Detections
Analytics

Alpine: libcrypto3, multiple openssl packages: security update to 0.9.8-r0 (deprecated)

critical Tenable Self-Hosted Container Security Plugin ID 401353

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

 - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information
 Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS
 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products,
 and other products, does not properly associate renegotiation handshakes with an existing connection,
 which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of
 sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by
 a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project
 Mogul" issue. (CVE-2009-3555)

 - The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows
 remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch"
 DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug." (CVE-2009-1377)

 - Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k
 and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via
 DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence
 numbers, aka "DTLS fragment handling memory leak." (CVE-2009-1378)

 - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL
 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly
 have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a
 crafted server certificate. (CVE-2009-1379)

 - The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows
 remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-
 sequence DTLS handshake message, related to a "fragment bug." (CVE-2009-1387)

See Also

https://git.alpinelinux.org/aports/commit/?id=58c4a2ed5b63919fd9a7d78a14bd2b93eca96b05

https://git.alpinelinux.org/aports/commit/?id=e1e572d6ee185ff0fc7308d1d3fb127638c7ed76

Plugin Details

Severity: Critical

ID: 401353

Version: Revision 1.27

Type: Local

Published: 8/16/2023

Updated: 5/29/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS Score Source: CVE-2009-3555

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/9/2009

Vulnerability Publication Date: 5/21/2008

Reference Information

CVE: CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1387, CVE-2009-2409, CVE-2009-3555

BID: 29330, 35001, 35138, 35417, 36935