Vulnerabilities > CVE-2003-0851

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

Nessus

  • NASL familyWeb Servers
    NASL idOPENSSL_0_9_6L.NASL
    descriptionAccording to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.6l. A remote attacker can trigger a denial of service by using an invalid client certificate.
    last seen2020-06-01
    modified2020-06-02
    plugin id17749
    published2012-01-04
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/17749
    titleOpenSSL < 0.9.6l Denial of Service
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(17749);
      script_version("1.9");
      script_cvs_date("Date: 2018/11/15 20:50:25");
    
      script_cve_id("CVE-2003-0851");
      script_bugtraq_id(8970);
      script_xref(name:"CERT", value:"412478");
    
      script_name(english:"OpenSSL < 0.9.6l Denial of Service");
      script_summary(english:"Does a banner check");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote server is vulnerable to a denial of service attack.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the remote server is running a version of
    OpenSSL that is earlier than 0.9.6l. 
    
    A remote attacker can trigger a denial of service by using an invalid
    client certificate.");
      script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20031104.txt");
      script_set_attribute(attribute:"see_also", value:"https://marc.info/?l=bugtraq&m=106796246511667&w=2");
      script_set_attribute(attribute:"solution", value:"Upgrade to OpenSSL 0.9.6l or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2003/11/04");
      script_set_attribute(attribute:"patch_publication_date", value:"2003/11/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/04");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:openssl:openssl");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Web Servers");
    
      script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");
    
      script_dependencies("openssl_version.nasl");
      script_require_keys("openssl/port");
    
      exit(0);
    }
    
    include("openssl_version.inc");
    
    openssl_check_version(fixed:'0.9.6l', severity:SECURITY_WARNING);
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2004-119.NASL
    descriptionUpdated OpenSSL packages that fix a remote denial of service vulnerability are now available for Red Hat Enterprise Linux 2.1. OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool uncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that can lead to a denial of service attack (infinite loop). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0081 to this issue. Testing performed by Novell using a test suite provided by NISCC uncovered an issue in the ASN.1 parser in versions of OpenSSL 0.9.6 prior to 0.9.6l which could cause large recursion and possibly lead to a denial of service attack if used where stack space is limited. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0851 to this issue. These updated packages contain patches provided by the OpenSSL group that protect against these issues. NOTE: Because server applications are affected by this issue, users are advised to either restart all services using OpenSSL functionality or restart their system after installing these updated packages.
    last seen2020-06-01
    modified2020-06-02
    plugin id12479
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/12479
    titleRHEL 2.1 : openssl (RHSA-2004:119)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2004:119. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(12479);
      script_version ("1.27");
      script_cvs_date("Date: 2019/10/25 13:36:10");
    
      script_cve_id("CVE-2003-0851", "CVE-2004-0081");
      script_bugtraq_id(8970, 9899);
      script_xref(name:"RHSA", value:"2004:119");
    
      script_name(english:"RHEL 2.1 : openssl (RHSA-2004:119)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated OpenSSL packages that fix a remote denial of service
    vulnerability are now available for Red Hat Enterprise Linux 2.1.
    
    OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3)
    and Transport Layer Security (TLS v1) protocols as well as a
    full-strength general purpose cryptography library.
    
    Testing performed by the OpenSSL group using the Codenomicon TLS Test
    Tool uncovered a bug in older versions of OpenSSL 0.9.6 prior to
    0.9.6d that can lead to a denial of service attack (infinite loop).
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CVE-2004-0081 to this issue.
    
    Testing performed by Novell using a test suite provided by NISCC
    uncovered an issue in the ASN.1 parser in versions of OpenSSL 0.9.6
    prior to 0.9.6l which could cause large recursion and possibly lead to
    a denial of service attack if used where stack space is limited. The
    Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CVE-2003-0851 to this issue.
    
    These updated packages contain patches provided by the OpenSSL group
    that protect against these issues.
    
