Vulnerabilities > CVE-2015-3195 - Information Exposure vulnerability in multiple products

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
LOW

Summary

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.

Vulnerable Configurations

Part Description Count
OS
Apple
99
OS
Oracle
38
OS
Redhat
18
OS
Canonical
4
OS
Debian
2
OS
Opensuse
4
OS
Suse
1
OS
Fedoraproject
1
Application
Oracle
152
Application
Openssl
163

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Browser Fingerprinting
    An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

  • NASL familyWeb Servers
    NASL idOPENSSL_0_9_8ZH.NASL
    descriptionAccording to its banner, the remote host is running a version of OpenSSL 0.9.8 prior to 0.9.8zh. It is, therefore, affected by a flaw in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id87219
    published2015-12-07
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87219
    titleOpenSSL 0.9.8 < 0.9.8zh X509_ATTRIBUTE Memory Leak DoS
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87219);
      script_version("1.15");
      script_cvs_date("Date: 2019/11/22");
    
      script_cve_id("CVE-2015-3195");
      script_bugtraq_id(78626);
    
      script_name(english:"OpenSSL 0.9.8 < 0.9.8zh X509_ATTRIBUTE Memory Leak DoS");
      script_summary(english:"Performs a banner check.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host is affected by a denial of service vulnerability.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the remote host is running a version of
    OpenSSL 0.9.8 prior to 0.9.8zh. It is, therefore, affected by a flaw
    in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to
    handling malformed X509_ATTRIBUTE structures. A remote attacker can
    exploit this to cause a memory leak by triggering a decoding failure
    in a PKCS#7 or CMS application, resulting in a denial of service.");
      script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20151203.txt");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to OpenSSL version 0.9.8zh or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3195");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/12/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/07");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:openssl:openssl");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Web Servers");
    
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("openssl_version.nasl");
      script_require_keys("openssl/port");
    
      exit(0);
    }
    
    include("openssl_version.inc");
    
    openssl_check_version(fixed:'0.9.8zh', min:"0.9.8", severity:SECURITY_WARNING);
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-294.NASL
    descriptionThis update for libopenssl0_9_8 fixes the following issues : - CVE-2016-0800 aka the
    last seen2020-06-05
    modified2016-03-04
    plugin id89651
    published2016-03-04
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89651
    titleopenSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-294) (DROWN) (FREAK) (POODLE)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-294.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(89651);
      script_version("1.20");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2013-0166", "CVE-2013-0169", "CVE-2014-0076", "CVE-2014-0195", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2014-3505", "CVE-2014-3506", "CVE-2014-3507", "CVE-2014-3508", "CVE-2014-3510", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3195", "CVE-2015-3197", "CVE-2016-0797", "CVE-2016-0799", "CVE-2016-0800");
    
      script_name(english:"openSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-294) (DROWN) (FREAK) (POODLE)");
      script_summary(english:"Check for the openSUSE-2016-294 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for libopenssl0_9_8 fixes the following issues :
    
      - CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
        OpenSSL was vulnerable to a cross-protocol attack that
        could lead to decryption of TLS sessions by using a
        server supporting SSLv2 and EXPORT cipher suites as a
        Bleichenbacher RSA padding oracle.
    
        This update changes the openssl library to :
    
      - Disable SSLv2 protocol support by default.
    
        This can be overridden by setting the environment
        variable 'OPENSSL_ALLOW_SSL2' or by using
        SSL_CTX_clear_options using the SSL_OP_NO_SSLv2 flag.
    
        Note that various services and clients had already
        disabled SSL protocol 2 by default previously.
    
      - Disable all weak EXPORT ciphers by default. These can be
        reenabled if required by old legacy software using the
        environment variable 'OPENSSL_ALLOW_EXPORT'.
    
      - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and
        BN_dec2bn() functions had a bug that could result in an
        attempt to de-reference a NULL pointer leading to
        crashes. This could have security consequences if these
        functions were ever called by user applications with
        large untrusted hex/decimal data. Also, internal usage
        of these functions in OpenSSL uses data from config
        files or application command line arguments. If user
        developed applications generated config file data based
        on untrusted data, then this could have had security
        consequences as well.
    
      - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the
        internal fmtstr() and doapr_outch() functions could
        miscalculate the length of a string and attempt to
        access out-of-bounds memory locations. These problems
        could have enabled attacks where large amounts of
        untrusted data is passed to the BIO_*printf functions.
        If applications use these functions in this way then
        they could have been vulnerable. OpenSSL itself uses
        these functions when printing out human-readable dumps
        of ASN.1 data. Therefore applications that print this
        data could have been vulnerable if the data is from
        untrusted sources. OpenSSL command line applications
        could also have been vulnerable when they print out
        ASN.1 data, or if untrusted data is passed as command
        line arguments. Libssl is not considered directly
        vulnerable.
    
      - The package was updated to 0.9.8zh :
    
      - fixes many security vulnerabilities (not separately
        listed): CVE-2015-3195, CVE-2015-1788, CVE-2015-1789,
        CVE-2015-1790, CVE-2015-1792, CVE-2015-1791,
        CVE-2015-0286, CVE-2015-0287, CVE-2015-0289,
        CVE-2015-0293, CVE-2015-0209, CVE-2015-0288,
        CVE-2014-3571, CVE-2014-3569, CVE-2014-3572,
        CVE-2015-0204, CVE-2014-8275, CVE-2014-3570,
        CVE-2014-3567, CVE-2014-3568, CVE-2014-3566,
        CVE-2014-3510, CVE-2014-3507, CVE-2014-3506,
        CVE-2014-3505, CVE-2014-3508, CVE-2014-0224,
        CVE-2014-0221, CVE-2014-0195, CVE-2014-3470,
        CVE-2014-0076, CVE-2013-0169, CVE-2013-0166
    
      - avoid running OPENSSL_config twice. This avoids breaking
        engine loading. (boo#952871, boo#967787)
    
      - fix CVE-2015-3197 (boo#963415)
    
