Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : openvpn vulnerabilities (USN-3339-1) (SWEET32)

Ubuntu Security Notice (C) 2017 Canonical, Inc. / NASL script (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit block
ciphers are vulnerable to a birthday attack. A remote attacker could
possibly use this issue to recover cleartext data. Fixing this issue
requires a configuration change to switch to a different cipher. This
update adds a warning to the log file when a 64-bit block cipher is in
use. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and
Ubuntu 16.10. (CVE-2016-6329)

It was discovered that OpenVPN incorrectly handled rollover of packet
ids. An authenticated remote attacker could use this issue to cause
OpenVPN to crash, resulting in a denial of service. This issue only
affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2017-7479)

Guido Vranken discovered that OpenVPN incorrectly handled certain
malformed IPv6 packets. A remote attacker could use this issue to
cause OpenVPN to crash, resulting in a denial of service.
(CVE-2017-7508)

Guido Vranken discovered that OpenVPN incorrectly handled memory. A
remote attacker could use this issue to cause OpenVPN to crash,
resulting in a denial of service. (CVE-2017-7512)

Guido Vranken discovered that OpenVPN incorrectly handled an HTTP
proxy with NTLM authentication. A remote attacker could use this issue
to cause OpenVPN clients to crash, resulting in a denial of service,
or possibly expose sensitive memory contents. (CVE-2017-7520)

Guido Vranken discovered that OpenVPN incorrectly handled certain x509
extensions. A remote attacker could use this issue to cause OpenVPN to
crash, resulting in a denial of service. (CVE-2017-7521).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected openvpn package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 101024 ()

Bugtraq ID:

CVE ID: CVE-2016-6329
CVE-2017-7479
CVE-2017-7508
CVE-2017-7512
CVE-2017-7520
CVE-2017-7521

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now