ID CVE-2013-0169
Summary The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
References
Vulnerable Configurations
  • OpenSSL Project OpenSSL
    cpe:2.3:a:openssl:openssl
  • OpenSSL Project OpenSSL 0.9.8
    cpe:2.3:a:openssl:openssl:0.9.8
  • OpenSSL Project OpenSSL 0.9.8a
    cpe:2.3:a:openssl:openssl:0.9.8a
  • OpenSSL Project OpenSSL 0.9.8b
    cpe:2.3:a:openssl:openssl:0.9.8b
  • OpenSSL Project OpenSSL 0.9.8c
    cpe:2.3:a:openssl:openssl:0.9.8c
  • OpenSSL Project OpenSSL 0.9.8d
    cpe:2.3:a:openssl:openssl:0.9.8d
  • OpenSSL Project OpenSSL 0.9.8f
    cpe:2.3:a:openssl:openssl:0.9.8f
  • OpenSSL Project OpenSSL 0.9.8g
    cpe:2.3:a:openssl:openssl:0.9.8g
  • OpenSSL Project OpenSSL 0.9.8h
    cpe:2.3:a:openssl:openssl:0.9.8h
  • OpenSSL Project OpenSSL 0.9.8i
    cpe:2.3:a:openssl:openssl:0.9.8i
  • OpenSSL Project OpenSSL 0.9.8j
    cpe:2.3:a:openssl:openssl:0.9.8j
  • OpenSSL Project OpenSSL 0.9.8k
    cpe:2.3:a:openssl:openssl:0.9.8k
  • OpenSSL Project OpenSSL 0.9.8l
    cpe:2.3:a:openssl:openssl:0.9.8l
  • OpenSSL Project OpenSSL 0.9.8m
    cpe:2.3:a:openssl:openssl:0.9.8m
  • OpenSSL Project OpenSSL 0.9.8n
    cpe:2.3:a:openssl:openssl:0.9.8n
  • OpenSSL Project OpenSSL 0.9.8o
    cpe:2.3:a:openssl:openssl:0.9.8o
  • OpenSSL Project OpenSSL 0.9.8p
    cpe:2.3:a:openssl:openssl:0.9.8p
  • OpenSSL Project OpenSSL 0.9.8q
    cpe:2.3:a:openssl:openssl:0.9.8q
  • OpenSSL Project OpenSSL 0.9.8r
    cpe:2.3:a:openssl:openssl:0.9.8r
  • OpenSSL Project OpenSSL 0.9.8s
    cpe:2.3:a:openssl:openssl:0.9.8s
  • OpenSSL Project OpenSSL 0.9.8t
    cpe:2.3:a:openssl:openssl:0.9.8t
  • OpenSSL Project OpenSSL 0.9.8u
    cpe:2.3:a:openssl:openssl:0.9.8u
  • OpenSSL Project OpenSSL 0.9.8v
    cpe:2.3:a:openssl:openssl:0.9.8v
  • OpenSSL Project OpenSSL 0.9.8w
    cpe:2.3:a:openssl:openssl:0.9.8w
  • OpenSSL Project OpenSSL 0.9.8x
    cpe:2.3:a:openssl:openssl:0.9.8x
  • OpenSSL Project OpenSSL 1.0.0
    cpe:2.3:a:openssl:openssl:1.0.0
  • OpenSSL Project OpenSSL 1.0.0a
    cpe:2.3:a:openssl:openssl:1.0.0a
  • OpenSSL Project OpenSSL 1.0.0b
    cpe:2.3:a:openssl:openssl:1.0.0b
  • OpenSSL Project OpenSSL 1.0.0c
    cpe:2.3:a:openssl:openssl:1.0.0c
  • OpenSSL Project OpenSSL 1.0.0d
    cpe:2.3:a:openssl:openssl:1.0.0d
  • OpenSSL Project OpenSSL 1.0.0e
    cpe:2.3:a:openssl:openssl:1.0.0e
  • OpenSSL Project OpenSSL 1.0.0f
    cpe:2.3:a:openssl:openssl:1.0.0f
  • OpenSSL Project OpenSSL 1.0.0g
    cpe:2.3:a:openssl:openssl:1.0.0g
  • OpenSSL Project OpenSSL 1.0.0i
    cpe:2.3:a:openssl:openssl:1.0.0i
  • OpenSSL Project OpenSSL 1.0.0j
    cpe:2.3:a:openssl:openssl:1.0.0j
  • OpenSSL Project OpenSSL 1.0.1
    cpe:2.3:a:openssl:openssl:1.0.1
  • OpenSSL Project OpenSSL 1.0.1a
    cpe:2.3:a:openssl:openssl:1.0.1a
  • OpenSSL Project OpenSSL 1.0.1b
    cpe:2.3:a:openssl:openssl:1.0.1b
  • OpenSSL Project OpenSSL 1.0.1c
    cpe:2.3:a:openssl:openssl:1.0.1c
  • cpe:2.3:a:oracle:openjdk
    cpe:2.3:a:oracle:openjdk
  • Oracle OpenJDK 1.6.0 (6)
    cpe:2.3:a:oracle:openjdk:1.6.0
  • Oracle OpenJDK 1.7.0 (7)
    cpe:2.3:a:oracle:openjdk:1.7.0
  • Oracle OpenJDK 1.8.0 (8)
    cpe:2.3:a:oracle:openjdk:1.8.0
  • PolarSSL 0.10.0
    cpe:2.3:a:polarssl:polarssl:0.10.0
  • PolarSSL 0.10.1
    cpe:2.3:a:polarssl:polarssl:0.10.1
  • PolarSSL 0.11.0
    cpe:2.3:a:polarssl:polarssl:0.11.0
  • PolarSSL 0.11.1
    cpe:2.3:a:polarssl:polarssl:0.11.1
  • PolarSSL 0.12.0
    cpe:2.3:a:polarssl:polarssl:0.12.0
  • PolarSSL 0.12.1
    cpe:2.3:a:polarssl:polarssl:0.12.1
  • PolarSSL 0.13.1
    cpe:2.3:a:polarssl:polarssl:0.13.1
  • PolarSSL 0.14.0
    cpe:2.3:a:polarssl:polarssl:0.14.0
  • PolarSSL 0.14.2
    cpe:2.3:a:polarssl:polarssl:0.14.2
  • PolarSSL 0.14.3
    cpe:2.3:a:polarssl:polarssl:0.14.3
  • PolarSSL 0.99-pre1
    cpe:2.3:a:polarssl:polarssl:0.99:pre1
  • PolarSSL 0.99-pre3
    cpe:2.3:a:polarssl:polarssl:0.99:pre3
  • PolarSSL 0.99-pre4
    cpe:2.3:a:polarssl:polarssl:0.99:pre4
  • PolarSSL 0.99-pre5
    cpe:2.3:a:polarssl:polarssl:0.99:pre5
  • PolarSSL 1.0.0
    cpe:2.3:a:polarssl:polarssl:1.0.0
  • PolarSSL 1.1.0
    cpe:2.3:a:polarssl:polarssl:1.1.0
  • PolarSSL 1.1.0 release candidate 0
    cpe:2.3:a:polarssl:polarssl:1.1.0:rc0
  • PolarSSL 1.1.0 release candidate 1
    cpe:2.3:a:polarssl:polarssl:1.1.0:rc1
  • PolarSSL 1.1.1
    cpe:2.3:a:polarssl:polarssl:1.1.1
  • PolarSSL 1.1.2
    cpe:2.3:a:polarssl:polarssl:1.1.2
  • PolarSSL 1.1.3
    cpe:2.3:a:polarssl:polarssl:1.1.3
  • PolarSSL 1.1.4
    cpe:2.3:a:polarssl:polarssl:1.1.4
CVSS
Base: 2.6 (as of 11-02-2013 - 10:04)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family General
    NASL id IBM_TSM_SERVER_6_2_6_0.NASL
    description The version of IBM Tivoli Storage Manager installed on the remote host is 6.2.x prior to 6.2.6.0. It is, therefore, potentially affected by multiple flaws in its bundled SSL library: - A flaw that could allow a remote attacker to cause a denial of service via a specially crafted 'ClientHello' message. (CVE-2012-2190). - A flaw that could allow a remote attacker to cause a denial of service via a specially crafted value in the TLS Record Layer. (CVE-2012-2191). - A flaw that could allow a remote attacker to perform a statistical timing attack known as 'Lucky Thirteen'. (CVE-2013-0169).