      - SSLv2 doesn't block disabled ciphers"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=952871"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963415"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=967787"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968046"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968048"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968374"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libopenssl0_9_8 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debugsource");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/03/03");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.2|SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2 / 42.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl0_9_8-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl0_9_8-debuginfo-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl0_9_8-debugsource-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libopenssl0_9_8-32bit-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libopenssl0_9_8-debuginfo-32bit-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libopenssl0_9_8-0.9.8zh-14.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libopenssl0_9_8-debuginfo-0.9.8zh-14.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libopenssl0_9_8-debugsource-0.9.8zh-14.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libopenssl0_9_8-32bit-0.9.8zh-14.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libopenssl0_9_8-debuginfo-32bit-0.9.8zh-14.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libopenssl0_9_8 / libopenssl0_9_8-32bit / libopenssl0_9_8-debuginfo / etc");
    }
    
  • NASL familyWeb Servers
    NASL idOPENSSL_1_0_0T.NASL
    descriptionAccording to its banner, the remote host is running a version of OpenSSL 1.0.0 prior to 1.0.0t. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196)
    last seen2020-06-01
    modified2020-06-02
    plugin id87220
    published2015-12-07
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87220
    titleOpenSSL 1.0.0 < 1.0.0t Multiple DoS
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87220);
      script_version("1.15");
      script_cvs_date("Date: 2019/11/22");
    
      script_cve_id("CVE-2015-3195", "CVE-2015-3196");
      script_bugtraq_id(78622, 78626);
    
      script_name(english:"OpenSSL 1.0.0 < 1.0.0t Multiple DoS");
      script_summary(english:"Performs a banner check.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host is affected by multiple denial of service
    vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the remote host is running a version of
    OpenSSL 1.0.0 prior to 1.0.0t. It is, therefore, affected by the
    following vulnerabilities :
    
      - A flaw exists in the ASN1_TFLG_COMBINE implementation in
        file tasn_dec.c related to handling malformed
        X509_ATTRIBUTE structures. A remote attacker can exploit
        this to cause a memory leak by triggering a decoding
        failure in a PKCS#7 or CMS application, resulting in a
        denial of service. (CVE-2015-3195)
    
      - A race condition exists in s3_clnt.c that is triggered
        when PSK identity hints are incorrectly updated in the
        parent SSL_CTX structure when they are received by a
        multi-threaded client. A remote attacker can exploit
        this, via a crafted ServerKeyExchange message, to cause
        a double-free memory error, resulting in a denial of
        service. (CVE-2015-3196)");
      script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20151203.txt");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to OpenSSL version 1.0.0t or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3195");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/12/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/07");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:openssl:openssl");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Web Servers");
    
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("openssl_version.nasl");
      script_require_keys("openssl/port");
    
      exit(0);
    }
    
    include("openssl_version.inc");
    
    openssl_check_version(fixed:'1.0.0t', min:"1.0.0", severity:SECURITY_WARNING);
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0678-1.NASL
    descriptionOpenSSL was update to fix security issues and bugs : CVE-2016-0800 aka the
    last seen2020-06-01
    modified2020-06-02
    plugin id89731
    published2016-03-08
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89731
    titleSUSE SLES10 Security Update : OpenSSL (SUSE-SU-2016:0678-1) (DROWN)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2016:0678-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(89731);
      script_version("2.16");
      script_cvs_date("Date: 2019/09/11 11:22:13");
    
      script_cve_id("CVE-2015-0287", "CVE-2015-0293", "CVE-2015-3195", "CVE-2015-3197", "CVE-2016-0703", "CVE-2016-0704", "CVE-2016-0797", "CVE-2016-0799", "CVE-2016-0800");
      script_bugtraq_id(73227, 73232);
    
      script_name(english:"SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2016:0678-1) (DROWN)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "OpenSSL was update to fix security issues and bugs :
    
    CVE-2016-0800 aka the 'DROWN' attack (bsc#968046): OpenSSL was
    vulnerable to a cross-protocol attack that could lead to decryption of
    TLS sessions by using a server supporting SSLv2 and EXPORT cipher
    suites as a Bleichenbacher RSA padding oracle. This update changes the
    OpenSSL library to :
    
    Disable SSLv2 protocol support by default. This can be overridden by
    setting the environment variable 'OPENSSL_ALLOW_SSL2' or by using
    SSL_CTX_clear_options using the SSL_OP_NO_SSLv2 flag. Note that
    various services and clients had already disabled SSL protocol 2 by
    default previously.
    
    Disable all weak EXPORT ciphers by default. These can be re-enabled if
    required by old legacy software using the environment variable
    'OPENSSL_ALLOW_EXPORT'.
    
    CVE-2016-0797 (bsc#968048): The BN_hex2bn() and BN_dec2bn() functions
    had a bug that could result in an attempt to de-reference a NULL
    pointer leading to crashes. This could have security consequences if
    these functions were ever called by user applications with large
    untrusted hex/decimal data. Also, internal usage of these functions in
    OpenSSL uses data from config files or application command line
    arguments. If user developed applications generated config file data
    based on untrusted data, then this could have had security
    consequences as well.
    
    CVE-2016-0799 (bsc#968374): On many 64 bit systems, the internal
    fmtstr() and doapr_outch() functions could miscalculate the length of
    a string and attempt to access out-of-bounds memory locations. These
    problems could have enabled attacks where large amounts of untrusted
    data is passed to the BIO_*printf functions. If applications use these
    functions in this way then they could have been vulnerable. OpenSSL
    itself uses these functions when printing out human-readable dumps of
    ASN.1 data. Therefore applications that print this data could have
    been vulnerable if the data is from untrusted sources. OpenSSL command
    line applications could also have been vulnerable when they print out
    ASN.1 data, or if untrusted data is passed as command line arguments.
    Libssl is not considered directly vulnerable.
    
    CVE-2015-3197 (bsc#963415): The SSLv2 protocol did not block disabled
    ciphers.
    
    CVE-2015-3195 (bsc#957812): An X509_ATTRIBUTE memory leak was fixed.
    
