Vulnerabilities > CVE-2012-0390 - Cryptographic Issues vulnerability in GNU Gnutls

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

gnu

CWE-310

nessus

NVD

Published: 2012-01-06

Updated: 2014-03-26

Summary

The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108.

Vulnerable Configurations

Part	Description	Count
Application	Gnu GNU Gnutls 2.2.4 GNU Gnutls 2.2.5 GNU Gnutls 2.4.0 GNU Gnutls 2.4.1 GNU Gnutls 2.4.2 GNU Gnutls 2.4.3 GNU Gnutls 2.6.0 GNU Gnutls 2.6.1 GNU Gnutls 2.6.2 GNU Gnutls 2.6.3 GNU Gnutls 2.6.4 GNU Gnutls 2.6.5 GNU Gnutls 2.6.6 GNU Gnutls 2.8.0 GNU Gnutls 2.8.1 GNU Gnutls 2.8.2 GNU Gnutls 2.8.3 GNU Gnutls 2.8.4 GNU Gnutls 2.8.5 GNU Gnutls 2.8.6 GNU Gnutls 2.10.0 GNU Gnutls 2.10.1 GNU Gnutls 2.10.1-X86 GNU Gnutls 2.10.2 GNU Gnutls 2.10.2-X86 GNU Gnutls 2.10.3 GNU Gnutls 2.10.4 GNU Gnutls 2.10.5 GNU Gnutls 2.10.5-X86 GNU Gnutls 2.12.0 GNU Gnutls 2.12.1 GNU Gnutls 2.12.2 GNU Gnutls 2.12.3 GNU Gnutls 2.12.4 GNU Gnutls 2.12.5 GNU Gnutls 2.12.6 GNU Gnutls 2.12.6.1 GNU Gnutls 2.12.7 GNU Gnutls 2.12.8 GNU Gnutls 2.12.9 GNU Gnutls 2.12.10 GNU Gnutls 2.12.11 GNU Gnutls 2.12.12 GNU Gnutls 2.12.13 GNU Gnutls 2.12.14 GNU Gnutls 3.0.0 GNU Gnutls 3.0.1 GNU Gnutls 3.0.2 GNU Gnutls 3.0.3 GNU Gnutls 3.0.4 GNU Gnutls 3.0.5 GNU Gnutls 3.0.6 GNU Gnutls 3.0.7 GNU Gnutls 3.0.8 GNU Gnutls 3.0.9 GNU Gnutls - GNU Gnutls 1.0.16 GNU Gnutls 1.0.17 GNU Gnutls 1.0.18 GNU Gnutls 1.0.19 GNU Gnutls 1.0.20 GNU Gnutls 1.0.21 GNU Gnutls 1.0.22 GNU Gnutls 1.0.23 GNU Gnutls 1.0.24 GNU Gnutls 1.0.25 GNU Gnutls 1.1.13 GNU Gnutls 1.1.14 GNU Gnutls 1.1.15 GNU Gnutls 1.1.16 GNU Gnutls 1.1.17 GNU Gnutls 1.1.18 GNU Gnutls 1.1.19 GNU Gnutls 1.1.20 GNU Gnutls 1.1.21 GNU Gnutls 1.1.22 GNU Gnutls 1.1.23 GNU Gnutls 1.2.0 GNU Gnutls 1.2.1 GNU Gnutls 1.2.2 GNU