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77118
    published 2014-08-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77118
    title IBM Tivoli Storage Manager Server 6.2.x < 6.2.6.0 Multiple Vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-095.NASL
    description Updated java-1.7.0-openjdk packages fix security vulnerabilities : Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2012-3174, CVE-2013-0422). Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2013-0442, CVE-2013-0445, CVE-2013-0441, CVE-2013-1475, CVE-2013-1476, CVE-2013-0429, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0444). Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges (CVE-2013-1478, CVE-2013-1480). A flaw was found in the AWT component's clipboard handling code. An untrusted Java application or applet could use this flaw to access clipboard data, bypassing Java sandbox restrictions (CVE-2013-0432). The default Java security properties configuration did not restrict access to certain com.sun.xml.internal packages. An untrusted Java application or applet could use this flaw to access information, bypassing certain Java sandbox restrictions. This update lists the whole package as restricted (CVE-2013-0435). Multiple improper permission check issues were discovered in the JMX, Libraries, Networking, and JAXP components. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions (CVE-2013-0431, CVE-2013-0427, CVE-2013-0433, CVE-2013-0434). It was discovered that the RMI component's CGIHandler class used user inputs in error messages without any sanitization. An attacker could use this flaw to perform a cross-site scripting (XSS) attack (CVE-2013-0424). It was discovered that the SSL/TLS implementation in the JSSE component did not properly enforce handshake message ordering, allowing an unlimited number of handshake restarts. A remote attacker could use this flaw to make an SSL/TLS server using JSSE consume an excessive amount of CPU by continuously restarting the handshake (CVE-2013-0440). It was discovered that the JSSE component did not properly validate Diffie-Hellman public keys. An SSL/TLS client could possibly use this flaw to perform a small subgroup attack (CVE-2013-0443). Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2013-1486, CVE-2013-1484). An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions (CVE-2013-1485). It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle (CVE-2013-0169). An integer overflow flaw was found in the way the 2D component handled certain sample model instances. A specially crafted sample model instance could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine privileges (CVE-2013-0809). It was discovered that the 2D component did not properly reject certain malformed images. Specially crafted raster parameters could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine privileges (CVE-2013-1493).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 66107
    published 2013-04-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66107
    title Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:095)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-0275.NASL
    description Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1486, CVE-2013-1484) An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-1485) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.7. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64731
    published 2013-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64731
    title CentOS 5 / 6 : java-1.7.0-openjdk (CESA-2013:0275)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_COMPAT-OPENSSL097G-141202.NASL
    description The SLES 9 compatibility package compat-openssl097g received a roll up update fixing various security issues : - Build option no-ssl3 is incomplete. (CVE-2014-3568) - Add support for TLS_FALLBACK_SCSV. (CVE-2014-3566) - Information leak in pretty printing functions. (CVE-2014-3508) - OCSP bad key DoS attack. (CVE-2013-0166) - SSL/TLS CBC plaintext recovery attack. (CVE-2013-0169) - Anonymous ECDH denial of service. (CVE-2014-3470) - SSL/TLS MITM vulnerability (CVE-2014-0224)
    last seen 2019-02-21
    modified 2015-01-28
    plugin id 79738
    published 2014-12-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79738
    title SuSE 11.3 Security Update : compat-openssl097g (SAT Patch Number 10033)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201310-10.NASL
    description The remote host is affected by the vulnerability described in GLSA-201310-10 (PolarSSL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PolarSSL. Please review the CVE identifiers referenced below for details. Impact : A remote attacker might be able to cause Denial of Service, conduct a man-in-the middle attack, compromise an encrypted communication channel, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 70486
    published 2013-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70486
    title GLSA-201310-10 : PolarSSL: Multiple vulnerabilities
  • NASL family Web Servers
    NASL id WEBSPHERE_8_0_0_7.NASL
    description IBM WebSphere Application Server 8.0 before Fix Pack 7 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists related to Apache Ant and file compression that could lead to denial of service conditions. (CVE-2012-2098 / PM90088) - The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. (CVE-2013-0169 / PM85211) - A flaw exists relating to OAuth that could allow a remote attacker to obtain someone else's credentials. (CVE-2013-0597 / PM85834 / PM87131) - A flaw exists relating to OpenJPA that is triggered during deserialization, which could allow a remote attacker to write to the file system and potentially execute arbitrary code. Note the vendor states this application is not directly affected by this flaw; however, this application does include the affected version of OpenJPA. (CVE-2013-1768 / PM86780) - An input validation flaw exists in the optional 'mod_rewrite' module in the included IBM HTTP Server that could allow arbitrary command execution via HTTP requests containing certain escape sequences. (CVE-2013-1862 / PM87808) - A flaw exists related to the optional 'mod_dav' module in the included IBM HTTP Server that could allow denial of service conditions. (CVE-2013-1896 / PM89996) - User-supplied input validation errors exist related to the administrative console that could allow cross-site scripting attacks. (CVE-2013-2967 / PM78614, CVE-2013-4004 / PM81571, CVE-2013-4005 / PM88208) - An information disclosure vulnerability exists related to incorrect caching by the administrative console. (CVE-2013-2976 / PM79992) - A user-supplied input validation error exists that could allow cross-site request forgery (CSRF) attacks to be carried out. (CVE-2013-3029 / PM88746)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 69449
    published 2013-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69449
    title IBM WebSphere Application Server 8.0 < Fix Pack 7 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-153.NASL
    description openssl was updated to 1.0.0k security release to fix bugs and security issues. (bnc#802648 bnc#802746) The version was upgraded to avoid backporting the large fixes for SSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169) TLS 1.1 and 1.2 AES-NI crash (CVE-2012-2686) OCSP invalid key DoS issue (CVE-2013-0166) Also the following bugfix was included: bnc#757773 - c_rehash to accept more filename extensions
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74901
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74901
    title openSUSE Security Update : openssl (openSUSE-SU-2013:0336-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201401-30.NASL
    description The remote host is affected by the vulnerability described in GLSA-201401-30 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-01-03
    plugin id 72139
    published 2014-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72139
    title GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)
  • NASL family CGI abuses
    NASL id IBM_TEM_8_2_1372.NASL
    description The remote host is running a version of IBM Tivoli Endpoint Manager Server prior to 8.2.1372. It is, therefore, affected by multiple vulnerabilities : - Multiple SSL related denial of service vulnerabilities exist. (CVE-2012-2686, CVE-2013-0166) - An SSL side-channel timing analysis attack allows full or partial plaintext recovery by a third-party listener. (CVE-2013-0169) - A cross-site request forgery vulnerability exists in the Use Analysis Application that can be exploited via a specially crafted AMF message. (CVE-2013-0452) - An unspecified cross-site scripting vulnerability exists in IBM Tivoli Endpoint Manager Web Reports. (CVE-2013-0453)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 66270
    published 2013-04-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66270
    title IBM Tivoli Endpoint Manager Server < 8.2.1372 Multiple Vulnerabilities
  • NASL family General
    NASL id IBM_TSM_SERVER_5_5_X.NASL
    description The version of IBM Tivoli Storage Manager installed on the remote host is 5.5 running on Windows or AIX. It is, therefore, potentially affected by multiple flaws in its bundled SSL library: - A flaw that could allow a remote attacker to cause a denial of service via a specially crafted 'ClientHello' message. (CVE-2012-2190). - A flaw that could allow a remote attacker to cause a denial of service via a specially crafted value in the TLS Record Layer. (CVE-2012-2191). - A flaw that could allow a remote attacker to perform a statistical timing attack known as 'Lucky Thirteen'. (CVE-2013-0169).
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77116
    published 2014-08-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77116
    title IBM Tivoli Storage Manager Server 5.5.x Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0416.NASL
    description Updated rhevm-spice-client packages that fix multiple security issues are now available for Red Hat Enterprise Virtualization Manager 3. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems. The rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE client. OpenSSL, a general purpose cryptography library with a TLS implementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer package has been updated to correct the following issues : An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the way OpenSSL handled TLS/SSL protocol handshake packets. A specially crafted handshake packet could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) Red Hat would like to thank the OpenSSL project for reporting CVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the original reporter. The updated mingw-virt-viewer Windows SPICE client further includes OpenSSL security fixes that have no security impact on mingw-virt-viewer itself. The security fixes included in this update address the following CVE numbers : CVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166 All Red Hat Enterprise Virtualization Manager users are advised to upgrade to these updated packages, which address these issues.
    last seen 2019-02-21
    modified 2018-07-26
    plugin id 79013
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79013
    title RHEL 6 : rhevm-spice-client (RHSA-2014:0416)
  • NASL family Databases
    NASL id ORACLE_RDBMS_CPU_OCT_2013.NASL
    description The remote Oracle database server is missing the October 2013 Critical Patch Update (CPU). It is, therefore, affected by multiple security vulnerabilities in the following components : - Core RDBMS - Oracle Security service - XML Parser
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 70460
    published 2013-10-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70460
    title Oracle Database Multiple Vulnerabilities (October 2013 CPU) (BEAST)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0636.NASL
    description An updated rhev-hypervisor6 package that fixes several security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest. (CVE-2012-6075) It was discovered that GnuTLS leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-1619) It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially crafted response. (CVE-2013-0166) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) This updated package provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers : CVE-2013-0292 (dbus-glib issue) CVE-2013-0228, CVE-2013-0268, and CVE-2013-0871 (kernel issues) CVE-2013-0338 (libxml2 issue) This update contains the builds from the following errata : ovirt-node: RHBA-2013:0634 https://rhn.redhat.com/errata/RHBA-2013-0634.html kernel: RHSA-2013:0630 https://rhn.redhat.com/errata/RHSA-2013-0630.html dbus-glib: RHSA-2013:0568 https://rhn.redhat.com/errata/RHSA-2013-0568.html libcgroup: RHBA-2013:0560 https://rhn.redhat.com/errata/RHBA-2013-0560.html vdsm: RHBA-2013:0635 https://rhn.redhat.com/errata/RHBA-2013-0635.html selinux-policy: RHBA-2013:0618 https://rhn.redhat.com/errata/RHBA-2013-0618.html qemu-kvm-rhev: RHSA-2013:0610 https://rhn.redhat.com/errata/RHSA-2013-0610.html glusterfs: RHBA-2013:0620 https://rhn.redhat.com/errata/RHBA-2013-0620.html gnutls: RHSA-2013:0588 https://rhn.redhat.com/errata/RHSA-2013-0588.html ipmitool: RHBA-2013:0572 https://rhn.redhat.com/errata/RHBA-2013-0572.html libxml2: RHSA-2013:0581 https://rhn.redhat.com/errata/RHSA-2013-0581.html openldap: RHBA-2013:0598 https://rhn.redhat.com/errata/RHBA-2013-0598.html openssl: RHSA-2013:0587 https://rhn.redhat.com/errata/RHSA-2013-0587.html Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which fixes these issues.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 78952
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78952
    title RHEL 6 : rhev-hypervisor6 (RHSA-2013:0636)
  • NASL family Misc.