    Fixed a regression caused by the openssl-CVE-2015-0287.patch
    (bsc#937492)
    
    Note that the March 1st 2016 release also references following CVEs
    that were fixed by us with CVE-2015-0293 in 2015 :
    
    CVE-2016-0703 (bsc#968051): This issue only affected versions of
    OpenSSL prior to March 19th 2015 at which time the code was refactored
    to address vulnerability CVE-2015-0293. It would have made the above
    'DROWN' attack much easier.
    
    CVE-2016-0704 (bsc#968053): 'Bleichenbacher oracle in SSLv2' This
    issue only affected versions of OpenSSL prior to March 19th 2015 at
    which time the code was refactored to address vulnerability
    CVE-2015-0293. It would have made the above 'DROWN' attack much
    easier.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=937492"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=957812"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=963415"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=968046"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=968048"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=968051"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=968053"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=968374"
      );
      # https://download.suse.com/patch/finder/?keywords=5965d0982b34e01de9e5c15991f88378
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f5289575"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-0287/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-3195/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-3197/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0703/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0704/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0797/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0799/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0800/"
      );
      # https://www.suse.com/support/update/announcement/2016/suse-su-20160678-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7d95a1fd"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected OpenSSL packages"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openssl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openssl-doc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/03/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/03/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/08");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES10)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES10", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES10" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES10 SP4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"openssl-32bit-0.9.8a-18.94.2")) flag++;
    if (rpm_check(release:"SLES10", sp:"4", cpu:"x86_64", reference:"openssl-devel-32bit-0.9.8a-18.94.2")) flag++;
    if (rpm_check(release:"SLES10", sp:"4", cpu:"s390x", reference:"openssl-32bit-0.9.8a-18.94.2")) flag++;
    if (rpm_check(release:"SLES10", sp:"4", cpu:"s390x", reference:"openssl-devel-32bit-0.9.8a-18.94.2")) flag++;
    if (rpm_check(release:"SLES10", sp:"4", reference:"openssl-0.9.8a-18.94.2")) flag++;
    if (rpm_check(release:"SLES10", sp:"4", reference:"openssl-devel-0.9.8a-18.94.2")) flag++;
    if (rpm_check(release:"SLES10", sp:"4", reference:"openssl-doc-0.9.8a-18.94.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "OpenSSL");
    }
    
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0001.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint
    last seen2020-06-01
    modified2020-06-02
    plugin id87800
    published2016-01-08
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87800
    titleOracleVM 3.3 : openssl (OVMSA-2016-0001) (SLOTH)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The package checks in this plugin were extracted from OracleVM
    # Security Advisory OVMSA-2016-0001.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87800);
      script_version("2.16");
      script_cvs_date("Date: 2019/09/27 13:00:34");
    
      script_cve_id("CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2015-7575");
    
      script_name(english:"OracleVM 3.3 : openssl (OVMSA-2016-0001) (SLOTH)");
      script_summary(english:"Checks the RPM output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote OracleVM host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote OracleVM system is missing necessary patches to address
    critical security updates :
    
      - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2
    
      - fix CVE-2015-3194 - certificate verify crash with
        missing PSS parameter
    
      - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak
    
      - fix CVE-2015-3196 - race condition when handling PSK
        identity hint"
      );
      # https://oss.oracle.com/pipermail/oraclevm-errata/2016-January/000407.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?90e4620d"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected openssl package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:openssl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/01/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/08");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"OracleVM Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/OracleVM/release");
    if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
    if (! preg(pattern:"^OVS" + "3\.3" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.3", "OracleVM " + release);
    if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    flag = 0;
    if (rpm_check(release:"OVS3.3", reference:"openssl-1.0.1e-42.el6_7.2")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openssl");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-908.NASL
    descriptionOpenSSL was updated to fix three security issues. The following vulnerabilities were fixed : - CVE-2015-3194: Certificate verify crash with missing PSS parameter (bsc#957815) - CVE-2015-3195: X509_ATTRIBUTE memory leak (bsc#957812) - CVE-2015-3196: Race condition handling PSK identify hint (bsc#957813)
    last seen2020-06-05
    modified2015-12-17
    plugin id87447
    published2015-12-17
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87447
    titleopenSUSE Security Update : OpenSSL (openSUSE-2015-908)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2015-908.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87447);
      script_version("2.10");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196");
    
      script_name(english:"openSUSE Security Update : OpenSSL (openSUSE-2015-908)");
      script_summary(english:"Check for the openSUSE-2015-908 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "OpenSSL was updated to fix three security issues.
    
    The following vulnerabilities were fixed :
    
      - CVE-2015-3194: Certificate verify crash with missing PSS
        parameter (bsc#957815)
    
      - CVE-2015-3195: X509_ATTRIBUTE memory leak (bsc#957812)
    
      - CVE-2015-3196: Race condition handling PSK identify hint
        (bsc#957813)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=957812"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=957813"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=957815"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected OpenSSL packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl1_0_0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl1_0_0-hmac-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:openssl-debugsource");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/12/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/17");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.1|SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1 / 13.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.1", reference:"libopenssl-devel-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libopenssl1_0_0-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libopenssl1_0_0-debuginfo-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"openssl-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"openssl-debuginfo-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"openssl-debugsource-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libopenssl-devel-32bit-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libopenssl1_0_0-32bit-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libopenssl1_0_0-debuginfo-32bit-1.0.1k-11.75.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl-devel-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl1_0_0-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl1_0_0-debuginfo-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl1_0_0-hmac-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"openssl-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"openssl-debuginfo-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"openssl-debugsource-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libopenssl-devel-32bit-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libopenssl1_0_0-32bit-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libopenssl1_0_0-debuginfo-32bit-1.0.1k-2.27.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libopenssl1_0_0-hmac-32bit-1.0.1k-2.27.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libopenssl-devel / libopenssl-devel-32bit / libopenssl1_0_0 / etc");
    }
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-2617.NASL
    descriptionFrom Red Hat Security Advisory 2015:2617 : Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id87364
    published2015-12-15
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87364
    titleOracle Linux 6 / 7 : openssl (ELSA-2015-2617)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2015:2617 and 
    # Oracle Linux Security Advisory ELSA-2015-2617 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87364);
      script_version("2.16");
      script_cvs_date("Date: 2019/09/27 13:00:36");
    
      script_cve_id("CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196");
      script_xref(name:"RHSA", value:"2015:2617");
    
      script_name(english:"Oracle Linux 6 / 7 : openssl (ELSA-2015-2617)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2015:2617 :
    
    Updated openssl packages that fix three security issues are now
    available for Red Hat Enterprise Linux 6 and 7.
    
