Vulnerabilities > CVE-2018-0737 - Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Encryption Brute Forcing An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.
- Creating a Rogue Certificate Authority Certificate An attacker exploits a weakness in the MD5 hash algorithm (weak collision resistance) to generate a certificate signing request (CSR) that contains collision blocks in the "to be signed" part. The attacker specially crafts two different, but valid X.509 certificates that when hashed with the MD5 algorithm would yield the same value. The attacker then sends the CSR for one of the certificates to the Certification Authority which uses the MD5 hashing algorithm. That request is completely valid and the Certificate Authority issues an X.509 certificate to the attacker which is signed with its private key. An attacker then takes that signed blob and inserts it into another X.509 certificate that the attacker generated. Due to the MD5 collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the attackers' second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority. To make the attack more interesting, the second certificate could be not just a regular certificate, but rather itself a signing certificate. Thus the attacker is able to start their own Certification Authority that is anchored in its root of trust in the legitimate Certification Authority that has signed the attackers' first X.509 certificate. If the original Certificate Authority was accepted by default by browsers, so will now the Certificate Authority set up by the attacker and of course any certificates that it signs. So the attacker is now able to generate any SSL certificates to impersonate any web server, and the user's browser will not issue any warning to the victim. This can be used to compromise HTTPS communications and other types of systems where PKI and X.509 certificates may be used (e.g., VPN, IPSec) .
- Signature Spoof An attacker generates a message or datablock that causes the recipient to believe that the message or datablock was generated and cryptographically signed by an authoritative or reputable source, misleading a victim or victim operating system into performing malicious actions.
- Cryptanalysis Cryptanalysis is a process of finding weaknesses in cryptographic algorithms and using these weaknesses to decipher the ciphertext without knowing the secret key (instance deduction). Sometimes the weakness is not in the cryptographic algorithm itself, but rather in how it is applied that makes cryptanalysis successful. An attacker may have other goals as well, such as: 1. Total Break - Finding the secret key 2. Global Deduction - Finding a functionally equivalent algorithm for encryption and decryption that does not require knowledge of the secret key. 3. Information Deduction - Gaining some information about plaintexts or ciphertexts that was not previously known 4. Distinguishing Algorithm - The attacker has the ability to distinguish the output of the encryption (ciphertext) from a random permutation of bits The goal of the attacker performing cryptanalysis will depend on the specific needs of the attacker in a given attack context. In most cases, if cryptanalysis is successful at all, an attacker will not be able to go past being able to deduce some information about the plaintext (goal 3). However, that may be sufficient for an attacker, depending on the context.
Nessus
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-3221.NASL description An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es) : * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 118998 published 2018-11-16 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118998 title CentOS 7 : openssl (CESA-2018:3221) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:3221 and # CentOS Errata and Security Advisory 2018:3221 respectively. # include("compat.inc"); if (description) { script_id(118998); script_version("1.3"); script_cvs_date("Date: 2019/12/31"); script_cve_id("CVE-2017-3735", "CVE-2018-0495", "CVE-2018-0732", "CVE-2018-0737", "CVE-2018-0739"); script_xref(name:"RHSA", value:"2018:3221"); script_name(english:"CentOS 7 : openssl (CESA-2018:3221)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es) : * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section." ); # https://lists.centos.org/pipermail/centos-cr-announce/2018-November/005594.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2d02fe63" ); script_set_attribute( attribute:"solution", value:"Update the affected openssl packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-3735"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openssl-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openssl-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openssl-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openssl-static"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/28"); script_set_attribute(attribute:"patch_publication_date", value:"2018/11/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/16"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"openssl-1.0.2k-16.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"openssl-devel-1.0.2k-16.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"openssl-libs-1.0.2k-16.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"openssl-perl-1.0.2k-16.el7")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"openssl-static-1.0.2k-16.el7")) flag++; if (flag) { cr_plugin_caveat = '\n' + 'NOTE: The security advisory associated with this vulnerability has a\n' + 'fixed package version that may only be available in the continuous\n' + 'release (CR) repository for CentOS, until it is present in the next\n' + 'point release of CentOS.\n\n' + 'If an equal or higher package level does not exist in the baseline\n' + 'repository for your major version of CentOS, then updates from the CR\n' + 'repository will need to be applied in order to address the\n' + 'vulnerability.