OracleVM 3.3 : openssl (OVMSA-2014-0032) (Heartbleed) (POODLE)

high Nessus Plugin ID 79547

Synopsis

The remote OracleVM host is missing a security update.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- fix CVE-2014-3567 - memory leak when handling session tickets

- fix CVE-2014-3513 - memory leak in srtp support

- add support for fallback SCSV to partially mitigate (CVE-2014-3566) (padding attack on SSL3)

- add ECC TLS extensions to DTLS (#1119800)

- fix CVE-2014-3505 - doublefree in DTLS packet processing

- fix CVE-2014-3506 - avoid memory exhaustion in DTLS

- fix CVE-2014-3507 - avoid memory leak in DTLS

- fix CVE-2014-3508 - fix OID handling to avoid information leak

- fix CVE-2014-3509 - fix race condition when parsing server hello

- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS

- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation

- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support

- drop EXPORT, RC2, and DES from the default cipher list (#1057520)

- print ephemeral key size negotiated in TLS handshake (#1057715)

- do not include ECC ciphersuites in SSLv2 client hello (#1090952)

- properly detect encryption failure in BIO (#1100819)

- fail on hmac integrity check if the .hmac file is empty (#1105567)

- FIPS mode: make the limitations on DSA, DH, and RSA keygen length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment variable is set

- fix CVE-2010-5298 - possible use of memory after free

- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment

- fix CVE-2014-0198 - possible NULL pointer dereference

- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet

- fix CVE-2014-0224 - SSL/TLS MITM vulnerability

- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH

- add back support for secp521r1 EC curve

- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

- use 2048 bit RSA key in FIPS selftests

- add DH_compute_key_padded needed for FIPS CAVS testing

- make 3des strength to be 128 bits instead of 168 (#1056616)

- FIPS mode: do not generate DSA keys and DH parameters < 2048 bits

- FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys)

- FIPS mode: add DH selftest

- FIPS mode: reseed DRBG properly on RAND_add

- FIPS mode: add RSA encrypt/decrypt selftest

- FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key

- use the key length from configuration file if req
-newkey rsa is invoked

- fix CVE-2013-4353 - Invalid TLS handshake crash

- fix CVE-2013-6450 - possible MiTM attack on DTLS1

- fix CVE-2013-6449 - crash when version in SSL structure is incorrect

- add back some no-op symbols that were inadvertently dropped

Solution

Update the affected openssl package.

See Also

http://www.nessus.org/u?e1e2973b

Plugin Details

Severity: High

ID: 79547

File Name: oraclevm_OVMSA-2014-0032.nasl

Version: 1.23

Type: local

Published: 11/26/2014

Updated: 5/5/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.7

CVSS v2

Risk Factor: High

Base Score: 9.4

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:openssl, cpe:/o:oracle:vm_server:3.3

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/6/2014

Vulnerability Publication Date: 12/23/2013

CISA Known Exploited Vulnerability Due Dates: 5/25/2022

Exploitable With

Core Impact

Reference Information

CVE: CVE-2010-5298, CVE-2013-4353, CVE-2013-6449, CVE-2013-6450, CVE-2014-0160, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567

BID: 64530, 64618, 64691, 66690, 66801, 67193, 67898, 67899, 67900, 67901, 69075, 69076, 69078, 69079, 69081, 69082, 69084, 70574, 70584, 70586