    NASL id ORACLE_JAVA_CPU_FEB_2013_1_UNIX.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 15, 6 Update 41, 5 Update 40 or 1.4.2 Update 42. It is, therefore, potentially affected by security issues in the following components : - Deployment - JMX - JSSE - Libraries
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 64851
    published 2013-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64851
    title Oracle Java SE Multiple Vulnerabilities (February 2013 CPU Update 1) (Unix)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0275.NASL
    description Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1486, CVE-2013-1484) An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-1485) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.7. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64748
    published 2013-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64748
    title RHEL 5 / 6 : java-1.7.0-openjdk (RHSA-2013:0275)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0532.NASL
    description Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487) All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 15 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-26
    plugin id 64775
    published 2013-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64775
    title RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0532)
  • NASL family General
    NASL id IBM_TSM_SERVER_6_1_X.NASL
    description The version of IBM Tivoli Storage Manager installed on the remote host is 6.1 running on Windows or AIX. It is, therefore, potentially affected by multiple flaws in its bundled SSL library: - A flaw that could allow a remote attacker to cause a denial of service via a specially crafted 'ClientHello' message. (CVE-2012-2190). - A flaw that could allow a remote attacker to cause a denial of service via a specially crafted value in the TLS Record Layer. (CVE-2012-2191). - A flaw that could allow a remote attacker to perform a statistical timing attack known as 'Lucky Thirteen'. (CVE-2013-0169).
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77117
    published 2014-08-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77117
    title IBM Tivoli Storage Manager Server 6.1.x Multiple Vulnerabilities
  • NASL family Misc.
    NASL id VMWARE_ESXI_5_1_BUILD_1483097_REMOTE.NASL
    description The remote VMware ESXi 5.1 host is affected by the following vulnerabilities : - A denial of service vulnerability exists in the bundled OpenSSL library that is triggered when handling OCSP response verification. A remote attacker can exploit this to crash the program. (CVE-2013-0166) - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker can obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169) - An error exists in the libxml2 library related to the expansion of XML internal entities that could allow denial of service attacks. (CVE-2013-0338) - A NULL pointer dereference flaw exists in the handling of Network File Copy (NFC) traffic. An attacker can exploit this by intercepting and modifying NFC traffic, to cause a denial of service condition. (CVE-2014-1207) - A denial of service vulnerability exists in the handling of invalid ports that could allow a guest user to crash the VMX process. (CVE-2014-1208)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 72037
    published 2014-01-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72037
    title ESXi 5.1 < Build 1483097 Multiple Vulnerabilities (remote check)
  • NASL family Windows
    NASL id ORACLE_JAVA_CPU_FEB_2013_1.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 15, 6 Update 41, 5 Update 40 or 1.4.2 Update 42. It is, therefore, potentially affected by security issues in the following components : - Deployment - JMX - JSSE - Libraries
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 64790
    published 2013-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64790
    title Oracle Java SE Multiple Vulnerabilities (February 2013 CPU Update 1)
  • NASL family Databases
    NASL id DB2_101FP3A.NASL
    description According to its version, the installation of IBM DB2 10.1 running on the remote host is prior to Fix Pack 3a. It is, therefore, affected by one or more of the following vulnerabilities : - The included version of GSKit contains an error related to CBC-mode and timing that could allow an attacker to recover plaintext from encrypted communications. (CVE-2013-0169) - An unspecified error exists related to handling malformed certificate chains that could allow denial of service attacks. (CVE-2013-6747) - A build error exists related to libraries in insecure locations that could allow a local user to carry out privilege escalation attacks. Note this issue does not affect the application when running on Microsoft Windows operating systems. (CVE-2014-0907) - An unspecified error exists related to the TLS implementation that could allow certain error cases to cause 100% CPU utilization. (CVE-2014-0963)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 76110
    published 2014-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76110
    title IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2014-0007.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589) - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052) - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051) - use __secure_getenv everywhere instead of getenv (#839735) - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686) - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio (#814185) - fix problem with the SGC restart patch that might terminate handshake incorrectly - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725) - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489) - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4109 - double free in policy checks (#771771) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) - add known answer test for SHA2 algorithms (#740866) - make default private key length in certificate Makefile 2048 bits (can be changed with PRIVATE_KEY_BITS setting) (#745410) - fix incorrect return value in parse_yesno (#726593) - added DigiCert CA certificates to ca-bundle (#735819) - added a new section about error states to README.FIPS (#628976) - add missing DH_check_pub_key call when DH key is computed (#698175) - presort list of ciphers available in SSL (#688901) - accept connection in s_server even if getaddrinfo fails (#561260) - point to openssl dgst for list of supported digests (#608639) - fix handling of future TLS versions (#599112) - added VeriSign Class 3 Public Primary Certification Authority - G5 and StartCom Certification Authority certs to ca-bundle (#675671, #617856) - upstream fixes for the CHIL engine (#622003, #671484) - add SHA-2 hashes in SSL_library_init (#676384) - fix CVE-2010-4180 - completely disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462) - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924) - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which in the RHEL-5 and newer versions will crash in such case (#569774) - fix CVE-2009-3555 - support the safe renegotiation extension and do not allow legacy renegotiation on the server by default (#533125) - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197) - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data is called prematurely by application (#546707)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 79531
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79531
    title OracleVM 2.2 : openssl (OVMSA-2014-0007)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1735-1.NASL
    description Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenJDK was vulnerable to a timing side-channel attack known as the 'Lucky Thirteen' issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. (CVE-2013-0169) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 12.10. (CVE-2013-1484) A data integrity vulnerability was discovered in the OpenJDK JRE. This issue only affected Ubuntu 12.10. (CVE-2013-1485) Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2013-1486, CVE-2013-1487). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 64801
    published 2013-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64801
    title Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : openjdk-6, openjdk-7 vulnerabilities (USN-1735-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-294.NASL
    description This update for libopenssl0_9_8 fixes the following issues : - CVE-2016-0800 aka the 'DROWN' attack (bsc#968046): OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. This update changes the openssl library to : - Disable SSLv2 protocol support by default. This can be overridden by setting the environment variable 'OPENSSL_ALLOW_SSL2' or by using SSL_CTX_clear_options using the SSL_OP_NO_SSLv2 flag. Note that various services and clients had already disabled SSL protocol 2 by default previously. - Disable all weak EXPORT ciphers by default. These can be reenabled if required by old legacy software using the environment variable 'OPENSSL_ALLOW_EXPORT'. - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and BN_dec2bn() functions had a bug that could result in an attempt to de-reference a NULL pointer leading to crashes. This could have security consequences if these functions were ever called by user applications with large untrusted hex/decimal data. Also, internal usage of these functions in OpenSSL uses data from config files or application command line arguments. If user developed applications generated config file data based on untrusted data, then this could have had security consequences as well. - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the internal fmtstr() and doapr_outch() functions could miscalculate the length of a string and attempt to access out-of-bounds memory locations. These problems could have enabled attacks where large amounts of untrusted data is passed to the BIO_*printf functions. If applications use these functions in this way then they could have been vulnerable. OpenSSL itself uses these functions when printing out human-readable dumps of ASN.1 data. Therefore applications that print this data could have been vulnerable if the data is from untrusted sources. OpenSSL command line applications could also have been vulnerable when they print out ASN.1 data, or if untrusted data is passed as command line arguments. Libssl is not considered directly vulnerable. - The package was updated to 0.9.8zh : - fixes many security vulnerabilities (not separately listed): CVE-2015-3195, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288, CVE-2014-3571, CVE-2014-3569, CVE-2014-3572, CVE-2015-0204, CVE-2014-8275, CVE-2014-3570, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3508, CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-3470, CVE-2014-0076, CVE-2013-0169, CVE-2013-0166 - avoid running OPENSSL_config twice. This avoids breaking engine loading. (boo#952871, boo#967787) - fix CVE-2015-3197 (boo#963415) - SSLv2 doesn't block disabled ciphers
    last seen 2019-02-21
    modified 2016-12-07
    plugin id 89651
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89651
    title openSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-294) (DROWN) (FREAK) (POODLE)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1518.NASL
    description Two vulnerabilities were discovered in polarssl, a lightweight crypto and SSL/TLS library (nowadays continued under the name mbedtls) which could result in plain text recovery via side-channel attacks. Two other minor vulnerabilities were discovered in polarssl which could result in arithmetic overflow errors. CVE-2018-0497 As a protection against the Lucky Thirteen attack, the TLS code for CBC decryption in encrypt-then-MAC mode performs extra MAC calculations to compensate for variations in message size due to padding. The amount of extra MAC calculation to perform was based on the assumption that the bulk of the time is spent in processing 64-byte blocks, which is correct for most supported hashes but not for SHA-384. Correct the amount of extra work for SHA-384 (and SHA-512 which is currently not used in TLS, and MD2 although no one should care about that). This is a regression fix for what CVE-2013-0169 had been fixed this. CVE-2018-0498 The basis for the Lucky 13 family of attacks is for an attacker to be able to distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding. Since our code sets padlen = 0 for invalid padding, the length of the input to the HMAC function gives information about that. Information about this length (modulo the MD/SHA block size) can be deduced from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used. If MD/SHA padding is read from a (static) buffer, a local attacker could get information about how much is used via a cache attack targeting that buffer. Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA one, which is always read fully by the process() function. CVE-2018-9988 Prevent arithmetic overflow on bounds check and add bound check before signature length read in ssl_parse_server_key_exchange(). CVE-2018-9989 Prevent arithmetic overflow on bounds check and add bound check before length read in ssl_parse_server_psk_hint() For Debian 8 'Jessie', these problems have been fixed in version 1.3.9-2.1+deb8u4. We recommend that you upgrade your polarssl packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-27
