Tenable Nessus < 8.1.1 Multiple Vulnerabilities (TNS-2018-16)
Medium Nessus Plugin ID 120197
SynopsisTenable Nessus running on the remote host is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version, the Tenable Nessus application running on the remote host is 8.x prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities:
- Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's DSA signature algorithm that renders it vulnerable to a timing side channel attack.
An attacker could leverage this vulnerability to recover the private key. (CVE-2018-0734)
- Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's Simultaneous Multithreading (SMT) architectures which render it vulnerable to side-channel leakage. This issue is known as 'PortSmash'. An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)
SolutionUpgrade to Tenable Nessus version 8.1.1 or later.