    Red Hat Product Security has rated this update as having Moderate
    security impact. Common Vulnerability Scoring System (CVSS) base
    scores, which give detailed severity ratings, are available for each
    vulnerability from the CVE links in the References section.
    
    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL
    v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a
    full-strength, general purpose cryptography library.
    
    A NULL pointer dereference flaw was found in the way OpenSSL verified
    signatures using the RSA PSS algorithm. A remote attacked could
    possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a
    TLS/SSL server using OpenSSL if it enabled client authentication.
    (CVE-2015-3194)
    
    A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7
    and CMS data. A remote attacker could use this flaw to cause an
    application that parses PKCS#7 or CMS data from untrusted sources to
    use an excessive amount of memory and possibly crash. (CVE-2015-3195)
    
    A race condition flaw, leading to a double free, was found in the way
    OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker
    could use this flaw to crash a multi-threaded SSL/TLS client using
    OpenSSL. (CVE-2015-3196)
    
    All openssl users are advised to upgrade to these updated packages,
    which contain backported patches to correct these issues. For the
    update to take effect, all services linked to the OpenSSL library must
    be restarted, or the system rebooted."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2015-December/005624.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2015-December/005625.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected openssl packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:openssl-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:openssl-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:openssl-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:openssl-static");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/12/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/15");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6 / 7", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL6", reference:"openssl-1.0.1e-42.el6_7.1")) flag++;
    if (rpm_check(release:"EL6", reference:"openssl-devel-1.0.1e-42.el6_7.1")) flag++;
    if (rpm_check(release:"EL6", reference:"openssl-perl-1.0.1e-42.el6_7.1")) flag++;
    if (rpm_check(release:"EL6", reference:"openssl-static-1.0.1e-42.el6_7.1")) flag++;
    
