Detections
Analytics
openSUSE Security Update : libgcrypt (openSUSE-2015-597)
low Nessus Plugin ID 86090
Language:
Synopsis
The remote openSUSE host is missing a security update.Description
libgcrypt was updated to include countermeasures against Lenstra's fault attack on RSA Chinese Remainder Theorem optimization in RSA.A signature verification step was updated to protect against leaks of private keys in case of hardware faults or implementation errors in numeric libraries.
GnuPG already performed this check by itself and was not affected.
This fix is equivalent, but not equal to CVE-2015-5738
Solution
Update the affected libgcrypt packages.See Also
Plugin Details
Severity: Low
ID: 86090
File Name: openSUSE-2015-597.nasl
Version: 2.3
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 9/23/2015
Updated: 1/19/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:libgcrypt20-hmac, p-cpe:/a:novell:opensuse:libgcrypt-debugsource, p-cpe:/a:novell:opensuse:libgcrypt-cavs-debuginfo, p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo, p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo-32bit, p-cpe:/a:novell:opensuse:libgcrypt11-debuginfo-32bit, p-cpe:/a:novell:opensuse:libgcrypt-cavs, p-cpe:/a:novell:opensuse:libgcrypt-devel-32bit, p-cpe:/a:novell:opensuse:libgcrypt-devel-debuginfo-32bit, p-cpe:/a:novell:opensuse:libgcrypt20-32bit, cpe:/o:novell:opensuse:13.2, p-cpe:/a:novell:opensuse:libgcrypt11, p-cpe:/a:novell:opensuse:libgcrypt20-hmac-32bit, cpe:/o:novell:opensuse:13.1, p-cpe:/a:novell:opensuse:libgcrypt-devel, p-cpe:/a:novell:opensuse:libgcrypt11-32bit, p-cpe:/a:novell:opensuse:libgcrypt20-debuginfo, p-cpe:/a:novell:opensuse:libgcrypt20, p-cpe:/a:novell:opensuse:libgcrypt11-debuginfo
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 9/14/2015