    NOTE: Because server applications are affected by this issue, users
    are advised to either restart all services using OpenSSL functionality
    or restart their system after installing these updated packages."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2003-0851"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-0081"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.codenomicon.com/testtools/tls/"
      );
      # http://www.niscc.gov.uk/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.cpni.gov.uk/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2004:119"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openssl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openssl-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openssl095a");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openssl096");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2003/12/01");
      script_set_attribute(attribute:"patch_publication_date", value:"2004/03/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^2\.1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2004:119";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"openssl-0.9.6b-36")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i686", reference:"openssl-0.9.6b-36")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"openssl-devel-0.9.6b-36")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"openssl-perl-0.9.6b-36")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"openssl095a-0.9.5a-24")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"openssl096-0.9.6-25.7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openssl / openssl-devel / openssl-perl / openssl095a / openssl096");
      }
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2004-095.NASL
    descriptionThis update includes OpenSSL packages to fix two security issues affecting OpenSSL 0.9.7a which allow denial of service attacks; CVE-2004-0079 and CVE-2003-0851. Also included are updates for the OpenSSL 0.9.6 and 0.9.6b compatibility libraries included in Fedora Core 1, fixing a separate issue which could also lead to a denial of service attack; CVE-2004-0081. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id13684
    published2004-07-23
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13684
    titleFedora Core 1 : openssl-0.9.7a-33.10 (2004-095)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2004-095.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(13684);
      script_version ("1.18");
      script_cvs_date("Date: 2019/08/02 13:32:23");
    
      script_cve_id("CVE-2004-0079", "CVE-2004-0081");
      script_xref(name:"FEDORA", value:"2004-095");
    
      script_name(english:"Fedora Core 1 : openssl-0.9.7a-33.10 (2004-095)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora Core host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update includes OpenSSL packages to fix two security issues
    affecting OpenSSL 0.9.7a which allow denial of service attacks;
    CVE-2004-0079 and CVE-2003-0851.
    
    Also included are updates for the OpenSSL 0.9.6 and 0.9.6b
    compatibility libraries included in Fedora Core 1, fixing a separate
    issue which could also lead to a denial of service attack;
    CVE-2004-0081.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      # https://lists.fedoraproject.org/pipermail/announce/2004-March/000095.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5539ab6e"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl096");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl096-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl096b");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl096b-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2004/03/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 1.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC1", reference:"openssl-0.9.7a-33.10")) flag++;
    if (rpm_check(release:"FC1", reference:"openssl-debuginfo-0.9.7a-33.10")) flag++;
    if (rpm_check(release:"FC1", reference:"openssl-devel-0.9.7a-33.10")) flag++;
    if (rpm_check(release:"FC1", reference:"openssl-perl-0.9.7a-33.10")) flag++;
    if (rpm_check(release:"FC1", reference:"openssl096-0.9.6-26")) flag++;
    if (rpm_check(release:"FC1", reference:"openssl096-debuginfo-0.9.6-26")) flag++;
    if (rpm_check(release:"FC1", reference:"openssl096b-0.9.6b-18")) flag++;
    if (rpm_check(release:"FC1", reference:"openssl096b-debuginfo-0.9.6b-18")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2005-1042.NASL
    descriptionCVE-2004-0079, a remote crasher, was originally believed to only affect versions of OpenSSL after 0.9.6b verified with Codenomicon test suite (see pkt539.c). However we
    last seen2020-06-01
    modified2020-06-02
    plugin id20114
    published2005-11-02
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20114
    titleFedora Core 3 : openssl096b-0.9.6b-21.42 (2005-1042)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2005-1042.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(20114);
      script_version ("1.14");
      script_cvs_date("Date: 2019/08/02 13:32:23");
    
      script_cve_id("CVE-2003-0851", "CVE-2004-0079");
      script_bugtraq_id(8970, 9899);
      script_xref(name:"FEDORA", value:"2005-1042");
    