\n'; security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + cr_plugin_caveat ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openssl / openssl-devel / openssl-libs / openssl-perl / etc"); }NASL family Fedora Local Security Checks NASL id FEDORA_2019-9A0A7C0986.NASL description Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129368 published 2019-09-26 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129368 title Fedora 29 : 1:compat-openssl10 (2019-9a0a7c0986) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2019-9a0a7c0986. # include("compat.inc"); if (description) { script_id(129368); script_version("1.2"); script_cvs_date("Date: 2019/12/23"); script_cve_id("CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0737", "CVE-2019-1543", "CVE-2019-1552", "CVE-2019-1559"); script_xref(name:"FEDORA", value:"2019-9a0a7c0986"); script_name(english:"Fedora 29 : 1:compat-openssl10 (2019-9a0a7c0986)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-9a0a7c0986" ); script_set_attribute( attribute:"see_also", value:"https://www.openssl.org/news/vulnerabilities.html" ); script_set_attribute( attribute:"solution", value:"Update the affected 1:compat-openssl10 package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1543"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:1:compat-openssl10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/16"); script_set_attribute(attribute:"patch_publication_date", value:"2019/09/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC29", reference:"compat-openssl10-1.0.2o-7.fc29", epoch:"1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "1:compat-openssl10"); }NASL family Fedora Local Security Checks NASL id FEDORA_2018-520E4C5B4E.NASL description Update to 1.1.0i version from upstream fixing minor security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120424 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120424 title Fedora 28 : 1:openssl (2018-520e4c5b4e) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2018-520e4c5b4e. # include("compat.inc"); if (description) { script_id(120424); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-0732", "CVE-2018-0737"); script_xref(name:"FEDORA", value:"2018-520e4c5b4e"); script_name(english:"Fedora 28 : 1:openssl (2018-520e4c5b4e)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update to 1.1.0i version from upstream fixing minor security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-520e4c5b4e" ); script_set_attribute( attribute:"solution", value:"Update the affected 1:openssl package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-0737"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:1:openssl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/16"); script_set_attribute(attribute:"patch_publication_date", value:"2018/09/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^28([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC28", reference:"openssl-1.1.0i-1.fc28", epoch:"1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "1:openssl"); }NASL family Fedora Local Security Checks NASL id FEDORA_2019-DB06EFDEA1.NASL description Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129653 published 2019-10-07 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129653 title Fedora 31 : 1:compat-openssl10 (2019-db06efdea1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2019-db06efdea1. # include("compat.inc"); if (description) { script_id(129653); script_version("1.2"); script_cvs_date("Date: 2019/12/19"); script_cve_id("CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0737", "CVE-2019-1543", "CVE-2019-1552", "CVE-2019-1559"); script_xref(name:"FEDORA", value:"2019-db06efdea1"); script_name(english:"Fedora 31 : 1:compat-openssl10 (2019-db06efdea1)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-db06efdea1" ); script_set_attribute( attribute:"see_also", value:"https://www.openssl.org/news/vulnerabilities.html" ); script_set_attribute( attribute:"solution", value:"Update the affected 1:compat-openssl10 package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1543"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:1:compat-openssl10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:31"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/16"); script_set_attribute(attribute:"patch_publication_date", value:"2019/09/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/07"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^31([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 31", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC31", reference:"compat-openssl10-1.0.2o-8.fc31", epoch:"1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "1:compat-openssl10"); }NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0149.NASL description An update of {'openssl', 'libsoup'} packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111275 published 2018-07-24 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111275 title Photon OS 1.0 : openssl / libsoup (PhotonOS-PHSA-2018-1.0-0149) (deprecated) code # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2/7/2019 # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2018-1.0-0149. The text # itself is copyright (C) VMware, Inc. include("compat.inc"); if (description) { script_id(111275); script_version("1.2"); script_cvs_date("Date: 2019/02/07 18:59:50"); script_cve_id("CVE-2017-2885", "CVE-2018-0737"); script_bugtraq_id(100258, 103766); script_name(english:"Photon OS 1.0 : openssl / libsoup (PhotonOS-PHSA-2018-1.0-0149) (deprecated)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "This plugin has been deprecated."); script_set_attribute(attribute:"description", value: "An update of {'openssl', 'libsoup'} packages of Photon OS has been released."); # https://github.com/vmware/photon/wiki/Security-Updates-1.0-149 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1881825a"); script_set_attribute(attribute:"solution", value:"n/a."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-2885"); script_set_attribute(attribute:"patch_publication_date", value:"2018/06/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/24"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:libsoup"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } exit(0, "This plugin has been deprecated."); include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; pkgs = [ "libsoup-2.53.90-3.ph1", "libsoup-debuginfo-2.53.90-3.ph1", "libsoup-devel-2.53.90-3.ph1", "libsoup-doc-2.53.90-3.ph1", "libsoup-lang-2.53.90-3.ph1", "openssl-c_rehash-1.ph1", "openssl-1.0.2o-2.ph1", "openssl-debuginfo-1.0.2o-2.ph1", "openssl-devel-1.0.2o-2.ph1", "openssl-perl-1.0.2o-2.ph1" ]; foreach (pkg in pkgs) if (rpm_check(release:"PhotonOS-1.