Detections
Analytics

FreeBSD : OpenSSL -- multiple vulnerabilities (b7cff5a9-31cc-11e8-8f07-b499baebfeaf)

medium Nessus Plugin ID 108681

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The OpenSSL project reports :

- Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739) Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe.

- rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation).

Solution

Update the affected packages.

See Also

https://www.openssl.org/news/secadv/20180327.txt

http://www.nessus.org/u?07ae36e8

Plugin Details

Severity: Medium

ID: 108681

File Name: freebsd_pkg_b7cff5a931cc11e88f07b499baebfeaf.nasl

Version: 1.5

Type: local

Published: 3/28/2018

Updated: 11/10/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:openssl, p-cpe:/a:freebsd:freebsd:openssl-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 3/27/2018

Vulnerability Publication Date: 3/27/2018

Reference Information

CVE: CVE-2017-3738, CVE-2018-0739