Gnutls 1.2.3 GNU Gnutls 1.2.4 GNU Gnutls 1.2.5 GNU Gnutls 1.2.6 GNU Gnutls 1.2.7 GNU Gnutls 1.2.8 GNU Gnutls 1.2.8.1A1 GNU Gnutls 1.2.9 GNU Gnutls 1.2.10 GNU Gnutls 1.2.11 GNU Gnutls 1.3.0 GNU Gnutls 1.3.1 GNU Gnutls 1.3.2 GNU Gnutls 1.3.3 GNU Gnutls 1.3.4 GNU Gnutls 1.3.5 GNU Gnutls 1.4.0 GNU Gnutls 1.4.1 GNU Gnutls 1.4.2 GNU Gnutls 1.4.3 GNU Gnutls 1.4.4 GNU Gnutls 1.4.5 GNU Gnutls 1.5.0 GNU Gnutls 1.5.1 GNU Gnutls 1.5.2 GNU Gnutls 1.5.3 GNU Gnutls 1.5.4 GNU Gnutls 1.5.5 GNU Gnutls 1.6.0 GNU Gnutls 1.6.1 GNU Gnutls 1.6.2 GNU Gnutls 1.6.3 GNU Gnutls 1.7.0 GNU Gnutls 1.7.1 GNU Gnutls 1.7.2 GNU Gnutls 1.7.3 GNU Gnutls 1.7.4 GNU Gnutls 1.7.5 GNU Gnutls 1.7.6 GNU Gnutls 1.7.7 GNU Gnutls 1.7.8 GNU Gnutls 1.7.9 GNU Gnutls 1.7.10 GNU Gnutls 1.7.11 GNU Gnutls 1.7.12 GNU Gnutls 1.7.13 GNU Gnutls 1.7.14 GNU Gnutls 1.7.15 GNU Gnutls 1.7.16 GNU Gnutls 1.7.17 GNU Gnutls 1.7.18 GNU Gnutls 1.7.19 GNU Gnutls 2.0.0 GNU Gnutls 2.0.1 GNU Gnutls 2.0.2 GNU Gnutls 2.0.3 GNU Gnutls 2.0.4 GNU Gnutls 2.1.0 GNU Gnutls 2.1.1 GNU Gnutls 2.1.2 GNU Gnutls 2.1.3 GNU Gnutls 2.1.4 GNU Gnutls 2.1.5 GNU Gnutls 2.1.6 GNU Gnutls 2.1.7 GNU Gnutls 2.1.8 GNU Gnutls 2.2.0 GNU Gnutls 2.2.1 GNU Gnutls 2.2.2 GNU Gnutls 2.2.3 GNU Gnutls 2.3.0 GNU Gnutls 2.3.1 GNU Gnutls 2.3.2 GNU Gnutls 2.3.3 GNU Gnutls 2.3.4 GNU Gnutls 2.3.5 GNU Gnutls 2.3.6 GNU Gnutls 2.3.7 GNU Gnutls 2.3.8 GNU Gnutls 2.3.9 GNU Gnutls 2.3.10 GNU Gnutls 2.3.11 GNU Gnutls 2.5.0 GNU Gnutls 2.7.0 GNU Gnutls 2.7.1 GNU Gnutls 2.7.2 GNU Gnutls 2.7.3 GNU Gnutls 2.7.4 GNU Gnutls 2.7.5 GNU Gnutls 2.7.6 GNU Gnutls 2.12.15 GNU Gnutls 2.12.16 GNU Gnutls 2.12.17 GNU Gnutls 2.12.18 GNU Gnutls 2.12.19 GNU Gnutls 2.12.20 GNU Gnutls 2.12.21 GNU Gnutls 2.12.22 GNU Gnutls 2.12.23 GNU Gnutls 2.12.24 GNU Gnutls 3.0 GNU Gnutls 3.0.10	182