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openssl / libsoup"); }NASL family Misc. NASL id SECURITYCENTER_5_7_1_TNS_2018_12.NASL description According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.7.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 117672 published 2018-09-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117672 title Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12) NASL family Misc. NASL id NESSUS_TNS_2018_14.NASL description According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 8.0.0. It is, therefore, affected by multiple vulnerabilities: - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library last seen 2020-06-01 modified 2020-06-02 plugin id 118398 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118398 title Tenable Nessus < 8.0.0 Multiple Vulnerabilities (TNS-2018-14) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2018-1000.NASL description RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys : OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key. (CVE-2018-0737) last seen 2020-06-01 modified 2020-06-02 plugin id 109182 published 2018-04-20 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109182 title Amazon Linux AMI : openssl (ALAS-2018-1000) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1643.NASL description According to the versions of the compat-openssl10 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack.(CVE-2017-0732) - OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.(CVE-2018-0737) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-03 modified 2019-06-27 plugin id 126270 published 2019-06-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126270 title EulerOS 2.0 SP8 : compat-openssl10 (EulerOS-SA-2019-1643) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2928-1.NASL description This update for openssl fixes the following issues : These security issues were fixed : Prevent One&Done side-channel attack on RSA that allowed physically near attackers to use EM emanations to recover information (bsc#1104789) CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 117858 published 2018-10-01 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117858 title SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2018:2928-1) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0078_OPENSSL.NASL description An update of the openssl package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121975 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121975 title Photon OS 2.0: Openssl PHSA-2018-2.0-0078 NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-3221.NASL description From Red Hat Security Advisory 2018:3221 : An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es) : * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 118777 published 2018-11-07 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118777 title Oracle Linux 7 : openssl (ELSA-2018-3221) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2018-226-01.NASL description New openssl packages are available for Slackware 14.2 and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 111737 published 2018-08-15 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111737 title Slackware 14.2 / current : openssl (SSA:2018-226-01) NASL family Web Servers NASL id OPENSSL_1_0_2P.NASL description According to its banner, the version of OpenSSL running on the remote host is 1.0.x prior to 1.0.2p. It is, therefore, affected by a denial of service vulnerability and a cache timing side channel vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 112119 published 2018-08-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/112119 title OpenSSL 1.0.x < 1.0.2p Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2928-2.NASL description This update for openssl fixes the following issues : These security issues were fixed : Prevent One&Done side-channel attack on RSA that allowed physically near attackers to use EM emanations to recover information (bsc#1104789) CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 118296 published 2018-10-22 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118296 title SUSE SLES12 Security Update : openssl (SUSE-SU-2018:2928-2) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3628-1.NASL description Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 109200 published 2018-04-20 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109200 title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : openssl vulnerability (USN-3628-1) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0065_OPENSSL.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g. (CVE-2017-3735) - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. (CVE-2018-0495) - OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key. (CVE-2018-0737) - Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n). (CVE-2018-0739) - A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information. (CVE-2018-5407) - During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o). (CVE-2018-0732) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127262 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127262 title NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0065) NASL family Scientific Linux Local Security Checks NASL id SL_20181030_OPENSSL_ON_SL7_X.NASL description Security Fix(es) : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) - openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) - openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) - openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) - openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) last seen 2020-03-18 modified 2018-11-27 plugin id 119194 published 2018-11-27 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119194 title Scientific Linux Security Update : openssl on SL7.x x86_64 (20181030) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2486-1.NASL description This update for openssl fixes the following security issue : - CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 112108 published 2018-08-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/112108 