Detections
Analytics
OpenSSL 1.0.1 < 1.0.1s Multiple Vulnerabilities
critical Nessus Plugin ID 89081
Language:
Synopsis
The remote service is affected by multiple vulnerabilities.Description
The version of OpenSSL installed on the remote host is prior to 1.0.1s. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.1s advisory.- The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a DROWN attack. (CVE-2016-0800)
- The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-2842. (CVE-2016-0799)
- Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c and crypto/srp/srp_vfy.c. (CVE-2016-0798)
- Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandled by the (1) BN_dec2bn or (2) BN_hex2bn function, related to crypto/bn/bn.h and crypto/bn/bn_print.c. (CVE-2016-0797)
- Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key. (CVE-2016-0705)
- The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a CacheBleed attack.
(CVE-2016-0702)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to OpenSSL version 1.0.1s or later.See Also
https://www.openssl.org/news/secadv/20160301.txt
https://www.cve.org/CVERecord?id=CVE-2016-0702
https://www.cve.org/CVERecord?id=CVE-2016-0705
https://www.cve.org/CVERecord?id=CVE-2016-0797
https://www.cve.org/CVERecord?id=CVE-2016-0798
Plugin Details
Severity: Critical
ID: 89081
File Name: openssl_1_0_1s.nasl
Version: 1.14
Type: combined
Agent: windows, macosx, unix
Family: Web Servers
Published: 3/2/2016
Updated: 6/7/2024
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2016-0799
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:openssl:openssl
Required KB Items: installed_sw/OpenSSL
Exploit Ease: No known exploits are available
Patch Publication Date: 3/1/2016
Vulnerability Publication Date: 2/24/2016
Reference Information
CVE: CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-0800
BID: 83705, 83733, 83754, 83755, 83763
CERT: 583776