    plugin id 117711
    published 2018-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117711
    title Debian DLA-1518-1 : polarssl security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_7_0-IBM-130415.NASL
    description IBM Java 7 was updated to SR4-FP1, fixing bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ and on : http://www.ibm.com/developerworks/java/jdk/aix/j764/Java7_64.fixes.htm l#SR4FP1
    last seen 2019-02-21
    modified 2014-04-12
    plugin id 66031
    published 2013-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66031
    title SuSE 11.2 Security Update : java-1_7_0-ibm (SAT Patch Number 7623)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-0275.NASL
    description From Red Hat Security Advisory 2013:0275 : Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1486, CVE-2013-1484) An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-1485) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.7. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68736
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68736
    title Oracle Linux 5 / 6 : java-1.7.0-openjdk (ELSA-2013-0275)
  • NASL family Web Servers
    NASL id WEBSPHERE_8_5_5.NASL
    description IBM WebSphere Application Server 8.5 before Fix Pack 8.5.5 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. (CVE-2013-0169, PM85211) - The WS-Security run time contains a flaw that could be triggered by a specially crafted SOAP request to execute arbitrary code. (CVE-2013-0482, PM76582) - A flaw exists relating to OAuth that could allow a remote attacker to obtain someone else's credentials. (CVE-2013-0597, PM85834, PM87131) - A flaw exists relating to OpenJPA that is triggered during deserialization, which could allow a remote attacker to write to the file system and potentially execute arbitrary code. (CVE-2013-1768, PM86780, PM86786, PM86788, PM86791) - An unspecified cross-site scripting vulnerability exists related to the administrative console. (CVE-2013-2967, PM78614) - An unspecified vulnerability exists. (CVE-2013-2975) - An information disclosure vulnerability exists relating to incorrect caching by the administrative console. (CVE-2013-2976, PM79992) - An improper process initialization flaw exists on UNIX platforms that could allow a local attacker to execute arbitrary commands. (CVE-2013-3024, PM86245)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 69021
    published 2013-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69021
    title IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_6_0-IBM-130416.NASL
    description IBM Java 6 has been updated to SR13 FP1 which fixes bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ and on : http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.htm l#SR13FP1 CVEs fixed: CVE-2013-0485 / CVE-2013-0809 / CVE-2013-1493 / CVE-2013-0169
    last seen 2019-02-21
    modified 2014-04-12
    plugin id 66194
    published 2013-04-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66194
    title SuSE 11.2 Security Update : IBM Java (SAT Patch Number 7627)
  • NASL family Web Servers
    NASL id WEBSPHERE_8_0_0_6.NASL
    description IBM WebSphere Application Server 8.0 before Fix Pack 6 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists that could allow cross-site request forgery (CSRF) attacks. (CVE-2012-4853 / PM62920) - The included Java SDK contains several errors that affect the application directly. (CVE-2013-0169, CVE-2013-0440, CVE-2013-0443) - Input validation errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0458 / PM71139, CVE-2013-0461 / PM71389, CVE-2013-0542 / PM81846) - An input validation error exists related to the administration console that could allow cross-site scripting attacks. Note that this issue affects only the application when running on z/OS operating systems. (CVE-2013-0459 / PM72536) - An unspecified error could allow security bypass for authenticated users. (CVE-2013-0462 / PM76886 or PM79937) - An error exists related to 'WS-Security' and SOAP message handling that could allow an attacker to spoof message signatures. (CVE-2013-0482 / PM76582) - A buffer overflow error exists related to 'WebSphere Identity Manger (WIM)' that could allow denial of service attacks. (CVE-2013-0541 / PM74909) - An unspecified error could allow security bypass, thus allowing remote attackers access to restricted resources on HP, Linux and Solaris hosts. (CVE-2013-0543 / PM75582) - An unspecified error related to the administration console could allow directory traversal attacks on Unix and Linux hosts. (CVE-2013-0544 / PM82468)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 66374
    published 2013-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66374
    title IBM WebSphere Application Server 8.0 < Fix Pack 6 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1455.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Network Satellite Server 5.4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.4. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873, CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3561, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507, CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143, CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089, CVE-2013-0169, CVE-2013-0351, CVE-2013-0401, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1487, CVE-2013-1491, CVE-2013-1493, CVE-2013-1500, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2407, CVE-2013-2412, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Users of Red Hat Network Satellite Server 5.4 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR14 release. For this update to take effect, Red Hat Network Satellite Server must be restarted ('/usr/sbin/rhn-satellite restart'), as well as all running instances of IBM Java.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 78975
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78975
    title RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201406-32.NASL
    description The remote host is affected by the vulnerability described in GLSA-201406-32 (IcedTea JDK: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass intended security policies, or have other unspecified impact. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 76303
    published 2014-06-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76303
    title GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)
  • NASL family Misc.
    NASL id VMWARE_ESXI_5_0_BUILD_1311177_REMOTE.NASL
    description The remote VMware ESXi 5.0 host is affected by the following security vulnerabilities : - Multiple errors exist related to OpenSSL that could allow information disclosure or denial of service attacks. (CVE-2013-0166, CVE-2013-0169) - An error exists in the libxml2 library related to the expansion of XML internal entities. An attacker can exploit this to cause a denial of service. (CVE-2013-0338) - An unspecified error exists related to 'hostd-vmdb'. An attacker can exploit this to cause a denial of service. (CVE-2013-5970) - An error exists in the handling of certain Virtual Machine file descriptors. This may allow an unprivileged user with the 'Add Existing Disk' privilege to obtain read and write access to arbitrary files, possibly leading to arbitrary code execution after a host reboot. (CVE-2013-5973) - A NULL pointer dereference flaw exists in the handling of Network File Copy (NFC) traffic. This issue may lead to a denial of service if an attacker intercepts and modifies the NFC traffic. (CVE-2014-1207) - A denial of service vulnerability exists in the handling of invalid ports that could allow a guest user to crash the VMX process. (CVE-2014-1208)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 70879
    published 2013-11-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70879
    title ESXi 5.0 < Build 1311175 Multiple Vulnerabilities (remote check)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0833.NASL
    description The version of JBoss Enterprise Application Platform 6.0.1 running on the remote system is vulnerable to the following issues: - A man-in-the-middle attack is possible when applications running on JBoss Web use the COOKIE session tracking method. The flaw is in the org.apache.catalina.connector.Response.encodeURL() method. By making use of this, an attacker could obtain a user's jsessionid and hijack their session. (CVE-2012-4529) - If multiple applications used the same custom authorization module class name, a local attacker could deploy a malicious application authorization module that would permit or deny user access. (CVE-2012-4572) - XML encryption backwards compatibility attacks could allow an attacker to force a server to use insecure legacy cryptosystems. (CVE-2012-5575) - A NULL pointer dereference flaw could allow a malicious OCSP to crash applications performing OCSP verification. (CVE-2013-0166) - An OpenSSL leaks timing information issue exists that could allow a remote attacker to retrieve plaintext from the encrypted packets. (CVE-2013-0169) - The JBoss Enterprise Application Platform administrator password and the sucker password are stored in a world- readable, auto-install XML file created by the GUI installer. (CVE-2013-0218) - Tomcat incorrectly handles certain authentication requests. A remote attacker could use this flaw to inject a request that would get executed with a victim's credentials. (CVE-2013-2067)
    last seen 2019-02-21
    modified 2018-07-26
    plugin id 66971
    published 2013-06-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66971
    title JBoss Enterprise Application Platform 6.1.0 Update (RHSA-2013:0833)
  • NASL family Web Servers
    NASL id WEBSPHERE_7_0_0_29.NASL
    description IBM WebSphere Application Server 7.0 before Fix Pack 29 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. (CVE-2013-0169, PM85211) - The WS-Security run time contains a flaw that could be triggered by a specially crafted SOAP request to execute arbitrary code. (CVE-2013-0482, PM76582) - A denial of service vulnerability exists, caused by a buffer overflow on localOS registry when using WebSphere Identity Manager (WIM). (CVE-2013-0541, PM74909) - An unspecified cross-site scripting vulnerability exists related to the administrative console. (CVE-2013-0542, CVE-2013-2967, PM78614, PM81846) - A validation flaw exists relating to 'Local OS registries' that may allow a remote attacker to bypass security. (CVE-2013-0543, PM75582) - A directory traversal vulnerability exists in the administrative console via the 'PARAMETER' parameter. (CVE-2013-0544, PM82468) - A flaw exists relating to OAuth that could allow a remote attacker to obtain someone else's credentials. (CVE-2013-0597, PM85834, PM87131) - A flaw exists relating to OpenJPA that is triggered during deserialization that may allow a remote attacker to write to the file system and potentially execute arbitrary code. (CVE-2013-1768, PM86780, PM86786, PM86788, PM86791) - An information disclosure issue exists relating to incorrect caching by the administrative console. (CVE-2013-2976, PM79992) - A user-supplied input validation error exists that could allow cross-site request (CSRF) attacks to be carried out. (CVE-2013-3029, PM88746)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 68982
    published 2013-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68982
    title IBM WebSphere Application Server 7.0 < Fix Pack 29 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2013-004.NASL
    description The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-004 applied. This update contains several security-related fixes for the following component : - Apache - Bind - Certificate Trust Policy - ClamAV - Installer - IPSec - Mobile Device Management - OpenSSL - PHP - PostgreSQL - QuickTime - sudo Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 69878
    published 2013-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69878
    title Mac OS X Multiple Vulnerabilities (Security Update 2013-004)
  • NASL family Web Servers
    NASL id WEBSPHERE_8_5_0_2.NASL
    description IBM WebSphere Application Server 8.5 before Fix Pack 2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - The included Java SDK contains several errors that affect the application directly. (CVE-2013-0169, CVE-2013-0440, CVE-2013-0443) - Input validation errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0458 / PM71139, CVE-2013-0461 / PM71389, CVE-2013-0542 / PM81846, CVE-2013-0565 / PM83402) - An input validation error exists related to the administration console that could allow cross-site scripting attacks. Note that this issue affects only the application when running on z/OS operating systems. (CVE-2013-0459 / PM72536) - An unspecified error could allow security bypass for authenticated users. (CVE-2013-0462 / PM76886 or PM79937) - An error exists related to 'WS-Security' and SOAP message handling that could allow an attacker to spoof message signatures. (CVE-2013-0482 / PM76582) - An error exists related to authentication cookies that could allow remote attackers to gain access to restricted resources. Note this only affects the application when running the 'Liberty Profile'. (CVE-2013-0540 / PM81056) - A buffer overflow error exists related to 'WebSphere Identity Manger (WIM)' that could allow denial of service attacks. (CVE-2013-0541 / PM74909) - An unspecified error could allow security bypass, thus allowing remote attackers access to restricted resources on HP, Linux and Solaris hosts. (CVE-2013-0543 / PM75582) - An unspecified error related to the administration console could allow directory traversal attacks on Unix and Linux hosts. (CVE-2013-0544 / PM82468)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 66375
