Detections
Analytics

FreeBSD : mbed TLS (PolarSSL) -- multiple vulnerabilities (d8382a69-4728-11e8-ba83-0011d823eebd)

high Nessus Plugin ID 109289

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Simon Butcher reports :

- Defend against Bellcore glitch attacks by verifying the results of RSA private key operations.

- Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute-force attack on the HMAC key of a single, uninterrupted connection (with no resumption of the session).

- Reject CRLs containing unsupported critical extensions. Found by Falko Strenzke and Evangelos Karatsiolis.

- Fix a buffer overread in ssl_parse_server_key_exchange() that could cause a crash on invalid input.

- Fix a buffer overread in ssl_parse_server_psk_hint() that could cause a crash on invalid input.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?ecf19cb0

http://www.nessus.org/u?50a8c869

Plugin Details

Severity: High

ID: 109289

File Name: freebsd_pkg_d8382a69472811e8ba830011d823eebd.nasl

Version: 1.2

Type: local

Published: 4/24/2018

Updated: 11/10/2018

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mbedtls, p-cpe:/a:freebsd:freebsd:polarssl13, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 4/23/2018

Vulnerability Publication Date: 3/21/2018