gtk2-MozEmbed'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"perl-Gtk2-MozEmbed on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-Gtk2-MozEmbed\", rpm:\"perl-Gtk2-MozEmbed~0.09~1.fc15.8\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863960", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863960", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863960\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:35 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xulrunner'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"xulrunner on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-08T12:56:16", "description": "Check for the Version of nss", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:863804", "href": "http://plugins.openvas.org/nasl.php?oid=863804", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 16\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\");\n script_id(863804);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:18:59 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for nss FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2398-2 (curl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071249", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071249", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2398_2.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2398-2 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71249\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:55:40 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2398-2 (curl)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202398-2\");\n script_tag(name:\"insight\", value:\"cURL is a command-line tool and library for transferring data with URL\nsyntax. It was discovered that the countermeasures against the\nDai/Rogaway chosen-plaintext attack on SSL/TLS (CVE-2011-3389,\nBEAST) cause interoperability issues with some server\nimplementations. This update ads the the CURLOPT_SSL_OPTIONS and\nCURLSSLOPT_ALLOW_BEAST options to the library, and the\n\n - --ssl-allow-beast option to the curl program.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze2.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your curl packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"curl\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:56:45", "description": "Check for the Version of xulrunner", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:863960", "href": "http://plugins.openvas.org/nasl.php?oid=863960", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 16\";\ntag_insight = \"XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM\n applications that are as rich as Firefox and Thunderbird. It provides mechanisms\n for installing, upgrading, and uninstalling these applications. XULRunner also\n provides libxul, a solution which allows the embedding of Mozilla technologies\n in other projects and products.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\");\n script_id(863960);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:35 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072225.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863693\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:39 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for thunderbird FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"thunderbird on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~9.0~4.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-03T10:58:20", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863916", "href": "http://plugins.openvas.org/nasl.php?oid=863916", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 16\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071323.html\");\n script_id(863916);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:36:17 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for thunderbird FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~9.0~4.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:58:29", "description": "Check for the Version of nss-softokn", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:863955", "href": "http://plugins.openvas.org/nasl.php?oid=863955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-softokn on Fedora 16\";\ntag_insight = \"Network Security Services Softoken Cryptographic Module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071324.html\");\n script_id(863955);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:13 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-softokn\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.13.1~14.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071324.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863955\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:13 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-softokn'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"nss-softokn on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.13.1~14.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:57:46", "description": "Check for the Version of nss", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:863697", "href": "http://plugins.openvas.org/nasl.php?oid=863697", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 15\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072229.html\");\n script_id(863697);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:51 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nss FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~10.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863692", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072230.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863692\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:36 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-softokn'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"nss-softokn on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.13.1~15.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-02T21:10:44", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: fetchmail", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-04-25T00:00:00", "id": "OPENVAS:71832", "href": "http://plugins.openvas.org/nasl.php?oid=71832", "sourceData": "#\n#VID 18ce9a90-f269-11e1-be53-080027ef73ec\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 18ce9a90-f269-11e1-be53-080027ef73ec\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: fetchmail\n\nCVE-2011-3389\nThe SSL protocol, as used in certain configurations in Microsoft\nWindows and Microsoft Internet Explorer, Mozilla Firefox, Google\nChrome, Opera, and other products, encrypts data by using CBC mode\nwith chained initialization vectors, which allows man-in-the-middle\nattackers to obtain plaintext HTTP headers via a blockwise\nchosen-boundary attack (BCBA) on an HTTPS session, in conjunction with\nJavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java\nURLConnection API, or (3) the Silverlight WebClient API, aka a 'BEAST'\nattack.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71832);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 6022 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-25 14:51:04 +0200 (Tue, 25 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 11:34:17 -0400 (Thu, 30 Aug 2012)\");\n script_name(\"FreeBSD Ports: fetchmail\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"fetchmail\");\nif(!isnull(bver) && revcomp(a:bver, b:\"6.3.9\")>=0 && revcomp(a:bver, b:\"6.3.22\")<0) {\n txt += \"Package fetchmail version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864068", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864068", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071320.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864068\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:51 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"nss-util on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-04-27T19:22:53", "description": "The host is installed with Opera and is prone to information\n disclosure vulnerability.", "cvss3": {}, "published": "2011-09-09T00:00:00", "type": "openvas", "title": "Opera Extended Validation Information Disclosure Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3388", "CVE-2011-3389"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310802332", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Opera Extended Validation Information Disclosure Vulnerabilities (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802332\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-09-09 17:36:48 +0200 (Fri, 09 Sep 2011)\");\n script_cve_id(\"CVE-2011-3388\", \"CVE-2011-3389\");\n script_bugtraq_id(49388);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Opera Extended Validation Information Disclosure Vulnerabilities (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/45791\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id?1025997\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1000/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_opera_detect_portable_win.nasl\");\n script_mandatory_keys(\"Opera/Win/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers to steal sensitive security\n information.