    published 2013-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66375
    title IBM WebSphere Application Server 8.5 < Fix Pack 2 Multiple Vulnerabilities
  • NASL family Web Servers
    NASL id WEBSPHERE_6_1_0_47.NASL
    description IBM WebSphere Application Server 6.1 before Fix Pack 47 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - A remote attacker can bypass authentication because of improper user validation on Linux, Solaris, and HP-UX platforms that use a LocalOS registry. (CVE-2013-0543, PM75582) - A denial of service can be caused by the way Apache Ant uses bzip2 to compress files. This can be exploited by a local attacker passing specially crafted input. (CVE-2012-2098, PM90088) - A local attacker can cause a denial of service on Windows platforms with a LocalOS registry using WebSphere Identity Manager. (CVE-2013-0541, PM74909) - Remote attackers can traverse directories by deploying a specially crafted application file to overwrite files outside of the application deployment directory. (CVE-2012-3305, PM62467) - The TLS protocol implementation is susceptible to plaintext-recovery attacks via statistical analysis of timing data for crafted packets. (CVE-2013-0169, PM85211) - Terminal escape sequences are not properly filtered from logs. Remote attackers could execute arbitrary commands via an HTTP request containing an escape sequence. (CVE-2013-1862, PM87808) - Improper validation of user input allows for cross-site request forgery. By persuading an authenticated user to visit a malicious website, a remote attacker could exploit this vulnerability to obtain sensitive information. (CVE-2012-4853, CVE-2013-3029, PM62920, PM88746) - Improper validation of user input in the administrative console allows for multiple cross-site scripting attacks. (CVE-2013-0458, CVE-2013-0459, CVE-2013-0461, CVE-2013-0542, CVE-2013-0596, CVE-2013-2967, CVE-2013-4005, CVE-2013-4052, PM71139, PM72536, PM71389, PM73445, PM78614, PM81846, PM88208, PM91892) - Improper validation of portlets in the administrative console allows for cross-site request forgery, which could allow an attacker to obtain sensitive information. (CVE-2013-0460, PM72275) - Remote, authenticated attackers can traverse directories on Linux and UNIX systems running the application. (CVE-2013-0544, PM82468) - A denial of service attack is possible if the optional mod_dav module is being used. (CVE-2013-1896, PM89996) - Sensitive information can be obtained by a local attacker because of incorrect caching by the administrative console. (CVE-2013-2976, PM79992) - An attacker may gain elevated privileges because of improper certificate checks. WS-Security and XML Digital Signatures must be enabled. (CVE-2013-4053, PM90949, PM91521) - Deserialization of a maliciously crafted OpenJPA object can result in an executable file being written to the file system. WebSphere is NOT vulnerable to this issue but the vendor suggests upgrading to be proactive. (CVE-2013-1768, PM86780, PM86786, PM86788, PM86791)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 70022
    published 2013-09-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70022
    title IBM WebSphere Application Server 6.1 < Fix Pack 47 Multiple Vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_00B0D8CD709711E298D9003067C2616F.NASL
    description OpenSSL security team reports : A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI supporting platforms can be exploited in a DoS attack. A flaw in the OpenSSL handling of OCSP response verification can be exploited in a denial of service attack.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 64488
    published 2013-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64488
    title FreeBSD : OpenSSL -- TLS 1.1, 1.2 denial of service (00b0d8cd-7097-11e2-98d9-003067c2616f)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-0587.NASL
    description Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially crafted response. (CVE-2013-0166) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) Note: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it. It was found that OpenSSL read certain environment variables even when used by a privileged (setuid or setgid) application. A local attacker could use this flaw to escalate their privileges. No application shipped with Red Hat Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735) All OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 65061
    published 2013-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65061
    title CentOS 5 / 6 : openssl (CESA-2013:0587)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENSSL-8517.NASL
    description OpenSSL has been updated to fix several security issues : - Avoid the openssl CRIME attack by disabling SSL compression by default. Setting the environment variable 'OPENSSL_NO_DEFAULT_ZLIB' to 'no' enables compression again. (CVE-2012-4929) Please note that openssl on SUSE Linux Enterprise 10 is not built with compression support. - Timing attacks against TLS could be used by physically local attackers to gain access to transmitted plain text or private keymaterial. This issue is also known as the 'Lucky-13' issue. (CVE-2013-0169) - A OCSP invalid key denial of service issue was fixed. (CVE-2013-0166)
    last seen 2019-02-21
    modified 2014-04-12
    plugin id 65719
    published 2013-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65719
    title SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 8517)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBOPENSSL-DEVEL-130325.NASL
    description OpenSSL has been updated to fix several security issues : - Avoid the openssl CRIME attack by disabling SSL compression by default. Setting the environment variable 'OPENSSL_NO_DEFAULT_ZLIB' to 'no' enables compression again. (CVE-2012-4929) - Timing attacks against TLS could be used by physically local attackers to gain access to transmitted plain text or private keymaterial. This issue is also known as the 'Lucky-13' issue. (CVE-2013-0169) - A OCSP invalid key denial of service issue was fixed. (CVE-2013-0166)
    last seen 2019-02-21
    modified 2014-04-12
    plugin id 65718
    published 2013-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65718
    title SuSE 11.2 Security Update : OpenSSL (SAT Patch Number 7548)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JAVA-1_6_0-IBM-8544.NASL
    description IBM Java 6 was updated to SR13 FP1, fixing bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ and on : http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.htm l#SR13FP1 Security issues: - CVE-2013-0485- CVE-2013-0809 - CVE-2013-0169. (CVE-2013-1493)
    last seen 2019-02-21
    modified 2014-04-12
    plugin id 66198
    published 2013-04-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66198
    title SuSE 10 Security Update : java-1_6_0-ibm (ZYPP Patch Number 8544)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20130304_OPENSSL_ON_SL5_X.NASL
    description It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially- crafted response. (CVE-2013-0166) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) Note: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it. It was found that OpenSSL read certain environment variables even when used by a privileged (setuid or setgid) application. A local attacker could use this flaw to escalate their privileges. No application shipped with Scientific Linux 5 and 6 was affected by this problem. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 65022
    published 2013-03-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65022
    title Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64
  • NASL family Windows
    NASL id STUNNEL_4_55.NASL
    description The version of stunnel installed on the remote host is a version after 4.21 and prior to 4.55. It is, therefore, affected by the following vulnerabilities : - The bundled version of OpenSSL contains an error related to CBC-mode and timing that allows an attacker to recover plaintext from encrypted communications. (CVE-2013-0169) - A buffer overflow condition exists related to NTLM authentication. Note this issue does not affect 32-bit builds.(CVE-2013-1762)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 65690
    published 2013-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65690
    title stunnel 4.21 - 4.54 Multiple Vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-0587.NASL
    description From Red Hat Security Advisory 2013:0587 : Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially crafted response. (CVE-2013-0166) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) Note: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it. It was found that OpenSSL read certain environment variables even when used by a privileged (setuid or setgid) application. A local attacker could use this flaw to escalate their privileges. No application shipped with Red Hat Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735) All OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68768
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68768
    title Oracle Linux 5 / 6 : openssl (ELSA-2013-0587)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2014-0008.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589) - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052) - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051) - use __secure_getenv everywhere instead of getenv (#839735) - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686) - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio (#814185) - fix problem with the SGC restart patch that might terminate handshake incorrectly - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725) - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489) - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4109 - double free in policy checks (#771771) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) - add known answer test for SHA2 algorithms (#740866) - make default private key length in certificate Makefile 2048 bits (can be changed with PRIVATE_KEY_BITS setting) (#745410) - fix incorrect return value in parse_yesno (#726593) - added DigiCert CA certificates to ca-bundle (#735819) - added a new section about error states to README.FIPS (#628976) - add missing DH_check_pub_key call when DH key is computed (#698175) - presort list of ciphers available in SSL (#688901) - accept connection in s_server even if getaddrinfo fails (#561260) - point to openssl dgst for list of supported digests (#608639) - fix handling of future TLS versions (#599112) - added VeriSign Class 3 Public Primary Certification Authority - G5 and StartCom Certification Authority certs to ca-bundle (#675671, #617856) - upstream fixes for the CHIL engine (#622003, #671484) - add SHA-2 hashes in SSL_library_init (#676384) - fix CVE-2010-4180 - completely disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462) - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924) - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which in the RHEL-5 and newer versions will crash in such case (#569774) - fix CVE-2009-3555 - support the safe renegotiation extension and do not allow legacy renegotiation on the server by default (#533125) - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197) - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data is called prematurely by application (#546707)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 79532
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79532
    title OracleVM 3.2 : onpenssl (OVMSA-2014-0008)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1732-3.NASL
    description USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and CVE-2012-2686 was reverted in USN-1732-2 because of a regression. This update restores the security fix, and includes an extra fix from upstream to address the AES-NI regression. We apologize for the inconvenience. Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2012-2686) Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenSSL was vulnerable to a timing side-channel attack known as the 'Lucky Thirteen' issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. (CVE-2013-0169). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 65684
    published 2013-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65684
    title Ubuntu 12.04 LTS / 12.10 : openssl vulnerability (USN-1732-3)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_8_5.NASL
    description The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.5. The newer version contains multiple security-related fixes for the following components : - Apache - Bind - Certificate Trust Policy - CoreGraphics - ImageIO - Installer - IPSec - Kernel - Mobile Device Management - OpenSSL - PHP - PostgreSQL - Power Management - QuickTime - Screen Lock - sudo This update also addresses an issue in which certain Unicode strings could cause applications to unexpectedly quit. Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 69877