title SUSE SLES11 Security Update : openssl (SUSE-SU-2018:2486-1) NASL family Web Servers NASL id OPENSSL_1_1_0I.NASL description According to its banner, the version of OpenSSL running on the remote host is 1.1.0 prior to 1.1.0i. It is, therefore, affected by a denial of service vulnerability, a cache timing side channel vulnerability, and a microarchitecture timing side channel attack. last seen 2020-06-01 modified 2020-06-02 plugin id 112120 published 2018-08-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/112120 title OpenSSL 1.1.0 < 1.1.0i Multiple Vulnerabilities NASL family Misc. NASL id NESSUS_TNS_2018_17.NASL description According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 7.1.4. It is, therefore, affected by multiple vulnerabilities: - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library last seen 2020-06-01 modified 2020-06-02 plugin id 120198 published 2019-01-02 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120198 title Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1009.NASL description According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) - openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) - openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) - openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) - openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2019-01-08 plugin id 120997 published 2019-01-08 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120997 title EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1009) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2019-0040.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Oracle bug 28730228: backport (CVE-2018-0732) - Oracle bug 28758493: backport (CVE-2018-0737) - Merge upstream patch to fix (CVE-2018-0739) - Avoid out-of-bounds read. Fixes CVE-2017-3735. By Rich Salz - sha256 is used for the RSA pairwise consistency test instead of sha1 - fix CVE-2019-1559 - 0-byte record padding oracle last seen 2020-06-01 modified 2020-06-02 plugin id 127975 published 2019-08-20 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127975 title OracleVM 3.4 : openssl (OVMSA-2019-0040) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-3864-1.NASL description This update for openssl fixes the following issues : Security issues fixed : CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652). CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534). CVE-2018-0737: Corrected the current error detection of the current fix (bsc#1106197). CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018). Add missing timing side channel patch for DSA signature generation (bsc#1113742). Fixed the last seen 2020-06-01 modified 2020-06-02 plugin id 119116 published 2018-11-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119116 title SUSE SLES12 Security Update : openssl (SUSE-SU-2018:3864-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-3221.NASL description An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es) : * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 118534 published 2018-10-31 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118534 title RHEL 7 : openssl (RHSA-2018:3221) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-997.NASL description This update for compat-openssl098 fixes the following security issues : - CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158) - Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592) - CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) - CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could have resulted in DoS (bsc#1087102). This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2018-09-13 plugin id 117476 published 2018-09-13 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117476 title openSUSE Security Update : compat-openssl098 (openSUSE-2018-997) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1420.NASL description According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) - openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) - openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) - openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) - openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-12-28 plugin id 119909 published 2018-12-28 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119909 title EulerOS 2.0 SP2 : openssl (EulerOS-SA-2018-1420) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-4249.NASL description Description of changes: [1.0.2k-12.0.3] - Oracle bug 28672370: backport CVE-2018-0732 - Oracle bug 28672351: backport CVE-2018-0737 last seen 2020-06-01 modified 2020-06-02 plugin id 118106 published 2018-10-15 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118106 title Oracle Linux 7 : openssl (ELSA-2018-4249) NASL family Misc. NASL id NODEJS_2018_AUG.NASL description The version of Node.js installed on the remote host is 6.x prior to 6.14.4, 8.x prior to 8.11.4 or 10.x prior to 10.9.0. It, therefore, is affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 118937 published 2018-11-14 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118937 title Node.js multiple vulnerabilities (August 2018 Security Releases). NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4355.NASL description Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. last seen 2020-03-28 modified 2018-12-20 plugin id 119792 published 2018-12-20 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119792 title Debian DSA-4355-1 : openssl1.0 - security update NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-1553-1.NASL description This update for openssl fixes the following issues : CVE-2018-0732: Reject excessively large primes in DH key generation (bsc#1097158) CVE-2018-0734: Timing vulnerability in DSA signature generation (bsc#1113652) CVE-2018-0737: Cache timing vulnerability in RSA Key Generation (bsc#1089039) CVE-2018-5407: Elliptic curve scalar multiplication timing attack defenses (fixes last seen 2020-06-01 modified 2020-06-02 plugin id 126046 published 2019-06-19 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126046 title SUSE SLES12 Security Update : openssl (SUSE-SU-2019:1553-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-152.NASL description This update for openssl-1_1 fixes the following issues : Security issues fixed : - The 9 Lives of Bleichenbacher last seen 2020-06-01 modified 2020-06-02 plugin id 122088 published 2019-02-11 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122088 title openSUSE Security Update : openssl-1_1 (openSUSE-2019-152) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0197-1.NASL description This update for openssl-1_1 fixes the following issues : Security issues fixed : The 9 Lives of Bleichenbacher last seen 2020-03-18 modified 2019-01-30 plugin id 121467 published 2019-01-30 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121467 title SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:0197-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1306.NASL description According to the versions of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack.