FreeBSD : cURL -- TLS session resumption client cert bypass (again) (3e2e9b44-25ce-11e7-a175-939b30e0836d)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

cURL security advisory :

libcurl would attempt to resume a TLS session even if the client
certificate had changed. That is unacceptable since a server by
specification is allowed to skip the client certificate check on
resume, and may instead use the old identity which was established by
the previous certificate (or no certificate).

libcurl supports by default the use of TLS session id/ticket to resume
previous TLS sessions to speed up subsequent TLS handshakes. They are
used when for any reason an existing TLS connection couldn't be kept
alive to make the next handshake faster.

This flaw is a regression and identical to CVE-2016-5419 reported on
August 3rd 2016, but affecting a different version range.

See also :

https://curl.haxx.se/docs/adv_20170419.html
http://www.nessus.org/u?c1a6c8d5

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 99552 ()

Bugtraq ID:

CVE ID: CVE-2017-7468

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now