Juniper Networks Junos OS Insufficient Entropy Vulnerability

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/o:juniper:junos";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.105997");
  script_cve_id("CVE-2015-3006");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:N/A:N");
  script_version("2023-07-25T05:05:58+0000");

  script_tag(name:"qod_type", value:"package");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Juniper Networks Junos OS Insufficient Entropy Vulnerability");

  script_xref(name:"URL", value:"http://kb.juniper.net/JSA10678");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/74020");

  script_tag(name:"summary", value:"Junos OS on QFX3500 and QFX3600 platforms is prone to a
  insufficient entropy vulnerability.");

  script_tag(name:"impact", value:"The vulnerability possibly leads to weak or duplicate SSH
  keys or self-signed SSL/TLS certificates.");

  script_tag(name:"insight", value:"On the QFX3500 and QFX3600 platforms, the number of bytes
  collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient. Entropy
  increases after the system has been up and running for some time, but immediately after boot, the
  entropy is very low.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable OS build is present on the target host.");
  script_tag(name:"solution", value:"New builds of Junos OS software are available from Juniper.");
  script_tag(name:"affected", value:"Junos OS 12.2X50, 13.1X50, 13.2X51 and 13.2X52");

  script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-03-10 13:39:00 +0000 (Tue, 10 Mar 2020)");
  script_tag(name:"creation_date", value:"2015-05-28 10:52:59 +0700 (Thu, 28 May 2015)");
  script_category(ACT_GATHER_INFO);
  script_family("JunOS Local Security Checks");
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_dependencies("gb_juniper_junos_consolidation.nasl");
  script_mandatory_keys("juniper/junos/detected", "juniper/junos/model");

  exit(0);
}

include("host_details.inc");
include("revisions-lib.inc");

model = get_kb_item("juniper/junos/model");
if (!model || (model !~ '^QFX3(5|6)00'))
  exit(99);

if (!version = get_app_version(cpe: CPE, nofork: TRUE))
  exit(0);

if (version =~ "^12") {
  if ((revcomp(a:version, b:"12.2X50-D70") < 0) &&
      (revcomp(a:version, b:"12.2X50") >= 0)) {
    security_message(port:0, data:version);
    exit(0);
  }
}

if (version =~ "^13") {
  if ((revcomp(a:version, b:"13.1X50-D30") < 0) &&
      (revcomp(a:version, b:"13.1X50") >= 0)) {
    security_message(port:0, data:version);
    exit(0);
  }
  else if ((revcomp(a:version, b:"13.2X51-D25") < 0) &&
           (revcomp(a:version, b:"13.2X51") >= 0)) {
    security_message(port:0, data:version);
    exit(0);
  }
  else if ((revcomp(a:version, b:"13.2X52-D15") < 0) &&
           (revcomp(a:version, b:"13.2X52") >= 0)) {
    security_message(port:0, data:version);
    exit(0);
  }
}

exit(99);