\");\n script_tag(name:\"affected\", value:\"Opera version before 11.51\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to an error when loading content from trusted\n sources in an unspecified sequence that causes the address field and page\n information dialog to contain security information based on the trusted site\n and loading an insecure site to appear secure via unspecified actions related\n to Extended Validation.\");\n script_tag(name:\"solution\", value:\"Upgrade to Opera version 11.51 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Opera and is prone to information\n disclosure vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/download/\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = get_kb_item(\"Opera/Win/Version\");\nif(!operaVer){\n exit(0);\n}\n\nif(version_is_less(version:operaVer, test_version:\"11.51\")){\n report = report_fixed_ver(installed_version:operaVer, fixed_version:\"11.51\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-26T15:08:31", "description": "The host is installed with Opera and is prone to information\n disclosure vulnerabilities.", "cvss3": {}, "published": "2012-04-06T00:00:00", "type": "openvas", "title": "Opera Extended Validation Information Disclosure Vulnerabilities (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3388", "CVE-2011-3389"], "modified": "2020-04-22T00:00:00", "id": "OPENVAS:1361412562310802830", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802830", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Opera Extended Validation Information Disclosure Vulnerabilities (Linux)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802830\");\n script_version(\"2020-04-22T10:27:30+0000\");\n script_cve_id(\"CVE-2011-3388\", \"CVE-2011-3389\");\n script_bugtraq_id(49388);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-04-22 10:27:30 +0000 (Wed, 22 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-04-06 12:13:30 +0530 (Fri, 06 Apr 2012)\");\n script_name(\"Opera Extended Validation Information Disclosure Vulnerabilities (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/45791\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id?1025997\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1000/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_linux_900037.nasl\");\n script_mandatory_keys(\"Opera/Linux/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers to steal sensitive security\n information.\");\n script_tag(name:\"affected\", value:\"Opera version before 11.51 on Linux\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to an error when loading content from trusted\n sources in an unspecified sequence that causes the address field and page\n information dialog to contain security information based on the trusted site\n and loading an insecure site to appear secure via unspecified actions related\n to Extended Validation.\");\n script_tag(name:\"solution\", value:\"Upgrade to Opera version 11.51 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Opera and is prone to information\n disclosure vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/download/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\noperaVer = get_kb_item(\"Opera/Linux/Version\");\nif(!operaVer){\n exit(0);\n}\n\nif(version_is_less(version:operaVer, test_version:\"11.51\")){\n report = report_fixed_ver(installed_version:operaVer, fixed_version:\"11.51\");\n security_message(port:0, data:report);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-02T21:10:58", "description": "The host is installed with Opera and is prone to information\n disclosure vulnerabilities.", "cvss3": {}, "published": "2012-04-06T00:00:00", "type": "openvas", "title": "Opera Extended Validation Information Disclosure Vulnerabilities (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3388", "CVE-2011-3389"], "modified": "2017-04-12T00:00:00", "id": "OPENVAS:802830", "href": "http://plugins.openvas.org/nasl.php?oid=802830", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_extented_validation_info_disc_vuln_lin.nasl 5940 2017-04-12 09:02:05Z teissa $\n#\n# Opera Extended Validation Information Disclosure Vulnerabilities (Linux)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation allows remote attackers to steal sensitive security\n information.\n Impact Level: Application\";\ntag_affected = \"Opera version before 11.51 on Linux\";\ntag_insight = \"Multiple flaws are due to an error when loading content from trusted\n sources in an unspecified sequence that causes the address field and page\n information dialog to contain security information based on the trusted site\n and loading an insecure site to appear secure via unspecified actions related\n to Extended Validation.\";\ntag_solution = \"Upgrade to Opera version 11.51 or later,\n For updates refer to http://www.opera.com/download/\";\ntag_summary = \"The host is installed with Opera and is prone to information\n disclosure vulnerabilities.\";\n\nif(description)\n{\n script_id(802830);\n script_version(\"$Revision: 5940 $\");\n script_cve_id(\"CVE-2011-3388\",\"CVE-2011-3389\");\n script_bugtraq_id(49388);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-12 11:02:05 +0200 (Wed, 12 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-06 12:13:30 +0530 (Fri, 06 Apr 2012)\");\n script_name(\"Opera Extended Validation Information Disclosure Vulnerabilities (Linux)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/45791\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id?1025997\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1000/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_linux_900037.nasl\");\n script_require_keys(\"Opera/Linux/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\noperaVer = NULL;\n\n## Get the version\noperaVer = get_kb_item(\"Opera/Linux/Version\");\nif(!operaVer){\n exit(0);\n}\n\n# Check for opera version < 11.51\nif(version_is_less(version:operaVer, test_version:\"11.51\")){\n security_message(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:06", "description": "The remote host is missing an update to curl\nannounced via advisory DSA 2398-1.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2398-1 (curl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0036"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070715", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070715", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2398_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2398-1 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70715\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0036\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:35:15 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2398-1 (curl)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202398-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in Curl, an URL transfer\nlibrary. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2011-3389\n\nThis update enables OpenSSL workarounds against the BEAST attack.\n\nCVE-2012-0036\n\nDan Fandrich discovered that Curl performs insufficient sanitising\nwhen extracting the file path part of an URL.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 7.18.2-8lenny6.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.24.0-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your curl packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to curl\nannounced via advisory DSA 2398-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"curl\", ver:\"7.18.2-8lenny6\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.18.2-8lenny6\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.18.2-8lenny6\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.18.2-8lenny6\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.18.2-8lenny6\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.18.2-8lenny6\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"curl\", ver:\"7.21.0-2