OracleVM 3.3 : openssl (OVMSA-2014-0032) (Heartbleed) (POODLE)

high Nessus Plugin ID 79547
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 8.5

Synopsis

The remote OracleVM host is missing a security update.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- fix CVE-2014-3567 - memory leak when handling session tickets

- fix CVE-2014-3513 - memory leak in srtp support

- add support for fallback SCSV to partially mitigate (CVE-2014-3566) (padding attack on SSL3)

- add ECC TLS extensions to DTLS (#1119800)

- fix CVE-2014-3505 - doublefree in DTLS packet processing

- fix CVE-2014-3506 - avoid memory exhaustion in DTLS

- fix CVE-2014-3507 - avoid memory leak in DTLS

- fix CVE-2014-3508 - fix OID handling to avoid information leak

- fix CVE-2014-3509 - fix race condition when parsing server hello

- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS

- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation

- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support

- drop EXPORT, RC2, and DES from the default cipher list (#1057520)

- print ephemeral key size negotiated in TLS handshake (#1057715)

- do not include ECC ciphersuites in SSLv2 client hello (#1090952)

- properly detect encryption failure in BIO (#1100819)

- fail on hmac integrity check if the .hmac file is empty (#1105567)

- FIPS mode: make the limitations on DSA, DH, and RSA keygen length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment variable is set

- fix CVE-2010-5298 - possible use of memory after free

- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment

- fix CVE-2014-0198 - possible NULL pointer dereference

- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet

- fix CVE-2014-0224 - SSL/TLS MITM vulnerability

- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH

- add back support for secp521r1 EC curve

- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

- use 2048 bit RSA key in FIPS selftests

- add DH_compute_key_padded needed for FIPS CAVS testing

- make 3des strength to be 128 bits instead of 168 (#1056616)

- FIPS mode: do not generate DSA keys and DH parameters < 2048 bits

- FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys)

- FIPS mode: add DH selftest

- FIPS mode: reseed DRBG properly on RAND_add

- FIPS mode: add RSA encrypt/decrypt selftest

- FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key

- use the key length from configuration file if req
-newkey rsa is invoked

- fix CVE-2013-4353 - Invalid TLS handshake crash

- fix CVE-2013-6450 - possible MiTM attack on DTLS1

- fix CVE-2013-6449 - crash when version in SSL structure is incorrect

- add back some no-op symbols that were inadvertently dropped

Solution

Update the affected openssl package.

See Also

http://www.nessus.org/u?e1e2973b

Plugin Details

Severity: High

ID: 79547

File Name: oraclevm_OVMSA-2014-0032.nasl

Version: 1.22

Type: local

Published: 11/26/2014

Updated: 1/4/2021

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 8.5

CVSS v2.0

Base Score: 9.4

Temporal Score: 7.8

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:N

Temporal Vector: E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 7.5

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:openssl, cpe:/o:oracle:vm_server:3.3

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/6/2014

Vulnerability Publication Date: 12/23/2013

Exploitable With

Core Impact

Reference Information

CVE: CVE-2010-5298, CVE-2013-4353, CVE-2013-6449, CVE-2013-6450, CVE-2014-0160, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567

BID: 64530, 64618, 64691, 66690, 66801, 67193, 67898, 67899, 67900, 67901, 69075, 69076, 69078, 69079, 69081, 69082, 69084, 70574, 70584, 70586