    published 2013-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69877
    title Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0587.NASL
    description Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially crafted response. (CVE-2013-0166) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) Note: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it. It was found that OpenSSL read certain environment variables even when used by a privileged (setuid or setgid) application. A local attacker could use this flaw to escalate their privileges. No application shipped with Red Hat Enterprise Linux 5 and 6 was affected by this problem. (BZ#839735) All OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 65004
    published 2013-03-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65004
    title RHEL 5 / 6 : openssl (RHSA-2013:0587)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-171.NASL
    description It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially crafted response. (CVE-2013-0166) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) Note: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69730
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69730
    title Amazon Linux AMI : openssl (ALAS-2013-171)
  • NASL family Web Servers
    NASL id OPENSSL_1_0_1D.NASL
    description According to its banner, the remote web server is running a version of OpenSSL 1.0.1 prior to 1.0.1d. The OpenSSL library is, therefore, reportedly affected by the following vulnerabilities : - An error exists related to AES-NI, TLS 1.1, TLS 1.2 and the handling of CBC ciphersuites that could allow denial of service attacks. Note that platforms and versions that do not support AES-NI, TLS 1.1, or TLS 1.2 are not affected. (CVE-2012-2686) - An error exists related to the handling of OCSP response verification that could allow denial of service attacks. (CVE-2013-0166) - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 64534
    published 2013-02-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64534
    title OpenSSL 1.0.1 < 1.0.1d Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0823.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-0169, CVE-2013-0401, CVE-2013-1491, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2440) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR13-FP2 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 66440
    published 2013-05-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66440
    title RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2013:0823)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0822.NASL
    description Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-0169, CVE-2013-0401, CVE-2013-1488, CVE-2013-1491, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1563, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438, CVE-2013-2440) All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR4-FP2 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 66439
    published 2013-05-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66439
    title RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2013:0822)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-0274.NASL
    description Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64896
    published 2013-02-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64896
    title CentOS 5 : java-1.6.0-openjdk (CESA-2013:0274)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0273.NASL
    description Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) Note: If the web browser plug-in provided by the icedtea-web package was installed, CVE-2013-1486 could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64746
    published 2013-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64746
    title RHEL 6 : java-1.6.0-openjdk (RHSA-2013:0273)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-163.NASL
    description An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69722
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69722
    title Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-163)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-154.NASL
    description openssl was updated to 1.0.1e, fixing bugs and security issues : o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. o Include the fips configuration module. o Fix OCSP bad key DoS attack CVE-2013-0166 bnc#802746 o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 bnc#802184 o Fix for TLS AESNI record handling flaw CVE-2012-2686 Also the following buyg was fixed: bnc#757773 - c_rehash to accept more filename extensions
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74902
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74902
    title openSUSE Security Update : openssl (openSUSE-SU-2013:0337-1)
  • NASL family AIX Local Security Checks
    NASL id AIX_OPENSSL_ADVISORY5.NASL
    description The version of OpenSSL running on the remote host is affected by the following vulnerabilities : - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side- channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the 'Lucky Thirteen' issue. (CVE-2013-0169) - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key. (CVE-2013-0166)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 73563
    published 2014-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73563
    title AIX OpenSSL Advisory : openssl_advisory5.asc
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-014.NASL
    description Multiple security issues were identified and fixed in OpenJDK (icedtea6) : - S8006446: Restrict MBeanServer access - S8006777: Improve TLS handling of invalid messages - S8007688: Blacklist known bad certificate - S7123519: problems with certification path - S8007393: Possible race condition after JDK-6664509 - S8007611: logging behavior in applet changed The updated packages provides icedtea6-1.11.8 which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 64861
    published 2013-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64861
    title Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:014)
  • NASL family Web Servers
    NASL id OPENSSL_1_0_1E.NASL
    description According to its banner, the remote web server is running a version of OpenSSL 1.0.1 prior to 1.0.1e. The OpenSSL library is, therefore, reportedly affected by an incomplete fix for CVE-2013-0169. An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 64620
    published 2013-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64620
    title OpenSSL 1.0.1 < 1.0.1e Information Disclosure
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1732-2.NASL
    description USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0166 and CVE-2012-2686 introduced a regression causing decryption failures on hardware supporting AES-NI. This update temporarily reverts the security fix pending further investigation. We apologize for the inconvenience. Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2012-2686) Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenSSL was vulnerable to a timing side-channel attack known as the 'Lucky Thirteen' issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. (CVE-2013-0169). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 64968
    published 2013-03-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64968
    title Ubuntu 12.04 LTS / 12.10 : openssl regression (USN-1732-2)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201312-03.NASL
    description The remote host is affected by the vulnerability described in GLSA-201312-03 (OpenSSL: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. Impact : Remote attackers can determine private keys, decrypt data, cause a Denial of Service or possibly have other unspecified impact. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 71169
    published 2013-12-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71169
    title GLSA-201312-03 : OpenSSL: Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1456.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Network Satellite Server 5.5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.5. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143, CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089, CVE-2013-0169, CVE-2013-0351, CVE-2013-0401, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1487, CVE-2013-1491, CVE-2013-1493, CVE-2013-1500, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2407, CVE-2013-2412, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Users of Red Hat Network Satellite Server 5.5 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR14 release. For this update to take effect, Red Hat Network Satellite Server must be restarted ('/usr/sbin/rhn-satellite restart'), as well as all running instances of IBM Java.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 78976
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78976
    title RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1456) (ROBOT)
  • NASL family Windows
    NASL id TIVOLI_DIRECTORY_SVR_SWG21638270.NASL
    description The remote host is running a version of IBM Tivoli Directory Server and a version of IBM Global Security Kit (GSKit) that is affected by an information disclosure vulnerability. The Transport Layer Security (TLS) protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets. This type of exploitation is known as the 'Lucky Thirteen' attack.
    last seen 2019-02-21
    modified 2018-08-01
    plugin id 80481
    published 2015-01-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80481
    title IBM Tivoli Directory Server < 6.0.0.72 / 6.1.0.55 / 6.2.0.30 / 6.3.0.22 with GSKit < 7.0.4.45 / 8.0.14.27 TLS Side-Channel Timing Information Disclosure
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL93600123.NASL
    description The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session, NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169. (CVE-2016-2107)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 94986
    published 2016-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94986
    title F5 Networks BIG-IP : OpenSSL vulnerability (K93600123)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL14190.NASL
    description A vulnerability exists in the TLS and DTLS protocols that may allow an attacker to recover plaintext from TLS/DTLS connections that use CBC-mode encryption. (CVE-2013-0169) Note: Stream ciphers, such as RC4, are not vulnerable to this issue.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78142
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78142
    title F5 Networks BIG-IP : TLS/DTLS 'Lucky 13' vulnerability (K14190)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-0274.NASL
    description From Red Hat Security Advisory 2013:0274 : Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68735
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68735
    title Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2013-0274)
  • NASL family CGI abuses
    NASL id SPLUNK_503.NASL
    description According to its version number, the Splunk Web hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by an unspecified cross-site scripting vulnerability. An attacker can exploit this issue to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site. (CVE-2012-6447) - The version of OpenSSL included with Splunk 5.x is affected by multiple vulnerabilities including a denial of service and a plaintext recovery attack. (CVE-2013-0166, CVE-2013-0169) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 66835
    published 2013-06-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66835
    title Splunk 5.0.x < 5.0.3 Multiple Vulnerabilities
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2013-0009.NASL
    description a. vCenter Server and ESX userworld update for OpenSSL library The userworld OpenSSL library is updated to version openssl-0.9.8y to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0169 and CVE-2013-0166 to these issues. b. Service Console (COS) update for OpenSSL library The Service Console updates for OpenSSL library is updated to version openssl-0.9.8e-26.el5_9.1 to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0169 and CVE-2013-0166 to these issues. c. ESX Userworld and Service Console (COS) update for libxml2 library The ESX Userworld and Service Console libxml2 library is updated to version libxml2-2.6.26-2.1.21.el5_9.1 and libxml2-python-2.6.26-2.1.21.el5_9.1. to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-0338 to this issue. d. Service Console (COS) update for GnuTLS library The ESX service console GnuTLS RPM is updated to version gnutls-1.4.1-10.el5_9.1 to resolve a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-2116 to this issue. e. ESX third-party update for Service Console kernel The ESX Service Console Operating System (COS) kernel is updated to kernel-2.6.18-348.3.1.el5 which addresses several security issues in the COS kernel. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0268 and CVE-2013-0871 to these issues.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 69193
    published 2013-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69193
    title VMSA-2013-0009 : VMware vSphere, ESX and ESXi updates to third-party libraries
  • NASL family Misc.