(CVE-2017-0732) - OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.(CVE-2018-0737) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-09-27 plugin id 117749 published 2018-09-27 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117749 title EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2018-1306) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2683-1.NASL description This update for compat-openssl098 fixes the following security issues : CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158) Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592) CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could have resulted in DoS (bsc#1087102). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 117450 published 2018-09-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117450 title SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2018:2683-1) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_8F353420419711E88777B499BAEBFEAF.NASL description The OpenSSL project reports : The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. last seen 2020-06-01 modified 2020-06-02 plugin id 109066 published 2018-04-17 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109066 title FreeBSD : OpenSSL -- Cache timing vulnerability (8f353420-4197-11e8-8777-b499baebfeaf) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1214.NASL description According to the versions of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack.(CVE-2017-0732) - OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.(CVE-2018-0737) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-07-03 plugin id 110878 published 2018-07-03 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110878 title EulerOS 2.0 SP3 : openssl110f (EulerOS-SA-2018-1214) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4348.NASL description Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. last seen 2020-06-01 modified 2020-06-02 plugin id 119313 published 2018-12-01 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119313 title Debian DSA-4348-1 : openssl - security update NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1449.NASL description Two issues were discovered in OpenSSL, the Secure Sockets Layer toolkit. CVE-2018-0732 Denial of service by a malicious server that sends a very large prime value to the client during TLS handshake. CVE-2018-0737 Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that the OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. For Debian 8 last seen 2020-06-01 modified 2020-06-02 plugin id 111390 published 2018-07-30 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111390 title Debian DLA-1449-1 : openssl security update NASL family Misc. NASL id ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL description The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component: - An unspecified vulnerability in the subcomponent Networking (jQuery) of Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. An easy to exploit vulnerability could allow an unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. A successful attacks requires human interaction and can result in unauthorized update, insert or delete access to some of Enterprise Manager Ops Center accessible data. (CVE-2015-9251) - An unspecified vulnerability in the subcomponent Networking (OpenSSL) of the Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. An easy to exploit vulnerability could allow an unauthenticated attacker with network access via HTTPS to compromise Enterprise Manager Ops Center. A successful attack of this vulnerability could result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Enterprise Manager Ops Center. (CVE-2018-0732) - An unspecified vulnerability in the subcomponent Networking (cURL) of Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. A successful attack requires human interaction from a person other than the attacker and can result in takeover of Enterprise Manager Ops Center. (CVE-2018-1000300) last seen 2020-06-01 modified 2020-06-02 plugin id 131184 published 2019-11-21 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131184 title Oracle Enterprise Manager Ops Center (Jan 2019 CPU) NASL family CGI abuses NASL id ORACLE_PRIMAVERA_P6_EPPM_CPU_JAN_2019.NASL description According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) installation running on the remote web server is 8.4 prior to 8.4.15.9, 15.x prior to 15.2.18.3, 16.x prior to 16.2.17.0, 17.x prior to 17.12.10.0, or 18.x prior to 18.8.5.0. It is, therefore, affected by multiple vulnerabilities: - A denial of service (DoS) vulnerability exists in OpenSSL due to an issue processing very large prime values during TLS handshakes using a DH(E) based ciphersuite. An unauthenticated, remote attacker can exploit this issue to cause the client to stop responding. (CVE-2018-0732) - The OpenSSL RSA Key generation algorithm is vulnerable to a chache timing side channel attack. An attacker can exploit this to potentially recover the private key. (CVE-2018-0737) - The Web Access subcomponent of Oracle Primavera P6 EPPM is affected by a vulnerability which could allow an unauthenticated attacker with HTTP access to compromise the system. Successful exploitation of this vulnerability require user interaction, and could result in unauthorized read/write access to Primavera P6 EPPM data. (CVE-2019-2512) Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 