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"openssl-1.0.1e-51.el7_2.1")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"openssl-devel-1.0.1e-51.el7_2.1")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"openssl-libs-1.0.1e-51.el7_2.1")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"openssl-perl-1.0.1e-51.el7_2.1")) flag++;
    if (rpm_check(release:"EL7", cpu:"x86_64", reference:"openssl-static-1.0.1e-51.el7_2.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openssl / openssl-devel / openssl-libs / openssl-perl / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-D87D60B9A9.NASL
    descriptionModerate security issues fixed in this update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-03-04
    plugin id89431
    published2016-03-04
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/89431
    titleFedora 22 : openssl-1.0.1k-13.fc22 (2015-d87d60b9a9)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-2617.NASL
    descriptionUpdated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id87357
    published2015-12-15
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87357
    titleCentOS 6 / 7 : openssl (CESA-2015:2617)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-358.NASL
    descriptionWhen presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. Kurt NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-12-04
    plugin id87186
    published2015-12-04
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87186
    titleDebian DLA-358-1 : openssl security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-916.NASL
    descriptionLibreSSL was updated to fix two security issues inherited from OpenSSL. The following vulnerabilities were fixed : - CVE-2015-3194: NULL pointer dereference in client side certificate validation - CVE-2015-3195: Memory leak in PKCS7 - not reachable from TLS/SSL
    last seen2020-06-05
    modified2015-12-21
    plugin id87518
    published2015-12-21
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87518
    titleopenSUSE Security Update : libressl (openSUSE-2015-916)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2015-0155.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint
    last seen2020-06-01
    modified2020-06-02
    plugin id87366
    published2015-12-15
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87366
    titleOracleVM 3.3 : openssl (OVMSA-2015-0155)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_4C8D1D729B3811E5AECED050996490D0.NASL
    descriptionOpenSSL project reports : - BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) - Certificate verify crash with missing PSS parameter (CVE-2015-3194) - X509_ATTRIBUTE memory leak (CVE-2015-3195) - Race condition handling PSK identify hint (CVE-2015-3196) - Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794)
    last seen2020-06-01
    modified2020-06-02
    plugin id87213
    published2015-12-07
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87213
    titleFreeBSD : openssl -- multiple vulnerabilities (4c8d1d72-9b38-11e5-aece-d050996490d0)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2230-1.NASL
    descriptionThis update for openssl fixes the following issues : Security fixes : - CVE-2015-3194: The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. (bsc#957815) - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) - CVE-2015-3196: If PSK identity hints are received by a multi-threaded client then the values were wrongly updated in the parent SSL_CTX structure. This could result in a race condition potentially leading to a double free of the identify hint data. (bsc#957813) Non security bugs fixed : - Improve S/390 performance on IBM z196 and z13 (bsc#954256) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87280
    published2015-12-09
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87280
    titleSUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:2230-1)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2015-349-04.NASL
    descriptionNew openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87378
    published2015-12-16
    reporterThis script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87378
    titleSlackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-349-04)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_11_4.NASL
    descriptionThe remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.4. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppleRAID - AppleUSBNetworking - Bluetooth - Carbon - dyld - FontParser - HTTPProtocol - Intel Graphics Driver - IOFireWireFamily - IOGraphics - IOHIDFamily - IOUSBFamily - Kernel - libxml2 - Messages - NVIDIA Graphics Drivers - OpenSSH - OpenSSL - Python - QuickTime - Reminders - Ruby - Security - Tcl - TrueTypeScaler - Wi-Fi Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id90096
    published2016-03-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90096
    titleMac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201601-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201601-05 (OpenSSL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenSSL. Please review the upstream advisory and CVE identifiers referenced below for details. Note that the list includes CVE identifiers for an older OpenSSL Security Advisory (3 Dec 2015) for which we have not issued a GLSA before. Impact : A remote attacker could disclose a server&rsquo;s private DH exponent, or complete SSLv2 handshakes using ciphers that have been disabled on the server. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id88586
    published2016-02-05
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88586
    titleGLSA-201601-05 : OpenSSL: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2251-1.NASL
    descriptionThis update for compat-openssl097g fixes the following issues : Security issue fixed : - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) A non security issue fixed : - Prevent segfault in s_client with invalid options (bsc#952099) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87338
    published2015-12-14
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87338
    titleSUSE SLED11 Security Update : compat-openssl097g (SUSE-SU-2015:2251-1)
  • NASL familyDatabases
    NASL idMYSQL_5_7_11_RPM.NASL
    descriptionThe version of Oracle MySQL installed on the remote host is 5.7.x prior to 5.7.11. It is, therefore, affected by the following vulnerabilities : - A NULL pointer dereference flaw exists in the bundled version of OpenSSL in file rsa_ameth.c due to improper handling of ASN.1 signatures that are missing the PSS parameter. A remote attacker can exploit this to cause the signature verification routine to crash, resulting in a denial of service condition. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - An unspecified flaw exists in the DML subcomponent that allows a local attacker to impact integrity and availability. (CVE-2016-0640) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose potentially sensitive information or cause a denial of service condition. (CVE-2016-0641) - An unspecified flaw exists in the DDL subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2016-0644) - Multiple unspecified flaws exist in the DML subcomponent that allow a local attacker to cause a denial of service condition. (CVE-2016-0646, CVE-2016-0652) - An unspecified flaw exists in the PS subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2016-0649) - An unspecified flaw exists in the Replication subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2016-0650) - An unspecified flaw exists in the FTS subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2016-0653) - Multiple unspecified flaws exist in the InnoDB subcomponent that allow a local attacker to cause a denial of service condition. (CVE-2016-0654, CVE-2016-0656, CVE-2016-0668) - An unspecified flaw exists in the Optimizer subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2016-0658) - An unspecified flaw exists in the Options subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2016-0661) - An unspecified flaw exists in the Performance Schema subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2016-0663) - An unspecified flaw exists in the Security: Encryption subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2016-0665) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an unauthenticated, remote attacker to disclose potentially sensitive information. (CVE-2016-3452) - A denial of service vulnerability exists in the bundled OpenSSL library due to improper handling of variables declared as TEXT or BLOB. An authenticated, remote attacker can exploit this to corrupt data or cause a denial of service condition. - A denial of service vulnerability exists that is triggered when handling a
    last seen2020-06-04
    modified2016-05-02
    plugin id90833
    published2016-05-02
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90833
    titleOracle MySQL 5.7.x < 5.7.11 Multiple Vulnerabilities (April 2016 CPU) (July 2016 CPU)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-604.NASL
    descriptionThis libressl update to version 2.2.7 fixes the following issues : Security issues fixed : - Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding. [boo#978492, boo#977584] - CVE-2015-3194: Certificate verify crash with missing PSS parameter (boo#957815) - CVE-2015-3195: X509_ATTRIBUTE memory leak (boo#957812) - CVE-2015-5333: Memory Leak (boo#950707) - CVE-2015-5334: Buffer Overflow (boo#950708)
    last seen2020-06-05
    modified2016-05-20
    plugin id91274
    published2016-05-20
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91274
    titleopenSUSE Security Update : libressl (openSUSE-2016-604)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20151214_OPENSSL_ON_SL6_X.NASL
    descriptionA NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen2020-03-18
    modified2015-12-16
    plugin id87402
    published2015-12-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87402
    titleScientific Linux Security Update : openssl on SL6.x i386/x86_64 (20151214)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-911.NASL
    descriptionThis update for openssl fixes the following issues : Security fixes : - CVE-2015-3194: The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. (bsc#957815) - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) - CVE-2015-3196: If PSK identity hints are received by a multi-threaded client then the values were wrongly updated in the parent SSL_CTX structure. This could result in a race condition potentially leading to a double free of the identify hint data. (bsc#957813) Non security bugs fixed : - Improve S/390 performance on IBM z196 and z13 (bsc#954256) This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen2020-06-05
    modified2015-12-18
    plugin id87487
    published2015-12-18
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87487
    titleopenSUSE Security Update : openssl (openSUSE-2015-911)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2237-1.NASL