    NASL id IPSWITCH_IMAIL_12_3.NASL
    description The remote host appears to be running Ipswitch IMail Server 11.x or 12.x older than version 12.3 and is, therefore, affected by an information disclosure vulnerability due to the included OpenSSL version. An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 76489
    published 2014-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76489
    title Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_OPENSSL_20130716.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key. (CVE-2013-0166) - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the 'Lucky Thirteen' issue. (CVE-2013-0169)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80719
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80719
    title Oracle Solaris Third-Party Patch Update : openssl (lucky_thirteen_vulnerability_in_solaris)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-0273.NASL
    description Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) Note: If the web browser plug-in provided by the icedtea-web package was installed, CVE-2013-1486 could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64730
    published 2013-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64730
    title CentOS 6 : java-1.6.0-openjdk (CESA-2013:0273)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0274.NASL
    description Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64747
    published 2013-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64747
    title RHEL 5 : java-1.6.0-openjdk (RHSA-2013:0274)
  • NASL family Misc.
    NASL id VMWARE_ESX_VMSA-2013-0009_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party libraries : - GnuTLS - Kernel - OpenSSL
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 89666
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89666
    title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0009) (remote check)
  • NASL family General
    NASL id IBM_GSKIT_SWG21638270.NASL
    description The version of IBM Global Security Kit (GSKit) installed on the remote host is 7.0.x prior to 7.0.4.45 or 8.0.14.x prior to 8.0.14.27. It is, therefore, affected by an information disclosure vulnerability. The Transport Layer Security (TLS) protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets. This type of exploitation is known as the 'Lucky Thirteen' attack.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 67231
    published 2013-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67231
    title IBM GSKit 7.x < 7.0.4.45 / 8.0.14.x < 8.0.14.27 TLS Side-Channel Timing Information Disclosure
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-164.NASL
    description java-1_6_0-openjdk was updated to IcedTea 1.12.3 (bnc#804654) containing security and bugfixes : - Security fixes - S8006446: Restrict MBeanServer access (CVE-2013-1486) - S8006777: Improve TLS handling of invalid messages Lucky 13 (CVE-2013-0169) - S8007688: Blacklist known bad certificate (issued by DigiCert) - Backports - S8007393: Possible race condition after JDK-6664509 - S8007611: logging behavior in applet changed - Bug fixes - PR1319: Support GIF lib v5.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74906
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74906
    title openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0375-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_6_0-OPENJDK-130221.NASL
    description java-1_6_0-openjdk has been updated to IcedTea 1.12.3 (bnc#804654) which contains security and bugfixes : - Security fixes - S8006446: Restrict MBeanServer access. (CVE-2013-1486) - S8006777: Improve TLS handling of invalid messages Lucky 13. (CVE-2013-0169) - S8007688: Blacklist known bad certificate (issued by DigiCert) - Backports - S8007393: Possible race condition after JDK-6664509 - S8007611: logging behavior in applet changed - Bug fixes - PR1319: Support GIF lib v5.
    last seen 2019-02-21
    modified 2014-04-12
    plugin id 64863
    published 2013-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64863
    title SuSE 11.2 Security Update : Java (SAT Patch Number 7385)
  • NASL family Web Servers
    NASL id OPENSSL_1_0_0K.NASL
    description According to its banner, the remote web server is running a version of OpenSSL 1.0.0 prior to 1.0.0k. The OpenSSL library is, therefore, reportedly affected by the following vulnerabilities : - An error exists related to the handling of OCSP response verification that could allow denial of service attacks. (CVE-2013-0166) - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 64533
    published 2013-02-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64533
    title OpenSSL 1.0.0 < 1.0.0k Multiple Vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2621.NASL
    description Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2013-0166 OpenSSL does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid key. - CVE-2013-0169 A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the 'Lucky Thirteen' issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64623
    published 2013-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64623
    title Debian DSA-2621-1 : openssl - several vulnerabilities
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_JSA10575.NASL
    description According to its self-reported version number, the remote Junos device is using an outdated version of OpenSSL, which has multiple vulnerabilities including (but not limited to) : - An error exists related to the handling of OCSP response verification that could allow denial of service attacks. (CVE-2013-0166) - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 68908
    published 2013-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68908
    title Juniper Junos OpenSSL Multiple Vulnerabilities (JSA10575)
  • NASL family Misc.
    NASL id JUNOS_PULSE_JSA10591.NASL
    description According to its self-reported version, the version of IVE / UAC OS running on the remote host may be affected by multiple vulnerabilities : - Remote attackers may be able to trigger buffer overflow vulnerabilities on the OpenSSL libraries by sending specially crafted DER data, resulting in memory corruption. (CVE-2012-2131) - A weakness in the OpenSSL library leaves it vulnerable to an attack that could allow a third party to recover (fully or partially) the plaintext from encrypted traffic. (CVE-2013-0169) - A flaw in OCSP signature verification in the OpenSSL library allows remote OCSP servers to cause a denial of service condition with an invalid key. (CVE-2013-0166)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 69987
    published 2013-09-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69987
    title Junos Pulse Secure IVE / UAC OS Multiple SSL Vulnerabilities
  • NASL family General
    NASL id IBM_TSM_SERVER_6_3_4_200.NASL
    description The version of IBM Tivoli Storage Manager installed on the remote host is 6.3.x prior to 6.3.4.200. It is, therefore, affected by a vulnerability that could allow a remote attacker to perform a statistical timing attack known as 'Lucky Thirteen'.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77120
    published 2014-08-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77120
    title IBM Tivoli Storage Manager Server 6.3.x < 6.3.4.200 Information Disclosure
  • NASL family Misc.
    NASL id JUNIPER_NSM_JSA10642.NASL
    description The remote host has one or more instances of NSM (Network and Security Manager) Server running, with version(s) prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities related to its Java and Apache installations.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77326
    published 2014-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77326
    title Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2013-040-01.NASL
    description New openssl packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.
    last seen 2019-02-21
    modified 2015-01-14
    plugin id 64535
    published 2013-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64535
    title Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : openssl (SSA:2013-040-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-2834.NASL
    description Multiple security and bug fixes update from upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 64982
    published 2013-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64982
    title Fedora 18 : openssl-1.0.1e-3.fc18 (2013-2834)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-0273.NASL
    description From Red Hat Security Advisory 2013:0273 : Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) Note: If the web browser plug-in provided by the icedtea-web package was installed, CVE-2013-1486 could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68734
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68734
    title Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2013-0273)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0855.NASL
    description Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-0169, CVE-2013-0401, CVE-2013-1491, CVE-2013-1537, CVE-2013-1557, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2417, CVE-2013-2419, CVE-2013-2420, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR16-FP2 release. All running instances of IBM Java must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 66550
    published 2013-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66550
    title RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2013:0855)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-052.NASL
    description Multiple vulnerabilities has been found and corrected in openssl : OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key (CVE-2013-0166). The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue (CVE-2013-0169). The updated packages have been upgraded to the 1.0.0k version which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 66066
    published 2013-04-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66066
    title Mandriva Linux Security Advisory : openssl (MDVSA-2013:052)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-4403.NASL
    description Update to 1.0.1e Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 65776
    published 2013-04-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65776
    title Fedora 18 : mingw-openssl-1.0.1e-1.fc18 (2013-4403)
  • NASL family Web Servers
    NASL id OPENSSL_0_9_8Y.NASL
    description According to its banner, the remote web server is running a version of OpenSSL prior to 0.9.8y. The OpenSSL library is, therefore, reportedly affected by the following vulnerabilities : - An error exists related to the handling of OCSP response verification that could allow denial of service attacks. (CVE-2013-0166) - An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks. (CVE-2013-0169)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 64532
    published 2013-02-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64532
    title OpenSSL < 0.9.8y Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1732-1.NASL
    description Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2012-2686) Stephen Henson discovered that OpenSSL incorrectly performed signature verification for OCSP responses. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2013-0166) Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenSSL was vulnerable to a timing side-channel attack known as the 'Lucky Thirteen' issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. (CVE-2013-0169). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 64798
    published 2013-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64798
    title Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : openssl vulnerabilities (USN-1732-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0531.NASL
    description Updated java-1.6.0-sun packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes three vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2013-0169, CVE-2013-1486, CVE-2013-1487) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 41. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-26
    plugin id 64774
    published 2013-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64774
    title RHEL 5 / 6 : java-1.6.0-sun (RHSA-2013:0531)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL15637.NASL
    description The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169.