121252 published 2019-01-18 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121252 title Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Jan 2019 CPU) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-1091.NASL description This update for openssl fixes the following issues : These security issues were fixed : - Prevent One&Done side-channel attack on RSA that allowed physically near attackers to use EM emanations to recover information (bsc#1104789) - CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) These non-security issues were fixed : - Add openssl(cli) Provide so the packages that require the openssl binary can require this instead of the new openssl meta package (bsc#1101470) - Fixed path to the engines which are under /lib64 on SLE-12 (bsc#1101246, bsc#997043) This update was imported from the SUSE:SLE-12-SP2:Update update project. last seen 2020-06-05 modified 2018-10-01 plugin id 117857 published 2018-10-01 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117857 title openSUSE Security Update : openssl (openSUSE-2018-1091) NASL family AIX Local Security Checks NASL id AIX_OPENSSL_ADVISORY27.NASL description The version of OpenSSL installed on the remote AIX host is affected by a side channel attack information disclosure vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 111354 published 2018-07-26 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111354 title AIX OpenSSL Advisory : openssl_advisory27.asc NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2492-1.NASL description This update for openssl fixes the following security issue : - CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 112145 published 2018-08-28 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/112145 title SUSE SLES12 Security Update : openssl (SUSE-SU-2018:2492-1) NASL family Misc. NASL id ORACLE_ENTERPRISE_MANAGER_JAN_2019_CPU.NASL description The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component: - A remote code execution vulnerability exists in Jython before 2.7.1rc1. An unauthenticated, remote attacker can exploit this by sending a serialized function to the deserializer. (CVE-2016-4000) - A denial of service (DoS) vulnerability exists in OpenSSL due to the client spending long periods of time generating a key from large prime values. A malicious remote server can exploit this issue via sending a very large prime value to the clients, resulting in a hang until the client has finished generating the key. (CVE-2018-0732) last seen 2020-06-01 modified 2020-06-02 plugin id 121225 published 2019-01-17 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121225 title Oracle Enterprise Manager Cloud Control (January 2019 CPU) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1546.NASL description According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.(CVE-2018-0495) - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.(CVE-2013-0166) - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an last seen 2020-06-01 modified 2020-06-02 plugin id 124999 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124999 title EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1546) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0149_OPENSSL.NASL description An update of the openssl package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121848 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121848 title Photon OS 1.0: Openssl PHSA-2018-1.0-0149 NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1084.NASL description According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).(CVE-2018-0737) - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.(CVE-2017-3735) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122706 published 2019-03-08 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122706 title EulerOS Virtualization 2.5.2 : openssl (EulerOS-SA-2019-1084) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1392.NASL description According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) - openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) - openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) - openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) - openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-15 modified 2018-12-10 plugin id 119520 published 2018-12-10 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119520 title EulerOS 2.0 SP3 : openssl (EulerOS-SA-2018-1392) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1383.NASL description According to the version of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.i1/4^CVE-2018-0737i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2018-11-21 plugin id 119074 published 2018-11-21 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119074 title EulerOS Virtualization 2.5.1 : openssl (EulerOS-SA-2018-1383) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2018-1004.NASL description bn_sqrx8x_internal carry bug on x86_64 There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen. (CVE-2017-3736) rsaz_1024_mul_avx2 overflow bug on x86_64 There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701 . This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736 , CVE-2017-3732 and CVE-2015-3193 . OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository. (CVE-2017-3738) RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key. (CVE-2018-0737) Read/write after SSL object in error state OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an last seen 2020-06-01 modified 2020-06-02 plugin id 109364 published 2018-04-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109364 title Amazon Linux 2 : openssl (ALAS-2018-1004) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1400.NASL description According to the versions of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable last seen 2020-06-01 modified 2020-06-02 plugin id 124903 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124903 title EulerOS Virtualization for ARM 64 3.0.1.0 : openssl (EulerOS-SA-2019-1400) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0078.NASL description An update of 'openssl' packages of Photon OS has been released. last seen 2019-02-08 modified 2019-02-07 plugin id 111962 