Lucene search
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2014-181.NASLHistoryJun 13, 2014 - 12:00 a.m.
openSUSE Security Update : gnutls (openSUSE-SU-2014:0325-1)
2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.075
Percentile
94.2%
The gnutls library was updated to fixed x509 certificate validation problems, where man-in-the-middle attackers could hijack SSL connections.
This update also reenables Elliptic Curve support to meet current day cryptographic requirements.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2014-181.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(75274);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2014-0092");
script_bugtraq_id(65919);
script_name(english:"openSUSE Security Update : gnutls (openSUSE-SU-2014:0325-1)");
script_summary(english:"Check for the openSUSE-2014-181 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The gnutls library was updated to fixed x509 certificate validation
problems, where man-in-the-middle attackers could hijack SSL
connections.
This update also reenables Elliptic Curve support to meet current day
cryptographic requirements."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=865804"
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.opensuse.org/opensuse-updates/2014-03/msg00004.html"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected gnutls packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gnutls-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-devel-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl27");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls-openssl27-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutls28-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx28");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgnutlsxx28-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
script_set_attribute(attribute:"patch_publication_date", value:"2014/03/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE13.1", reference:"gnutls-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"gnutls-debuginfo-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"gnutls-debugsource-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutls-devel-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutls-openssl-devel-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutls-openssl27-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutls-openssl27-debuginfo-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutls28-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutls28-debuginfo-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutlsxx-devel-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutlsxx28-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libgnutlsxx28-debuginfo-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libgnutls-devel-32bit-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libgnutls28-32bit-3.2.4-2.14.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libgnutls28-debuginfo-32bit-3.2.4-2.14.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gnutls");
}
Related
nessus
nessus
suse
suse
Security update for gnutls (critical)
2014-03-04 18:04:13
gnutls: fixed SSL certificate validation problems (critical)
2014-03-05 08:04:11
gnutls: fixed SSL certificate validation (critical)
2014-03-05 19:04:13
centos
centos
gnutls security update
2014-03-04 21:00:04
gnutls security update
2014-03-04 20:51:10
openvas
openvas
CentOS Update for gnutls CESA-2014:0246 centos6
2014-03-12 00:00:00
RedHat Update for gnutls RHSA-2014:0246-01
2014-03-04 00:00:00
Debian: Security Advisory (DSA-2869-1)
2014-03-02 00:00:00
prion
prion
Code injection
2014-03-07 00:10:00
nvd
nvd
CVE-2014-0092
2014-03-07 00:10:53
ics
ics
ubuntu
ubuntu
GnuTLS vulnerability
2014-03-04 00:00:00
cve
cve
CVE-2014-0092
2014-03-07 00:10:53
redhat
redhat
(RHSA-2014:0288) Important: gnutls security update
2014-03-12 00:00:00
(RHSA-2014:0246) Important: gnutls security update
2014-03-03 00:00:00
(RHSA-2014:0247) Important: gnutls security update
2014-03-03 00:00:00
debian
debian
[SECURITY] [DSA 2869-1] gnutls26 security update
2014-03-03 20:14:51
debiancve
debiancve
CVE-2014-0092
2014-03-07 00:10:53
mageia
mageia
Updated gnutls packages fix security vulnerability
2014-03-04 00:07:34
securityvulns
securityvulns
GnuTLS certificate validation bypass
2014-03-13 00:00:00
[ MDVSA-2014:048 ] gnutls
2014-03-13 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
ibm
ibm
cvelist
cvelist
CVE-2014-0092
2014-03-06 18:00:00
slackware
slackware
[slackware-security] gnutls
2014-03-04 00:43:33
ubuntucve
ubuntucve
CVE-2014-0092
2014-03-03 00:00:00
f5
f5
K15160 : GnuTLS vulnerability CVE-2014-0092
2014-12-12 00:00:00
SOL15160 - GnuTLS vulnerability CVE-2014-0092
2014-04-10 00:00:00
seebug
seebug
GnuTLS证书验证安全限制绕过漏洞
2014-03-05 00:00:00
amazon
amazon
Important: gnutls
2014-03-06 14:58:00
checkpoint_security
checkpoint_security
checkpoint_advisories
checkpoint_advisories
GnuTLS Certificate Verification Policy Bypass (CVE-2014-0092)
2014-05-08 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2019-01-15 08:58:04
freebsd
freebsd
gnutls -- multiple certificate verification issues
2014-03-03 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: gnutls-3.1.20-4.fc20
2014-03-06 08:17:02
[SECURITY] Fedora 19 Update: mingw-gnutls-3.1.22-1.fc19
2014-03-15 15:22:59
[SECURITY] Fedora 20 Update: mingw-gnutls-3.1.22-1.fc20
2014-03-15 15:25:21
altlinux
altlinux
Security fix for the ALT Linux 9 package gnutls30 version 2.12.23-alt2
2014-03-05 00:00:00
Security fix for the ALT Linux 10 package gnutls30 version 2.12.23-alt2
2014-03-05 00:00:00
oraclelinux
oraclelinux
gnutls security update
2014-03-03 00:00:00
gnutls security update
2014-03-03 00:00:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2014-06-13 00:00:00
osv
osv
gnutls-3.4.15-1.1 on GA media
2024-06-15 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.075
Percentile
94.2%
Related for OPENSUSE-2014-181.NASL