CVE-2018-0732

MEDIUM

Description

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).

References

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/104442

http://www.securitytracker.com/id/1041090

https://access.redhat.com/errata/RHSA-2018:2552

https://access.redhat.com/errata/RHSA-2018:2553

https://access.redhat.com/errata/RHSA-2018:3221

https://access.redhat.com/errata/RHSA-2018:3505

https://access.redhat.com/errata/RHSA-2019:1296

https://access.redhat.com/errata/RHSA-2019:1297

https://access.redhat.com/errata/RHSA-2019:1543

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4

https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/

https://lists.fedoraproject.org/archives/list/[email protected]/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/

https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/

https://security.gentoo.org/glsa/201811-03

https://security.netapp.com/advisory/ntap-20181105-0001/

https://security.netapp.com/advisory/ntap-20190118-0002/

https://securityadvisories.paloaltonetworks.com/Home/Detail/133

https://usn.ubuntu.com/3692-1/

https://usn.ubuntu.com/3692-2/

https://www.debian.org/security/2018/dsa-4348

https://www.debian.org/security/2018/dsa-4355

https://www.openssl.org/news/secadv/20180612.txt

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

https://www.tenable.com/security/tns-2018-12

https://www.tenable.com/security/tns-2018-13

https://www.tenable.com/security/tns-2018-14

https://www.tenable.com/security/tns-2018-17

Details

Source: MITRE

Published: 2018-06-12

Updated: 2019-05-30

Type: CWE-320

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from 1.0.2 to 1.0.2o (inclusive)

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from 1.1.0 to 1.1.0h (inclusive)

Configuration 2

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (84 total)