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111962 title Photon OS 2.0: Openssl PHSA-2018-2.0-0078 (deprecated) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-4248.NASL description Description of changes: [1.0.1e-57.0.6] - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 last seen 2020-06-01 modified 2020-06-02 plugin id 118105 published 2018-10-15 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118105 title Oracle Linux 6 : openssl (ELSA-2018-4248) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1201.NASL description According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.i1/4^CVE-2018-0495i1/4%0 - During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).i1/4^CVE-2018-0732i1/4%0 - Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).i1/4^CVE-2018-0739i1/4%0 - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.i1/4^CVE-2017-3735i1/4%0 - OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.i1/4^CVE-2018-0737i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2019-04-09 plugin id 123887 published 2019-04-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123887 title EulerOS Virtualization 2.5.4 : openssl (EulerOS-SA-2019-1201) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-1110.NASL description This update for openssl-1_0_0 to 1.0.2p fixes the following issues : These security issues were fixed : - Prevent One&Done side-channel attack on RSA that allowed physically near attackers to use EM emanations to recover information (bsc#1104789) - CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) - CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158) - Make problematic ECDSA sign addition length-invariant - Add blinding to ECDSA and DSA signatures to protect against side channel attacks This non-security issue was fixed : - Add openssl(cli) Provide so the packages that require the openssl binary can require this instead of the new openssl meta package (bsc#1101470) This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-05 modified 2018-10-09 plugin id 117977 published 2018-10-09 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117977 title openSUSE Security Update : openssl-1_0_0 (openSUSE-2018-1110) NASL family Fedora Local Security Checks NASL id FEDORA_2018-02A38AF202.NASL description Update to 1.1.0i version from upstream fixing minor security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-10-03 plugin id 117891 published 2018-10-03 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117891 title Fedora 27 : 1:openssl (2018-02a38af202) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3692-1.NASL description Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. (CVE-2018-0495) Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key agreement. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. (CVE-2018-0732) Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. (CVE-2018-0737). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110721 published 2018-06-27 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110721 title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : openssl, openssl1.0 vulnerabilities (USN-3692-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-3932.NASL description Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release. Security Fix(es) : * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * openssl: Side-channel vulnerability on SMT/ Hyper-Threading architectures (PortSmash) (CVE-2018-5407) * mod_session_cookie does not respect expiry time (CVE-2018-17199) * mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * mod_http2: possible crash on late upgrade (CVE-2019-0197) * mod_http2: read-after-free on a string compare (CVE-2019-0196) * nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) * mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 131215 published 2019-11-22 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131215 title RHEL 6 : JBoss Core Services (RHSA-2019:3932) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering) (Resource Loop) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-3933.NASL description An update is now available for JBoss Core Services on RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. This release adds the new Apache HTTP Server 2.4.37 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.29 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release. Security Fix(es) : * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) * openssl: timing side channel attack in the DSA signature algorithm (CVE-2018-0734) * mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) * mod_session_cookie does not respect expiry time (CVE-2018-17199) * mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189) * mod_http2: possible crash on late upgrade (CVE-2019-0197) * mod_http2: read-after-free on a string compare (CVE-2019-0196) * nghttp2: HTTP/2: large amount of data request leads to denial of service (CVE-2019-9511) * nghttp2: HTTP/2: flood using PRIORITY frames resulting in excessive resource consumption (CVE-2019-9513) * mod_http2: HTTP/2: 0-length headers leads to denial of service (CVE-2019-9516) * mod_http2: HTTP/2: request for large response leads to denial of service (CVE-2019-9517) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 131216 published 2019-11-22 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131216 title RHEL 7 : JBoss Core Services (RHSA-2019:3933) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering) (Resource Loop) NASL family Palo Alto Local Security Checks NASL id PALO_ALTO_PAN-SA-2018-0015.NASL description The version of Palo Alto Networks PAN-OS running on the remote host is 6.1.x including 6.1.20 or 7.1.x prior to 7.1.21 or 8.0.x prior to 8.0.14 or 8.1.x prior to 8.1.4. It is, therefore, affected by multiple vulnerabilities : - A denial of service (DoS) vulnerability that exists in OpenSSL due to failure of handling the exception conditions during the TLS handshake. An authenticated, remote attacker can exploit this issue , via malicious server to send large prime value to the client to spend unreasonably long time for generating the key for this prime resulting hang until the client finished. (CVE-2018-0732) - An information disclosure vulnerability that exists in OpenSSL