Common Weakness Enumeration (CWE)

CWE-310 - Cryptographic Issues

Common Attack Pattern Enumeration and Classification (CAPEC)

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Nessus

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_4_GNUTLS-120217.NASL
description	This update of GnuTLS fixes a vulnerability in the DTLS implementation which could allow remote attackers to recover partial plaintext via a timing side-channel attack. (CVE-2012-0390).
last seen	2020-06-05
modified	2014-06-13
plugin id	75856
published	2014-06-13
reporter	This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/75856
title	openSUSE Security Update : gnutls (openSUSE-SU-2012:0344-1)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update gnutls-5827. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75856); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-0390"); script_name(english:"openSUSE Security Update : gnutls (openSUSE-SU-2012:0344-1)"); script_summary(english:"Check for the gnutls-5827 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of GnuTLS fixes a vulnerability in the DTLS implementation which could allow remote attackers to recover partial plaintext via a timing side-channel attack. (CVE-2012-0390)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=739898" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2012-03/msg00010.html" ); script_set_attribute( attribute:"solution", value:"Update the affected gnutls packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra26"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra26-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls26"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls26-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls26-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls26-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"gnutls-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gnutls-debuginfo-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"gnutls-debugsource-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgnutls-devel-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgnutls-extra-devel-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgnutls-extra26-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgnutls-extra26-debuginfo-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgnutls26-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"libgnutls26-debuginfo-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libgnutls26-32bit-2.8.6-5.8.1") ) flag++; if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"libgnutls26-debuginfo-32bit-2.8.6-5.8.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gnutls"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_GNUTLS-8066.NASL
description	This update of GnuTLS fixes multiple vulnerabilities : - remote attackers could cause a denial of service (heap memory corruption and application crash) via an issue in the asn1_get_length_der() function. (CVE-2012-1569) - crafted GenericBlockCipher structures allow remote attackers to cause a denial of service (heap memory corruption and application crash). (CVE-2012-1573) - A vulnerability in the DTLS implementation which could allow remote attackers to recover partial plaintext via a timing side-channel attack was fixed. (CVE-2012-0390)
last seen	2020-06-05
modified	2012-07-03
plugin id	59829
published	2012-07-03
reporter	This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/59829
title	SuSE 10 Security Update : GnuTLS (ZYPP Patch Number 8066)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(59829); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-0390", "CVE-2012-1569", "CVE-2012-1573"); script_name(english:"SuSE 10 Security Update : GnuTLS (ZYPP Patch Number 8066)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update of GnuTLS fixes multiple vulnerabilities : - remote attackers could cause a denial of service (heap memory corruption and application crash) via an issue in the asn1_get_length_der() function. (CVE-2012-1569) - crafted GenericBlockCipher structures allow remote attackers to cause a denial of service (heap memory corruption and application crash). (CVE-2012-1573) - A vulnerability in the DTLS implementation which could allow remote attackers to recover partial plaintext via a timing side-channel attack was fixed. (CVE-2012-0390)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-0390.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-1569.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-1573.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 8066."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/04/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/07/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:4, reference:"gnutls-1.2.10-13.30.1")) flag++; if (rpm_check(release:"SLED10", sp:4, reference:"gnutls-devel-1.2.10-13.30.1")) flag++; if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"gnutls-32bit-1.2.10-13.30.1")) flag++; if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"gnutls-devel-32bit-1.2.10-13.30.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"gnutls-1.2.10-13.30.1")) flag++; if (rpm_check(release:"SLES10", sp:4, reference:"gnutls-devel-1.2.10-13.30.1")) flag++; if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"gnutls-32bit-1.2.10-13.30.1")) flag++; if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"gnutls-devel-32bit-1.2.10-13.30.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2012-121.NASL
description	Fix GnuTLS DTLS plaintext recovery attack
last seen	2020-06-05
modified	2014-06-13
plugin id	74550
published	2014-06-13
reporter	This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/74550
title	openSUSE Security Update : gnutls (openSUSE-2012-121)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2012-121. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(74550); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-0390"); script_name(english:"openSUSE Security Update : gnutls (openSUSE-2012-121)"); script_summary(english:"Check for the openSUSE-2012-121 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value:"Fix GnuTLS DTLS plaintext recovery attack" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=739898" ); script_set_attribute( attribute:"solution", value:"Update the affected gnutls packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra28"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-extra28-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl27"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl27-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx28"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx28-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE12.1", reference:"gnutls-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"gnutls-debuginfo-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"gnutls-debugsource-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-devel-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-extra-devel-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-extra28-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-extra28-debuginfo-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-openssl-devel-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-openssl27-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls-openssl27-debuginfo-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls28-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutls28-debuginfo-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutlsxx-devel-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutlsxx28-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", reference:"libgnutlsxx28-debuginfo-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libgnutls-devel-32bit-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libgnutls28-32bit-3.0.3-5.3.1") ) flag++; if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libgnutls28-debuginfo-32bit-3.0.3-5.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gnutls / gnutls-debuginfo / gnutls-debugsource / libgnutls-devel / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_GNUTLS-120615.NASL
description	This update of GnuTLS fixes multiple vulnerabilities : - remote attackers could cause a denial of service (heap memory corruption and application crash) via an issue in the asn1_get_length_der() function. (CVE-2012-1569) - crafted GenericBlockCipher structures allow remote attackers to cause a denial of service (heap memory corruption and application crash). (CVE-2012-1573) - A vulnerability in the DTLS implementation which could allow remote attackers to recover partial plaintext via a timing side-channel attack was fixed. (CVE-2012-0390) In addition, support for customizing the signing function was added.
last seen	2020-06-05
modified	2013-01-25
plugin id	64152
published	2013-01-25
reporter	This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/64152
title	SuSE 11.1 Security Update : GnuTLS (SAT Patch Number 6448)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(64152); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2012-0390", "CVE-2012-1569", "CVE-2012-1573"); script_name(english:"SuSE 11.1 Security Update : GnuTLS (SAT Patch Number 6448)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update of GnuTLS fixes multiple vulnerabilities : - remote attackers could cause a denial of service (heap memory corruption and application crash) via an issue in the asn1_get_length_der() function. (CVE-2012-1569) - crafted GenericBlockCipher structures allow remote attackers to cause a denial of service (heap memory corruption and application crash). (CVE-2012-1573) - A vulnerability in the DTLS implementation which could allow remote attackers to recover partial plaintext via a timing side-channel attack was fixed. (CVE-2012-0390) In addition, support for customizing the signing function was added." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=739898" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=753301" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=754223" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=754953" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-0390.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-1569.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-1573.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 6448."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:gnutls"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libgnutls-extra26"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libgnutls26"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libgnutls26-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2012/06/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) \|\| int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"gnutls-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"libgnutls26-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"gnutls-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"libgnutls26-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"libgnutls26-32bit-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"gnutls-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"libgnutls-extra26-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"libgnutls26-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"s390x", reference:"libgnutls26-32bit-2.4.1-24.39.39.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"libgnutls26-32bit-2.4.1-24.39.39.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

References