ID	Name	Product	Family	Severity
131184	Oracle Enterprise Manager Ops Center (Jan 2019 CPU)	Nessus	Misc.	high
129653	Fedora 31 : 1:compat-openssl10 (2019-db06efdea1)	Nessus	Fedora Local Security Checks	medium
129368	Fedora 29 : 1:compat-openssl10 (2019-9a0a7c0986)	Nessus	Fedora Local Security Checks	medium
129319	Fedora 30 : 1:compat-openssl10 (2019-00c25b9379)	Nessus	Fedora Local Security Checks	medium
128303	Symantec ProxySG 6.5 / 6.6 / 6.7 < 6.7.4.1 OpenSSL Denial of Service Vulnerability (SA1462)	Nessus	Firewalls	medium
127975	OracleVM 3.4 : openssl (OVMSA-2019-0040)	Nessus	OracleVM Local Security Checks	medium
127262	NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0065)	Nessus	NewStart CGSL Local Security Checks	medium
126270	EulerOS 2.0 SP8 : compat-openssl10 (EulerOS-SA-2019-1643)	Nessus	Huawei Local Security Checks	medium
126046	SUSE SLES12 Security Update : openssl (SUSE-SU-2019:1553-1)	Nessus	SuSE Local Security Checks	medium
125616	RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP2 (RHSA-2019:1297)	Nessus	Red Hat Local Security Checks	high
124999	EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1546)	Nessus	Huawei Local Security Checks	medium
124903	EulerOS Virtualization for ARM 64 3.0.1.0 : openssl (EulerOS-SA-2019-1400)	Nessus	Huawei Local Security Checks	medium
123887	EulerOS Virtualization 2.5.4 : openssl (EulerOS-SA-2019-1201)	Nessus	Huawei Local Security Checks	medium
123871	EulerOS Virtualization 2.5.3 : openssl (EulerOS-SA-2019-1185)	Nessus	Huawei Local Security Checks	low
123512	Palo Alto Networks PAN-OS 6.1.x <= 6.1.20 / 7.1.x < 7.1.21 / 8.0.x < 8.0.14 / 8.1.x < 8.1.4 Multiple Vulnerabilities (PAN-SA-2018-0015)	Nessus	Palo Alto Local Security Checks	medium
123360	openSUSE Security Update : VirtualBox (openSUSE-2019-863)	Nessus	SuSE Local Security Checks	medium
123323	openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-753)	Nessus	SuSE Local Security Checks	medium
123322	openSUSE Security Update : openssl-1_1 (openSUSE-2019-751)	Nessus	SuSE Local Security Checks	medium
123312	openSUSE Security Update : nodejs8 (openSUSE-2019-718)	Nessus	SuSE Local Security Checks	medium
123236	openSUSE Security Update : openssl-1_1 (openSUSE-2019-550)	Nessus	SuSE Local Security Checks	medium
123235	openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-549)	Nessus	SuSE Local Security Checks	medium
121981	Photon OS 2.0: Openssl PHSA-2018-2.0-0084	Nessus	PhotonOS Local Security Checks	high
121875	Photon OS 1.0: Openssl PHSA-2018-1.0-0175	Nessus	PhotonOS Local Security Checks	high
121257	Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2019 CPU)	Nessus	Misc.	high
121252	Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Jan 2019 CPU)	Nessus	CGI abuses	medium
121225	Oracle Enterprise Manager Cloud Control (January 2019 CPU)	Nessus	Misc.	high
121069	Junos OS: OpenSSL Security Advisories [16 Apr 2018] and [12 June 2018] (JSA10919)	Nessus	Junos Local Security Checks	medium
120997	EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1009)	Nessus	Huawei Local Security Checks	medium
120424	Fedora 28 : 1:openssl (2018-520e4c5b4e)	Nessus	Fedora Local Security Checks	medium
120198	Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17)	Nessus	Misc.	medium
120115	SUSE SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2018:2965-1)	Nessus	SuSE Local Security Checks	medium
120114	SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2018:2956-1)	Nessus	SuSE Local Security Checks	medium
120104	SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2018:2812-1)	Nessus	SuSE Local Security Checks	medium
120103	SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2018:2796-1)	Nessus	SuSE Local Security Checks	medium
120093	SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2018:2647-1)	Nessus	SuSE Local Security Checks	medium
120057	SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2018:2041-1)	Nessus	SuSE Local Security Checks	medium
120056	SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2018:2036-1)	Nessus	SuSE Local Security Checks	medium
119909	EulerOS 2.0 SP2 : openssl (EulerOS-SA-2018-1420)	Nessus	Huawei Local Security Checks	medium
119792	Debian DSA-4355-1 : openssl1.0 - security update	Nessus	Debian Local Security Checks	medium
119520	EulerOS 2.0 SP3 : openssl (EulerOS-SA-2018-1392)	Nessus	Huawei Local Security Checks	medium
119403	RHEL 7 : Red Hat OpenShift Application Runtimes Node.js 10.9.0 (RHSA-2018:2553)	Nessus	Red Hat Local Security Checks	medium
