Detections
Analytics

Debian dsa-5600 : php-phpseclib - security update

critical Nessus Plugin ID 189091

Language:

Synopsis

The remote Debian host is missing a security-related update.

Description

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5600 advisory.

 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5600-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 12, 2024 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : php-phpseclib CVE ID : CVE-2023-48795

 Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the Terrapin attack. This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.

 Details can be found at https://terrapin-attack.com/

 For the oldstable distribution (bullseye), this problem has been fixed in version 2.0.30-2+deb11u1.

 For the stable distribution (bookworm), this problem has been fixed in version 2.0.42-1+deb12u1.

 We recommend that you upgrade your php-phpseclib packages.

 For the detailed security status of php-phpseclib please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/php-phpseclib

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: [email protected]
 -----BEGIN PGP SIGNATURE-----

 iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAmWg5P4ACgkQEL6Jg/PV nWTO8Qf+MjlqXFJ0p865PgV30sQmWeJmc8UiX/lOO9ayLUZ13Dj4z74H40XxAz0M rHDnpfs3hvtgTkdRkE+k2FvrMgau+EpN1eGwgrHURHN/Kdz9Z6YLQX/T8LZq97SZ VVu/X/+xkiZng0J+UXZx5BWQFf/vGz5vLiPA3JUSgS3KjwOYiZKIaSf+/7SF48he QTucpa7nC/7ew4dgLLNTa9PQWK8C616cJ6iZZaowi8k3QmUQGkyhuXS0EUHHRkxq EEf7HccwpwYbPAAkh5cIckEoXEC2gUkl2UmpzCFNdJl/xqz02xOfcgoDxM/1bYy2 Bn3cNLe681fmEd7ShPdNTYtqz6YvwQ== =ZVcV
 -----END PGP SIGNATURE-----



Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the php-phpseclib packages.

See Also

http://www.nessus.org/u?bb7f1a05

https://security-tracker.debian.org/tracker/CVE-2023-48795

https://packages.debian.org/source/bookworm/php-phpseclib

https://packages.debian.org/source/bullseye/php-phpseclib

Plugin Details

Severity: Critical

ID: 189091

File Name: debian_DSA-5600.nasl

Version: 1.1

Type: local

Agent: unix

Published: 1/16/2024

Updated: 1/24/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4.2

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:C/A:N

CVSS Score Source: CVE-2023-48795

CVSS v3

Risk Factor: Medium

Base Score: 5.9

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: Critical

Base Score: 9.3

Threat Score: 8.9

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:11.0, cpe:/o:debian:debian_linux:12.0, p-cpe:/a:debian:debian_linux:php-phpseclib

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/12/2024

Vulnerability Publication Date: 12/18/2023

Reference Information

CVE: CVE-2023-48795