    descriptionThis update for openssl fixes the following issues : Security fixes : - CVE-2015-3194: The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. (bsc#957815) - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) - CVE-2015-3196: If PSK identity hints are received by a multi-threaded client then the values were wrongly updated in the parent SSL_CTX structure. This could result in a race condition potentially leading to a double free of the identify hint data. (bsc#957813) Non security bugs fixed : - Clear the error after setting non-fips mode (bsc#947104) - Improve S/390 performance on IBM z196 and z13 (bsc#954256) - Add support for
    last seen2020-06-01
    modified2020-06-02
    plugin id87318
    published2015-12-11
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87318
    titleSUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:2237-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-940.NASL
    descriptionThis update for compat-openssl098 fixes the following issues : Security issue fixed : - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) Non security issue fixed : - Prevent segfault in s_client with invalid options (bsc#952099) This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2015-12-29
    plugin id87619
    published2015-12-29
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87619
    titleopenSUSE Security Update : compat-openssl098 (openSUSE-2015-940)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_CISCO_ANYCONNECT_CSCUX41420.NASL
    descriptionThe Cisco AnyConnect Secure Mobility Client installed on the remote Mac OS X host is a version prior to 3.1.13015.0 or 4.2.x prior to 4.2.1035.0. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL : - A carry propagating flaw exists in the x86_64 Montgomery squaring implementation that may cause the BN_mod_exp() function to produce incorrect results. An attacker can exploit this to obtain sensitive information regarding private keys. (CVE-2015-3193) - A NULL pointer dereference flaw exists in file rsa_ameth.c when handling ASN.1 signatures that use the RSA PSS algorithm but are missing a mask generation function parameter. A remote attacker can exploit this to cause the signature verification routine to crash, leading to a denial of service. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196) - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of
    last seen2020-06-01
    modified2020-06-02
    plugin id88101
    published2016-01-22
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/88101
    titleMac OS X : Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL Vulnerabilities
  • NASL familyMisc.
    NASL idORACLE_E-BUSINESS_CPU_JAN_2016.NASL
    descriptionThe version of Oracle E-Business Suite installed on the remote host is missing the January 2016 Critical Patch Update. It is, therefore, affected by multiple unspecified vulnerabilities in multiple components and subcomponents, the most severe of which can allow an unauthenticated, remote attacker to affect both confidentiality and integrity.
    last seen2020-06-01
    modified2020-06-02
    plugin id88042
    published2016-01-21
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/88042
    titleOracle E-Business Multiple Vulnerabilities (January 2016 CPU)
  • NASL familyWeb Servers
    NASL idOPENSSL_1_0_1Q.NASL
    descriptionAccording to its banner, the remote host is running a version of OpenSSL 1.0.1 prior to 1.0.1q. It is, therefore, affected by the following vulnerabilities : - A NULL pointer dereference flaw exists in file rsa_ameth.c when handling ASN.1 signatures that use the RSA PSS algorithm but are missing a mask generation function parameter. A remote attacker can exploit this to cause the signature verification routine to crash, leading to a denial of service. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195)
    last seen2020-06-01
    modified2020-06-02
    plugin id87221
    published2015-12-07
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87221
    titleOpenSSL 1.0.1 < 1.0.1q Multiple DoS
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20151214_OPENSSL_ON_SL5_X.NASL
    descriptionA memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen2020-03-18
    modified2015-12-16
    plugin id87401
    published2015-12-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87401
    titleScientific Linux Security Update : openssl on SL5.x i386/x86_64 (20151214)
  • NASL familyFirewalls
    NASL idSCREENOS_JSA10733.NASL
    descriptionThe version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r22. It is, therefore, affected by multiple vulnerabilities in its bundled version of OpenSSL : - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1_TIME string by the X509_cmp_time() function. A remote attacker can exploit this, via a malformed certificate and CRLs of various sizes, to cause a segmentation fault, resulting in a denial of service condition. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. (CVE-2015-1789) - A NULL pointer dereference flaw exists in the PKCS#7 parsing code due to incorrect handling of missing inner
    last seen2020-06-01
    modified2020-06-02
    plugin id93383
    published2016-09-08
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/93383
    titleJuniper ScreenOS 6.3.x < 6.3.0r22 Multiple Vulnerabilities in OpenSSL (JSA10733)
  • NASL familyWeb Servers
    NASL idHPSMH_7_5_5.NASL
    descriptionAccording to its banner, the version of HP System Management Homepage (SMH) hosted on the remote web server is affected by the following vulnerabilities : - A denial of service vulnerability exists in the Apache HTTP Server due to the lack of the mod_reqtimeout module. An unauthenticated, remote attacker can exploit this, via a saturation of partial HTTP requests, to cause a daemon outage. (CVE-2007-6750) - A cross-site scripting (XSS) vulnerability exists in jQuery when using location.hash to select elements. An unauthenticated, remote attacker can exploit this, via a specially crafted tag, to inject arbitrary script code or HTML into the user
    last seen2020-06-01
    modified2020-06-02
    plugin id91222
    published2016-05-18
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91222
    titleHP System Management Homepage Multiple Vulnerabilities (HPSBMU03593)
  • NASL familyJunos Local Security Checks
    NASL idJUNIPER_JSA10759.NASL
    descriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by the following vulnerabilities related to OpenSSL : - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of
    last seen2020-03-18
    modified2017-01-05
    plugin id96316
    published2017-01-05
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/96316
    titleJuniper Junos Multiple OpenSSL Vulnerabilities (JSA10759) (SWEET32)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL12824341.NASL
    descriptionThe ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. (CVE-2015-3195)
    last seen2020-06-01
    modified2020-06-02
    plugin id91201
    published2016-05-18
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91201
    titleF5 Networks BIG-IP : OpenSSL vulnerability (K12824341)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0049.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO - fix CVE-2016-0799 - memory issues in BIO_printf - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method - fix 1-byte memory leak in pkcs12 parse (#1229871) - document some options of the speed command (#1197095) - fix high-precision timestamps in timestamping authority - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint
    last seen2020-06-01
    modified2020-06-02
    plugin id91154
    published2016-05-16
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91154
    titleOracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0049) (SLOTH)
  • NASL familyDatabases
    NASL idMYSQL_ES_5_6_29.NASL
    descriptionThe version of MySQL Enterprise Server 5.6 installed on the remote host is 5.6.x prior to 5.6.29 or 5.7.x prior to 5.7.11. It is, therefore, affected by multiple vulnerabilities in the included OpenSSL library : - A NULL pointer dereference flaw exists in file rsa_ameth.c due to improper handling of ASN.1 signatures that are missing the PSS parameter. A remote attacker can exploit this to cause the signature verification routine to crash, resulting in a denial of service condition. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195)
    last seen2020-06-01
    modified2020-06-02
    plugin id88698
    published2016-02-11
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88698
    titleMySQL Enterprise Server 5.6.x < 5.6.29 / 5.7.x < 5.7.11 OpenSSL Multiple Vulnerabilities
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1861.NASL
    descriptionAccording to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded.(CVE-2015-0292) - An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially crafted SSL/TLS certificate or CRL (Certificate Revocation List), which when parsed by an application would cause that application to crash.(CVE-2015-1789) - A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash.(CVE-2015-3195) - OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.(CVE-2014-3571) - OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.(CVE-2016-2177) - An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application.(CVE-2016-2105) - An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application.(CVE-2016-2106) - A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.(CVE-2016-2108) - A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL
    last seen2020-05-08
    modified2019-09-17
    plugin id128913
    published2019-09-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128913
    titleEulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-1861)
  • NASL familyCGI abuses
    NASL idBLUECOAT_PROXY_AV_3_5_4_1.NASL
    descriptionAccording to its self-reported version number, the Blue Coat ProxyAV firmware installed on the remote device is 3.5.x prior to 3.5.4.1. It is, therefore, affected by the following vulnerabilities in the bundled version of OpenSSL : - A NULL pointer dereference flaw exists in file rsa_ameth.c due to improper handling of ASN.1 signatures that are missing the PSS parameter. A remote attacker can exploit this to cause the signature verification routine to crash, resulting in a denial of service condition. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id93410
    published2016-09-09
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93410
    titleBlue Coat ProxyAV 3.5.x < 3.5.4.1 Multiple DoS Vulnerabilities
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-2616.NASL
    descriptionUpdated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id87356
    published2015-12-15
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87356
    titleCentOS 5 : openssl (CESA-2015:2616)
  • NASL familyFirewalls
    NASL idPFSENSE_SA-15_11.NASL
    descriptionAccording to its self-reported version number, the remote pfSense install is prior to 2.2.6. It is, therefore, affected by multiple vulnerabilities.
    last seen2020-06-01
    modified2020-06-02
    plugin id106498
    published2018-01-31
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106498