119402	RHEL 7 : Red Hat OpenShift Application Runtimes Node.js 8.11.4 (RHSA-2018:2552)	Nessus	Red Hat Local Security Checks	medium
119313	Debian DSA-4348-1 : openssl - security update	Nessus	Debian Local Security Checks	medium
119194	Scientific Linux Security Update : openssl on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	medium
118998	CentOS 7 : openssl (CESA-2018:3221)	Nessus	CentOS Local Security Checks	medium
118937	Node.js multiple vulnerabilities (August 2018 Security Releases).	Nessus	Misc.	medium
118847	GLSA-201811-03 : OpenSSL: Denial of Service	Nessus	Gentoo Local Security Checks	medium
118833	Amazon Linux 2 : openssl (ALAS-2018-1102)	Nessus	Amazon Linux Local Security Checks	medium
118777	Oracle Linux 7 : openssl (ELSA-2018-3221)	Nessus	Oracle Linux Local Security Checks	medium
118642	F5 Networks BIG-IP : OpenSSL vulnerability (K21665601)	Nessus	F5 Networks Local Security Checks	medium
118595	Amazon Linux AMI : openssl (ALAS-2018-1098)	Nessus	Amazon Linux Local Security Checks	medium
118562	openSUSE Security Update : VirtualBox (openSUSE-2018-1330)	Nessus	SuSE Local Security Checks	medium
118534	RHEL 7 : openssl (RHSA-2018:3221)	Nessus	Red Hat Local Security Checks	medium
118399	Tenable Log Correlation Engine (LCE) < 5.1.1 (TNS-2018-13)	Nessus	Misc.	medium
118398	Tenable Nessus < 8.0.0 Multiple Vulnerabilities (TNS-2018-14)	Nessus	Misc.	medium
118273	SUSE SLES12 Security Update : openssl (SUSE-SU-2018:1887-2)	Nessus	SuSE Local Security Checks	medium
118204	Oracle VM VirtualBox < 5.2.20 Multiple Vulnerabilities (Oct 2018 CPU)	Nessus	Misc.	medium
118106	Oracle Linux 7 : openssl (ELSA-2018-4249)	Nessus	Oracle Linux Local Security Checks	medium
118105	Oracle Linux 6 : openssl (ELSA-2018-4248)	Nessus	Oracle Linux Local Security Checks	medium
117977	openSUSE Security Update : openssl-1_0_0 (openSUSE-2018-1110)	Nessus	SuSE Local Security Checks	medium
117976	openSUSE Security Update : openssl-1_1 (openSUSE-2018-1109)	Nessus	SuSE Local Security Checks	medium
117891	Fedora 27 : 1:openssl (2018-02a38af202)	Nessus	Fedora Local Security Checks	medium
117790	openSUSE Security Update : nodejs8 (openSUSE-2018-1047)	Nessus	SuSE Local Security Checks	medium
117749	EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2018-1306)	Nessus	Huawei Local Security Checks	medium
117689	openSUSE Security Update : nodejs6 (openSUSE-2018-1041)	Nessus	SuSE Local Security Checks	medium
117672	Tenable SecurityCenter < 5.7.1 Multiple Vulnerabilities (TNS-2018-12)	Nessus	Misc.	high
117476	openSUSE Security Update : compat-openssl098 (openSUSE-2018-997)	Nessus	SuSE Local Security Checks	medium
117450	SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2018:2683-1)	Nessus	SuSE Local Security Checks	medium
117381	openSUSE Security Update : nodejs4 (openSUSE-2018-991)	Nessus	SuSE Local Security Checks	medium
112128	FreeBSD : node.js -- multiple vulnerabilities (0904e81f-a89d-11e8-afbb-bc5ff4f77b71)	Nessus	FreeBSD Local Security Checks	medium
112120	OpenSSL 1.1.0 < 1.1.0i Multiple Vulnerabilities	Nessus	Web Servers	medium
112119	OpenSSL 1.0.x < 1.0.2p Multiple Vulnerabilities	Nessus	Web Servers	medium
112035	Photon OS 2.0: Openssl / Procps-ng / Perl PHSA-2018-2.0-0084 (deprecated)	Nessus	PhotonOS Local Security Checks	high
111737	Slackware 14.2 / current : openssl (SSA:2018-226-01)	Nessus	Slackware Local Security Checks	medium
111575	SUSE SLES11 Security Update : openssl (SUSE-SU-2018:2207-1)	Nessus	SuSE Local Security Checks	medium
111429	openSUSE Security Update : openssl-1_1 (openSUSE-2018-777)	Nessus	SuSE Local Security Checks	medium
111415	openSUSE Security Update : openssl-1_0_0 (openSUSE-2018-763)	Nessus	SuSE Local Security Checks	medium
111390	Debian DLA-1449-1 : openssl security update	Nessus	Debian Local Security Checks	medium
111134	SUSE SLES12 Security Update : openssl (SUSE-SU-2018:1968-1)	Nessus	SuSE Local Security Checks	medium
110960	openSUSE Security Update : openssl (openSUSE-2018-704)	Nessus	SuSE Local Security Checks	medium
110938	SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2018:1887-1)	Nessus	SuSE Local Security Checks	medium
110878	EulerOS 2.0 SP3 : openssl110f (EulerOS-SA-2018-1214)	Nessus	Huawei Local Security Checks	medium
110721	Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : openssl, openssl1.0 vulnerabilities (USN-3692-1)	Nessus	Ubuntu Local Security Checks	medium
110504	FreeBSD : OpenSSL -- Client DoS due to large DH parameter (c82ecac5-6e3f-11e8-8777-b499baebfeaf)	Nessus	FreeBSD Local Security Checks	medium