FreeBSD : node.js -- Data Confidentiality/Integrity Vulnerability, December 2017 (bea84a7a-e0c9-11e7-b4f3-11baa0c2df21)

Medium Nessus Plugin ID 105259

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Node.js reports : Data Confidentiality/Integrity Vulnerability - CVE-2017-15896 Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption. Uninitialized buffer vulnerability - CVE-2017-15897 Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, 'This is not correctly encoded', 'hex');' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases. Also included in OpenSSL update - CVE 2017-3738 Note that CVE 2017-3738 of OpenSSL-1.0.2 affected Node but it was low severity.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?23d8f9db

http://www.nessus.org/u?ec3314c9

Plugin Details

Severity: Medium

ID: 105259

File Name: freebsd_pkg_bea84a7ae0c911e7b4f311baa0c2df21.nasl

Version: 3.10

Type: local

Published: 2017/12/15

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS v3.0

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:node, p-cpe:/a:freebsd:freebsd:node4, p-cpe:/a:freebsd:freebsd:node6, p-cpe:/a:freebsd:freebsd:node8, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2017/12/14

Vulnerability Publication Date: 2017/12/08

Reference Information

CVE: CVE-2017-15896, CVE-2017-15897, CVE-2017-3738