OracleVM 3.2 : onpenssl (OVMSA-2014-0008)

critical Nessus Plugin ID 79532

Language:

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 8.5

Synopsis

The remote OracleVM host is missing a security update.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability

 - replace expired GlobalSign Root CA certificate in ca-bundle.crt

 - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)

 - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)

 - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051)

 - use __secure_getenv everywhere instead of getenv (#839735)

 - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)

 - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio (#814185)

 - fix problem with the SGC restart patch that might terminate handshake incorrectly

 - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)

 - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)

 - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770)

 - fix for CVE-2011-4109 - double free in policy checks (#771771)

 - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)

 - fix for CVE-2011-4619 - SGC restart DoS attack (#771780)

 - add known answer test for SHA2 algorithms (#740866)

 - make default private key length in certificate Makefile 2048 bits (can be changed with PRIVATE_KEY_BITS setting) (#745410)

 - fix incorrect return value in parse_yesno (#726593)

 - added DigiCert CA certificates to ca-bundle (#735819)

 - added a new section about error states to README.FIPS (#628976)

 - add missing DH_check_pub_key call when DH key is computed (#698175)

 - presort list of ciphers available in SSL (#688901)

 - accept connection in s_server even if getaddrinfo fails (#561260)

 - point to openssl dgst for list of supported digests (#608639)

 - fix handling of future TLS versions (#599112)

 - added VeriSign Class 3 Public Primary Certification Authority - G5 and StartCom Certification Authority certs to ca-bundle (#675671, #617856)

 - upstream fixes for the CHIL engine (#622003, #671484)

 - add SHA-2 hashes in SSL_library_init (#676384)

 - fix CVE-2010-4180 - completely disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462)

 - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924)

 - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which in the RHEL-5 and newer versions will crash in such case (#569774)

 - fix CVE-2009-3555 - support the safe renegotiation extension and do not allow legacy renegotiation on the server by default (#533125)

 - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197)

 - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data is called prematurely by application (#546707)

Solution

Update the affected openssl package.

See Also

https://oss.oracle.com/pipermail/oraclevm-errata/2014-June/000208.html

Plugin Details

Severity: Critical

ID: 79532

File Name: oraclevm_OVMSA-2014-0008.nasl

Version: 1.21

Type: local

Published: 11/26/2014

Updated: 1/4/2021

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: Critical

VPR Score: 8.5

CVSS v2.0

Base Score: 10

Temporal Score: 8.3

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 7.4

Temporal Score: 6.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:openssl, cpe:/o:oracle:vm_server:3.2

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/18/2014

Vulnerability Publication Date: 7/30/2009

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-2409, CVE-2009-3245, CVE-2009-3555, CVE-2009-4355, CVE-2010-0433, CVE-2010-4180, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4619, CVE-2012-0050, CVE-2012-0884, CVE-2012-1165, CVE-2012-2110, CVE-2012-2333, CVE-2012-4929, CVE-2013-0166, CVE-2013-0169, CVE-2014-0224

BID: 29330, 31692, 36935, 38562, 45164, 51281, 51563, 52428, 52764, 53158, 53476, 55704, 57755, 57778, 60268, 67899

CWE: 20, 310, 399