      script_name(english:"Fedora Core 3 : openssl096b-0.9.6b-21.42 (2005-1042)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora Core host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "CVE-2004-0079, a remote crasher, was originally believed to only
    affect versions of OpenSSL after 0.9.6b verified with Codenomicon test
    suite (see pkt539.c). However we've had a customer report that this
    affects 0.9.6b via a different reproducer. This therefore affects the
    openssl096b compat packages as shipped with FC-3.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      # https://lists.fedoraproject.org/pipermail/announce/2005-October/001532.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a715297f"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected openssl096b and / or openssl096b-debuginfo
    packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl096b");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openssl096b-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/10/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/11/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 3.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC3", reference:"openssl096b-0.9.6b-21.42")) flag++;
    if (rpm_check(release:"FC3", reference:"openssl096b-debuginfo-0.9.6b-21.42")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openssl096b / openssl096b-debuginfo");
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD20031219.NASL
    descriptionThe remote host is missing Security Update 2003-12-19. This security update includes the following components : - AFP Server - cd9600.util - Directory Services - fetchmail - fs_usage - rsync - System Initialization For MacOS X 10.3, it also includes : - ASN.1 Decoding for PKI This update contains various fixes which may allow an attacker to execute arbitrary code on the remote host.
    last seen2020-06-01
    modified2020-06-02
    plugin id12516
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/12516
    titleMac OS X Multiple Vulnerabilities (Security Update 2003-12-19)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    
    include("compat.inc");
    
    if(description)
    {
     script_id(12516);
     script_version ("1.17");
     script_cve_id("CVE-2003-1007", "CVE-2003-1008", "CVE-2003-1010", "CVE-2003-1011",
                   "CVE-2003-1006", "CVE-2003-0962", "CVE-2003-1009", "CVE-2003-0851", "CVE-2003-0792");
    
     script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2003-12-19)");
     
     script_set_attribute(attribute:"synopsis", value:
    "The remote host is missing a Mac OS X security update." );
     script_set_attribute(attribute:"description", value:
    "The remote host is missing Security Update 2003-12-19.
    
    This security update includes the following components :
    
     - AFP Server
     - cd9600.util
     - Directory Services
     - fetchmail
     - fs_usage
     - rsync
     - System Initialization
    
    For MacOS X 10.3, it also includes :
    
     - ASN.1 Decoding for PKI
    
    This update contains various fixes which may allow an attacker to execute
    arbitrary code on the remote host." );
     # http://web.archive.org/web/20060418210647/http://docs.info.apple.com/article.html?artnum=120291
     script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?44c2938e");
     script_set_attribute(attribute:"solution", value:
    "Install security update 2003-12-19. For more information,
    see http://support.apple.com/kb/HT1646." );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
     script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
     script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
     script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/06");
     script_set_attribute(attribute:"vuln_publication_date", value: "2003/10/20");
     script_set_attribute(attribute:"patch_publication_date", value: "2003/12/19");
     script_cvs_date("Date: 2018/07/14  1:59:35");
    script_set_attribute(attribute:"plugin_type", value:"local");
    script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
    script_end_attributes();
    
     script_summary(english:"Check for Security Update 2003-12-19");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
     script_family(english:"MacOS X Local Security Checks");
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/MacOSX/packages");
     exit(0);
    }
    
    #
    
    packages = get_kb_item("Host/MacOSX/packages");
    if ( ! packages ) exit(0);
    
    uname = get_kb_item("Host/uname");
    
    # Security Update 2004-05-03 actually includes this update for MacOS X 10.2.8 Client
    if ( egrep(pattern:"Darwin.* 6\.8\.", string:uname) )
    {
     if ( egrep(pattern:"^SecUpd2004-05-03", string:packages) ) exit(0);
    }
    
    
    
    # MacOS X 10.2.8 and 10.3.3 only
    if ( egrep(pattern:"Darwin.* (6\.8\.|7\.[12]\.)", string:uname) )
    {
      if ( ! egrep(pattern:"^SecurityUpd2003-12-19", string:packages) ) security_hole(0);
    }
    

Oval

accepted2008-09-08T04:00:26.119-04:00
classvulnerability
contributors
nameYuzheng Zhou
organizationHewlett-Packard
descriptionOpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
familyios
idoval:org.mitre.oval:def:5528
statusaccepted
submitted2008-05-02T11:06:36.000-04:00
titleOpenSSL 0.9.6k ASN.1 DoS Vulnerability
version4

Redhat

advisories
rhsa
idRHSA-2004:119