Detections
Analytics

FreeBSD : socat -- diffie hellman parameter was not prime (a52a7172-c92e-11e5-96d6-14dae9d210b8)

high Nessus Plugin ID 88513

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

socat reports :

In the OpenSSL address implementation the hard-coded 1024 bit DH p parameter was not prime. The effective cryptographic strength of a key exchange using these parameters was weaker than the one one could get by using a prime p. Moreover, since there is no indication of how these parameters were chosen, the existence of a trapdoor that makes possible for an eavesdropper to recover the shared secret from a key exchange that uses them cannot be ruled out.

Solution

Update the affected package.

See Also

http://www.dest-unreach.org/socat/contrib/socat-secadv7.html

http://www.nessus.org/u?0483dc02

Plugin Details

Severity: High

ID: 88513

File Name: freebsd_pkg_a52a7172c92e11e596d614dae9d210b8.nasl

Version: 2.3

Type: local

Published: 2/2/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:socat, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2/1/2016

Vulnerability Publication Date: 2/1/2016