FreeBSD : FreeBSD -- OpenSSL multiple vulnerabilities (2ae114de-c064-11e1-b5e0-000c299b62e1)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

Problem description :

OpenSSL fails to clear the bytes used as block cipher padding in SSL
3.0 records when operating as a client or a server that accept SSL 3.0
handshakes. As a result, in each record, up to 15 bytes of
uninitialized memory may be sent, encrypted, to the SSL peer. This
could include sensitive contents of previously freed memory.

OpenSSL support for handshake restarts for server gated cryptography
(SGC) can be used in a denial-of-service attack. [CVE-2011-4619]

If an application uses OpenSSL's certificate policy checking when
verifying X509 certificates, by enabling the X509_V_FLAG_POLICY_CHECK
flag, a policy check failure can lead to a double-free.

A weakness in the OpenSSL PKCS #7 code can be exploited using
Bleichenbacher's attack on PKCS #1 v1.5 RSA padding also known as the
million message attack (MMA). [CVE-2012-0884]

The asn1_d2i_read_bio() function, used by the d2i_*_bio and d2i_*_fp
functions, in OpenSSL contains multiple integer errors that can cause
memory corruption when parsing encoded ASN.1 data. This error can
occur on systems that parse untrusted ASN.1 data, such as X.509
certificates or RSA public keys. [CVE-2012-2110]

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 59747 ()

Bugtraq ID: 51281

CVE ID: CVE-2011-4109

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now