    titlepfSense < 2.2.6 Multiple Vulnerabilities (SA-15_09 / SA-15_10 / SA-15_11)
  • NASL familyMisc.
    NASL idVIRTUALBOX_5_0_18.NASL
    descriptionThe Oracle VM VirtualBox application installed on the remote host is a version prior to 4.3.36 or 5.0.18. It is, therefore, affected by an unspecified flaw in the Core subcomponent that allows a local attacker to gain elevated privileges. Additionally, multiple vulnerabilities exist in the bundled version of OpenSSL : - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of
    last seen2020-06-01
    modified2020-06-02
    plugin id90680
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90680
    titleOracle VM VirtualBox < 4.3.36 / 5.0.18 Multiple Vulnerabilities (April 2016 CPU)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-2616.NASL
    descriptionUpdated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id87334
    published2015-12-14
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87334
    titleRHEL 5 : openssl (RHSA-2015:2616)
  • NASL familyAIX Local Security Checks
    NASL idAIX_OPENSSL_ADVISORY15.NASL
    descriptionThe version of OpenSSL installed on the remote AIX host is affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in file rsa_ameth.c when handling ASN.1 signatures that use the RSA PSS algorithm but are missing a mask generation function parameter. A remote attacker can exploit this to cause the signature verification routine to crash, leading to a denial of service. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196)
    last seen2020-06-01
    modified2020-06-02
    plugin id88085
    published2016-01-22
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/88085
    titleAIX OpenSSL Advisory : openssl_advisory15.asc
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2342-1.NASL
    descriptionThis update for compat-openssl098 fixes the following issues : Security issue fixed:; - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) Non security issue fixed : - Prevent segfault in s_client with invalid options (bsc#952099) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87654
    published2015-12-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87654
    titleSUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2015:2342-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2275-1.NASL
    descriptionThis update for openssl fixes the following issues : - CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. (bsc#957812) - Prevent segfault in s_client with invalid options (bsc#952099) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87461
    published2015-12-17
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87461
    titleSUSE SLED11 / SLES11 Security Update : openssl (SUSE-SU-2015:2275-1)
  • NASL familyDatabases
    NASL idMYSQL_5_6_29_RPM.NASL
    descriptionThe version of Oracle MySQL installed on the remote host is 5.6.x prior to 5.6.29. It is, therefore, affected by the following vulnerabilities : - A NULL pointer dereference flaw exists in the bundled version of OpenSSL in file rsa_ameth.c due to improper handling of ASN.1 signatures that are missing the PSS parameter. A remote attacker can exploit this to cause the signature verification routine to crash, resulting in a denial of service condition. (CVE-2015-3194) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to impact integrity and availability. (CVE-2016-0640) - An unspecified flaw exists in the MyISAM subcomponent that allows an authenticated, remote attacker to disclose sensitive information or cause a denial of service condition. (CVE-2016-0641) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-0644) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-0646) - An unspecified flaw exists in the PS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-0649) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-0650) - An unspecified flaw exists in the Options subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-0661) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-0665) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-0668) - A denial of service vulnerability exists in the bundled OpenSSL library due to improper handling of variables declared as TEXT or BLOB. An authenticated, remote attacker can exploit this to corrupt data or cause a denial of service condition. - A denial of service vulnerability exists that is triggered when handling a
    last seen2020-06-04
    modified2016-05-02
    plugin id90831
    published2016-05-02
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90831
    titleOracle MySQL 5.6.x < 5.6.29 Multiple Vulnerabilities (April 2016 CPU)
  • NASL familyWindows
    NASL idCISCO_ANYCONNECT_CSCUX41420.NASL
    descriptionThe Cisco AnyConnect Secure Mobility Client installed on the remote host is a version prior to 3.1.13015.0 or 4.2.x prior to 4.2.1035.0. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL : - A carry propagating flaw exists in the x86_64 Montgomery squaring implementation that may cause the BN_mod_exp() function to produce incorrect results. An attacker can exploit this to obtain sensitive information regarding private keys. (CVE-2015-3193) - A NULL pointer dereference flaw exists in file rsa_ameth.c when handling ASN.1 signatures that use the RSA PSS algorithm but are missing a mask generation function parameter. A remote attacker can exploit this to cause the signature verification routine to crash, leading to a denial of service. (CVE-2015-3194) - A flaw exists in the ASN1_TFLG_COMBINE implementation in file tasn_dec.c related to handling malformed X509_ATTRIBUTE structures. A remote attacker can exploit this to cause a memory leak by triggering a decoding failure in a PKCS#7 or CMS application, resulting in a denial of service. (CVE-2015-3195) - A race condition exists in s3_clnt.c that is triggered when PSK identity hints are incorrectly updated in the parent SSL_CTX structure when they are received by a multi-threaded client. A remote attacker can exploit this, via a crafted ServerKeyExchange message, to cause a double-free memory error, resulting in a denial of service. (CVE-2015-3196) - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of
    last seen2020-06-01
    modified2020-06-02
    plugin id88100
    published2016-01-22
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/88100
    titleCisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL Vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3413.NASL
    descriptionMultiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-3194 Loic Jonas Etienne of Qnective AG discovered that the signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. A remote attacker can exploit this flaw to crash any certificate verification operation and mount a denial of service attack. - CVE-2015-3195 Adam Langley of Google/BoringSSL discovered that OpenSSL will leak memory when presented with a malformed X509_ATTRIBUTE structure. - CVE-2015-3196 A race condition flaw in the handling of PSK identify hints was discovered, potentially leading to a double free of the identify hint data.
    last seen2020-06-01
    modified2020-06-02
    plugin id87212
    published2015-12-07
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87212
    titleDebian DSA-3413-1 : openssl - security update
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-605DE37B7F.NASL
    descriptionModerate security issues fixed in this update. Faster handling of some common elliptic curves enabled on 64 bit architectures. Improved Makefile.certificate to not use serial number 0 by default. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-03-04
    plugin id89256
    published2016-03-04
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/89256
    titleFedora 23 : openssl-1.0.2e-1.fc23 (2015-605de37b7f)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-614.NASL
    descriptionA NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196)
    last seen2020-06-01
    modified2020-06-02
    plugin id87340
    published2015-12-15
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87340
    titleAmazon Linux AMI : openssl (ALAS-2015-614)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-2616.NASL
    descriptionFrom Red Hat Security Advisory 2015:2616 : Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id87363
    published2015-12-15
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87363
    titleOracle Linux 5 : openssl (ELSA-2015-2616)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0071.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - To disable SSLv2 client connections create the file /etc/sysconfig/openssl-ssl-client-kill-sslv2 (John Haxby) [orabug 21673934] - Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893] - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client] - fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method (can be reenabled by setting environment variable OPENSSL_ENABLE_SSL2) - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak
    last seen2020-06-01
    modified2020-06-02
    plugin id91751
    published2016-06-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91751
    titleOracleVM 3.2 : openssl (OVMSA-2016-0071)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2830-1.NASL
    descriptionGuy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 15.10. (CVE-2015-1794) Hanno Bock discovered that the OpenSSL Montgomery squaring procedure algorithm may produce incorrect results when being used on x86_64. A remote attacker could possibly use this issue to break encryption. This issue only applied to Ubuntu 15.10. (CVE-2015-3193) Loic Jonas Etienne discovered that OpenSSL incorrectly handled ASN.1 signatures with a missing PSS parameter. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-3194) Adam Langley discovered that OpenSSL incorrectly handled malformed X509_ATTRIBUTE structures. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2015-3195) It was discovered that OpenSSL incorrectly handled PSK identity hints. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3196). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87236
    published2015-12-08
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87236
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : openssl vulnerabilities (USN-2830-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-2617.NASL
    descriptionUpdated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id87335
    published2015-12-14
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87335
    titleRHEL 6 / 7 : openssl (RHSA-2015:2617)
  • NASL familyWeb Servers
    NASL idOPENSSL_1_0_2E.NASL
    descriptionAccording to its banner, the remote host is running a version of OpenSSL 1.0.2 prior to 1.0.2e. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the ssl3_get_key_exchange() function in file s3_clnt.c when handling a ServerKeyExchange message for an anonymous DH ciphersuite with the value of
    last seen2020-06-01
    modified2020-06-02
    plugin id87222
    published2015-12-07
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87222
    titleOpenSSL 1.0.2 < 1.0.2e Multiple Vulnerabilities