    last seen 2019-02-21
    modified 2014-10-10
    plugin id 78199
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78199
    title F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2622.NASL
    description Multiple vulnerabilities have been found in PolarSSL. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2013-0169 A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the 'Lucky Thirteen' issue. - CVE-2013-1621 An array index error might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session. - CVE-2013-1622 Malformed CBC data in a TLS session could allow remote attackers to conduct distinguishing attacks via statistical analysis of timing side-channel data for crafted packets.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 64624
    published 2013-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64624
    title Debian DSA-2622-1 : polarssl - several vulnerabilities
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-162.NASL
    description Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1486 , CVE-2013-1484) An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-1485) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69721
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69721
    title Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-162)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL15630.NASL
    description The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. (CVE-2013-1620)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78198
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78198
    title F5 Networks BIG-IP : TLS in Mozilla NSS vulnerability (K15630)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_69BFC8529BD011E2A7BE8C705AF55518.NASL
    description A flaw in the OpenSSL handling of OCSP response verification could be exploited to cause a denial of service attack. OpenSSL has a weakness in the handling of CBC ciphersuites in SSL, TLS and DTLS. The weakness could reveal plaintext in a timing attack.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 65842
    published 2013-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65842
    title FreeBSD : FreeBSD -- OpenSSL multiple vulnerabilities (69bfc852-9bd0-11e2-a7be-8c705af55518)
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_SPACE_JSA10659.NASL
    description According to its self-reported version number, the remote Junos Space version is prior to 14.1R1. It is, therefore, affected by multiple vulnerabilities in bundled third party software components : - Multiple vulnerabilities in the bundled OpenSSL CentOS package. (CVE-2011-4109, CVE-2011-4576, CVE-2011-4619, CVE-2012-0884, CVE-2012-2110, CVE-2012-2333, CVE-2013-0166, CVE-2013-0169, CVE-2014-0224) - Multiple vulnerabilities in Oracle MySQL. (CVE-2013-5908) - Multiple vulnerabilities in the Oracle Java runtime. (CVE-2014-0411, CVE-2014-0423, CVE-2014-4244, CVE-2014-0453, CVE-2014-0460, CVE-2014-4263, CVE-2014-4264)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 80197
    published 2014-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80197
    title Juniper Junos Space < 14.1R1 Multiple Vulnerabilities (JSA10659)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-2793.NASL
    description Multiple security and bug fixes update from upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 65081
    published 2013-03-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65081
    title Fedora 17 : openssl-1.0.0k-1.fc17 (2013-2793)
oval via4
  • accepted 2015-04-20T04:00:46.294-04:00
    class vulnerability
    contributors
    • name Ganesh Manal
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
    family unix
    id oval:org.mitre.oval:def:18841
    status accepted
    submitted 2013-11-22T11:43:28.000-05:00
    title HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Unauthorized Disclosure
    version 45
  • accepted 2015-05-04T04:00:13.938-04:00
    class vulnerability
    contributors
    • name Sergey Artykhov
      organization ALTX-SOFT
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    comment VisualSVN Server is installed
    oval oval:org.mitre.oval:def:18636
    description The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
    family windows
    id oval:org.mitre.oval:def:19016
    status accepted
    submitted 2013-10-02T13:00:00
    title OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d in VisualSVN Server (CVE-2013-0169)
    version 9
  • accepted 2015-04-20T04:01:16.047-04:00
    class vulnerability
    contributors
    • name Ganesh Manal
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
    family unix
    id oval:org.mitre.oval:def:19424
    status accepted
    submitted 2013-11-22T11:43:28.000-05:00
    title HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
    version 44
  • accepted 2015-04-20T04:01:27.840-04:00
    class vulnerability
    contributors
    • name Ganesh Manal
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
    family unix
    id oval:org.mitre.oval:def:19540
    status accepted
    submitted 2013-11-22T11:43:28.000-05:00
    title HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
    version 45
  • accepted 2014-01-20T04:00:21.328-05:00
    class vulnerability
    contributors
    • name Chandan M C
      organization Hewlett-Packard
    • name Chandan M C
      organization Hewlett-Packard
    definition_extensions
    • comment IBM AIX 5.3 is installed
      oval oval:org.mitre.oval:def:5325
    • comment IBM AIX 6.1 is installed
      oval oval:org.mitre.oval:def:5267
    • comment IBM AIX 7.1 is installed
      oval oval:org.mitre.oval:def:18828
    • comment IBM AIX 5.3 is installed
      oval oval:org.mitre.oval:def:5325
    • comment IBM AIX 6.1 is installed
      oval oval:org.mitre.oval:def:5267
    • comment IBM AIX 7.1 is installed
      oval oval:org.mitre.oval:def:18828
    description The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
    family unix
    id oval:org.mitre.oval:def:19608
    status accepted
    submitted 2013-11-18T10:06:56.357-05:00
    title Multiple OpenSSL vulnerabilities
    version 48
redhat via4
advisories
  • bugzilla
    id 908052
    title CVE-2013-0166 openssl: DoS due to improper handling of OCSP response verification
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment openssl is earlier than 0:0.9.8e-26.el5_9.1
            oval oval:com.redhat.rhsa:tst:20130587002
          • comment openssl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070964003
        • AND
          • comment openssl-devel is earlier than 0:0.9.8e-26.el5_9.1
            oval oval:com.redhat.rhsa:tst:20130587006
          • comment openssl-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070964005
        • AND
          • comment openssl-perl is earlier than 0:0.9.8e-26.el5_9.1
            oval oval:com.redhat.rhsa:tst:20130587004
          • comment openssl-perl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070964007
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment openssl is earlier than 0:1.0.0-27.el6_4.2
            oval oval:com.redhat.rhsa:tst:20130587012
          • comment openssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888006
        • AND
          • comment openssl-devel is earlier than 0:1.0.0-27.el6_4.2
            oval oval:com.redhat.rhsa:tst:20130587018
          • comment openssl-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888012
        • AND
          • comment openssl-perl is earlier than 0:1.0.0-27.el6_4.2
            oval oval:com.redhat.rhsa:tst:20130587016
          • comment openssl-perl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888008
        • AND
          • comment openssl-static is earlier than 0:1.0.0-27.el6_4.2
            oval oval:com.redhat.rhsa:tst:20130587014
          • comment openssl-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888010
    rhsa
    id RHSA-2013:0587
    released 2013-03-04
    severity Moderate
    title RHSA-2013:0587: openssl security update (Moderate)
  • rhsa
    id RHSA-2013:0782
  • rhsa
    id RHSA-2013:0783
  • rhsa
    id RHSA-2013:0833
  • rhsa
    id RHSA-2013:1455
  • rhsa
    id RHSA-2013:1456
rpms
  • java-1.6.0-openjdk-1:1.6.0.0-1.56.1.11.8.el6_3
  • java-1.6.0-openjdk-demo-1:1.6.0.0-1.56.1.11.8.el6_3
  • java-1.6.0-openjdk-devel-1:1.6.0.0-1.56.1.11.8.el6_3
  • java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.56.1.11.8.el6_3
  • java-1.6.0-openjdk-src-1:1.6.0.0-1.56.1.11.8.el6_3
  • java-1.6.0-openjdk-1:1.6.0.0-1.35.1.11.8.el5_9
  • java-1.6.0-openjdk-demo-1:1.6.0.0-1.35.1.11.8.el5_9
  • java-1.6.0-openjdk-devel-1:1.6.0.0-1.35.1.11.8.el5_9
  • java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.35.1.11.8.el5_9
  • java-1.6.0-openjdk-src-1:1.6.0.0-1.35.1.11.8.el5_9
  • java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el6_3
  • java-1.7.0-openjdk-demo-1:1.7.0.9-2.3.7.1.el6_3
  • java-1.7.0-openjdk-devel-1:1.7.0.9-2.3.7.1.el6_3
  • java-1.7.0-openjdk-javadoc-1:1.7.0.9-2.3.7.1.el6_3
  • java-1.7.0-openjdk-src-1:1.7.0.9-2.3.7.1.el6_3
  • java-1.7.0-openjdk-1:1.7.0.9-2.3.7.1.el5_9
  • java-1.7.0-openjdk-demo-1:1.7.0.9-2.3.7.1.el5_9
  • java-1.7.0-openjdk-devel-1:1.7.0.9-2.3.7.1.el5_9
  • java-1.7.0-openjdk-javadoc-1:1.7.0.9-2.3.7.1.el5_9
  • java-1.7.0-openjdk-src-1:1.7.0.9-2.3.7.1.el5_9
  • openssl-0:0.9.8e-26.el5_9.1
  • openssl-devel-0:0.9.8e-26.el5_9.1
  • openssl-perl-0:0.9.8e-26.el5_9.1
  • openssl-0:1.0.0-27.el6_4.2
  • openssl-devel-0:1.0.0-27.el6_4.2
  • openssl-perl-0:1.0.0-27.el6_4.2
  • openssl-static-0:1.0.0-27.el6_4.2
refmap via4
apple APPLE-SA-2013-09-12-1
bid 57778
cert TA13-051A
cert-vn VU#737740
confirm
debian
  • DSA-2621
  • DSA-2622
fedora FEDORA-2013-4403
gentoo GLSA-201406-32
hp
  • HPSBMU02874
  • HPSBOV02852
  • HPSBUX02856
  • HPSBUX02857
  • HPSBUX02909
  • SSRT101103
  • SSRT101104
  • SSRT101108
  • SSRT101184
  • SSRT101289
mandriva MDVSA-2013:095
misc
mlist
  • [debian-lts-announce] 20180925 [SECURITY] [DLA 1518-1] polarssl security update
  • [oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations
sectrack 1029190
secunia
  • 53623
  • 55108
  • 55139
  • 55322
  • 55350
  • 55351
suse
  • SUSE-SU-2013:0328
  • SUSE-SU-2013:0701
  • SUSE-SU-2014:0320
  • SUSE-SU-2015:0578
  • openSUSE-SU-2013:0375
  • openSUSE-SU-2013:0378
  • openSUSE-SU-2016:0640
ubuntu USN-1735-1
vmware via4
description The userworld OpenSSL library is updated to version openssl-0.9.8y to resolve multiple security issues.
id VMSA-2013-0009
last_updated 2014-01-16T00:00:00
published 2013-07-31T00:00:00
title vCenter Server and ESX userworld update for OpenSSL library
Last major update 02-12-2016 - 22:00
Published 08-02-2013 - 14:55
Last modified 26-09-2018 - 06:29
Back to Top