RSA key generation algorithm due to a cache timing side channel attack. An authenticated, local attacker can exploit this issue, via cache timing attacks during the RSA key generation process, to recover the private key. (CVE-2018-0737) - A denial of service (DoS) vulnerability that exists in OpenSSL due to a constructed ASN.1 types with a recursive definition. An unauthenticated, remote attacker can exploit this issue, via creating malicious input with excessive recursion, to cause the Denial Of Service attack. (CVE-2018-0739) last seen 2020-06-01 modified 2020-06-02 plugin id 123512 published 2019-03-29 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123512 title Palo Alto Networks PAN-OS 6.1.x <= 6.1.20 / 7.1.x < 7.1.21 / 8.0.x < 8.0.14 / 8.1.x < 8.1.4 Multiple Vulnerabilities (PAN-SA-2018-0015) NASL family Misc. NASL id LCE_5_1_1.NASL description The version of Tenable Log Correlation Engine (LCE) installed on the remote host is a version prior to 5.1.1. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the bundled third-party component OpenSSL library last seen 2020-06-01 modified 2020-06-02 plugin id 118399 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118399 title Tenable Log Correlation Engine (LCE) < 5.1.1 (TNS-2018-13) NASL family Junos Local Security Checks NASL id JUNIPER_JSA10919.NASL description According to its self-reported version number, the remote Juniper Junos device is affected by a multiple vulnerabilities: - During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o). (CVE-2018-0732) - The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o). (CVE-2018-0737) last seen 2020-06-01 modified 2020-06-02 plugin id 121069 published 2019-01-11 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121069 title Junos OS: OpenSSL Security Advisories [16 Apr 2018] and [12 June 2018] (JSA10919) NASL family Fedora Local Security Checks NASL id FEDORA_2019-00C25B9379.NASL description Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129319 published 2019-09-25 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129319 title Fedora 30 : 1:compat-openssl10 (2019-00c25b9379) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2965-1.NASL description This update for openssl-1_0_0 to 1.0.2p fixes the following issues : These security issues were fixed : Prevent One&Done side-channel attack on RSA that allowed physically near attackers to use EM emanations to recover information (bsc#1104789) CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158) Make problematic ECDSA sign addition length-invariant Add blinding to ECDSA and DSA signatures to protect against side channel attacks The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-18 modified 2019-01-02 plugin id 120115 published 2019-01-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120115 title SUSE SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2018:2965-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-753.NASL description This update for openssl-1_0_0 to 1.0.2p fixes the following issues : These security issues were fixed : - Prevent One&Done side-channel attack on RSA that allowed physically near attackers to use EM emanations to recover information (bsc#1104789) - CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039) - CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158) - Make problematic ECDSA sign addition length-invariant - Add blinding to ECDSA and DSA signatures to protect against side channel attacks This non-security issue was fixed : - Add openssl(cli) Provide so the packages that require the openssl binary can require this instead of the new openssl meta package (bsc#1101470) This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 123323 published 2019-03-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123323 title openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-753) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201811-21.NASL description The remote host is affected by the vulnerability described in GLSA-201811-21 (OpenSSL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenSSL. Please review the referenced CVE identifiers for details. Impact : A remote attacker could cause a Denial of Service condition, obtain private keying material, or gain access to sensitive information. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 119275 published 2018-11-29 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119275 title GLSA-201811-21 : OpenSSL: Multiple vulnerabilities NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1164.NASL description According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.i1/4^CVE-2017-3735i1/4%0 - OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.i1/4^CVE-2018-0737i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2019-04-09 plugin id 123850 published 2019-04-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123850 title EulerOS Virtualization 2.5.3 : openssl (EulerOS-SA-2019-1164)
Redhat
| advisories |
| ||||||||||||||||||||
| rpms |
|
References
- https://www.openssl.org/news/secadv/20180416.txt
- http://www.securitytracker.com/id/1040685
- http://www.securityfocus.com/bid/103766
- https://usn.ubuntu.com/3628-2/
- https://usn.ubuntu.com/3628-1/
- https://usn.ubuntu.com/3692-2/
- https://usn.ubuntu.com/3692-1/
- https://security.netapp.com/advisory/ntap-20180726-0003/
- https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html
- https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
- https://www.tenable.com/security/tns-2018-12
- https://securityadvisories.paloaltonetworks.com/Home/Detail/133
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://www.tenable.com/security/tns-2018-14
- https://www.tenable.com/security/tns-2018-13
- https://access.redhat.com/errata/RHSA-2018:3221
- https://access.redhat.com/errata/RHSA-2018:3505
- https://security.gentoo.org/glsa/201811-21
- https://www.debian.org/security/2018/dsa-4348
- https://www.debian.org/security/2018/dsa-4355
- https://www.tenable.com/security/tns-2018-17
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://access.redhat.com/errata/RHSA-2019:3935
- https://access.redhat.com/errata/RHSA-2019:3933
- https://access.redhat.com/errata/RHSA-2019:3932
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787