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/143369/orionbrowser79-mitm.txt
idPACKETSTORM:143369
last seen2017-07-15
published2017-07-14
reporterMaXe
sourcehttps://packetstormsecurity.com/files/143369/Orion-Elite-Hidden-IP-Browser-Pro-7.9-OpenSSL-Tor-Man-In-The-Middle.html
titleOrion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle

Redhat

advisories
  • bugzilla
    id1288322
    titleCVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentopenssl is earlier than 0:0.9.8e-37.el5_11
            ovaloval:com.redhat.rhsa:tst:20152616001
          • commentopenssl is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070964004
        • AND
          • commentopenssl-devel is earlier than 0:0.9.8e-37.el5_11
            ovaloval:com.redhat.rhsa:tst:20152616003
          • commentopenssl-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070964002
        • AND
          • commentopenssl-perl is earlier than 0:0.9.8e-37.el5_11
            ovaloval:com.redhat.rhsa:tst:20152616005
          • commentopenssl-perl is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20070964006
    rhsa
    idRHSA-2015:2616
    released2015-12-14
    severityModerate
    titleRHSA-2015:2616: openssl security update (Moderate)
  • rhsa
    idRHSA-2015:2617
  • rhsa
    idRHSA-2016:2056
  • rhsa
    idRHSA-2016:2957
rpms
  • openssl-0:0.9.8e-37.el5_11
  • openssl-debuginfo-0:0.9.8e-37.el5_11
  • openssl-devel-0:0.9.8e-37.el5_11
  • openssl-perl-0:0.9.8e-37.el5_11
  • openssl-0:1.0.1e-42.el6_7.1
  • openssl-1:1.0.1e-51.el7_2.1
  • openssl-debuginfo-0:1.0.1e-42.el6_7.1
  • openssl-debuginfo-1:1.0.1e-51.el7_2.1
  • openssl-devel-0:1.0.1e-42.el6_7.1
  • openssl-devel-1:1.0.1e-51.el7_2.1
  • openssl-libs-1:1.0.1e-51.el7_2.1
  • openssl-perl-0:1.0.1e-42.el6_7.1
  • openssl-perl-1:1.0.1e-51.el7_2.1
  • openssl-static-0:1.0.1e-42.el6_7.1
  • openssl-static-1:1.0.1e-51.el7_2.1

References