home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2003-035.nasl < prev    next >
Text File  |  2005-01-14  |  5KB  |  156 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2003:035
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14019);
  12.  script_bugtraq_id(7101, 7148);
  13.  script_version ("$Revision: 1.3 $");
  14.  script_cve_id("CAN-2003-0131", "CAN-2003-0147");
  15.  
  16.  name["english"] = "MDKSA-2003:035: openssl";
  17.  
  18.  script_name(english:name["english"]);
  19.  
  20.  desc["english"] = "
  21. The remote host is missing the patch for the advisory MDKSA-2003:035 (openssl).
  22.  
  23.  
  24. Researchers discovered a timing-based attack on RSA keys that OpenSSL is
  25. generally vulnerable to, unless RSA blinding is enabled. Patches from the
  26. OpenSSL team have been applied to turn RSA blinding on by default.
  27. An extension of the 'Bleichenbacher attack' on RSA with PKS #1 v1.5 padding as
  28. used in SSL 3.0 and TSL 1.0 was also created by Czech cryptologists Vlastimil
  29. Klima, Ondrej Pokorny, and Tomas Rosa. This attack requires the attacker to open
  30. millions of SSL/TLS connections to the server they are attacking. This is done
  31. because the server's behaviour when faced with specially crafted RSA ciphertexts
  32. can reveal information that would in effect allow the attacker to perform a
  33. single RSA private key operation on a ciphertext of their choice, using the
  34. server's RSA key. Despite this, the server's RSA key is not compromised at any
  35. time. Patches from the OpenSSL team modify SSL/TLS server behaviour to avoid
  36. this vulnerability.
  37.  
  38.  
  39. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:035
  40. Risk factor : High";
  41.  
  42.  
  43.  
  44.  script_description(english:desc["english"]);
  45.  
  46.  summary["english"] = "Check for the version of the openssl package";
  47.  script_summary(english:summary["english"]);
  48.  
  49.  script_category(ACT_GATHER_INFO);
  50.  
  51.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  52.  family["english"] = "Mandrake Local Security Checks";
  53.  script_family(english:family["english"]);
  54.  
  55.  script_dependencies("ssh_get_info.nasl");
  56.  script_require_keys("Host/Mandrake/rpm-list");
  57.  exit(0);
  58. }
  59.  
  60. include("rpm.inc");
  61. if ( rpm_check( reference:"openssl-0.9.5a-9.5mdk", release:"MDK7.2", yank:"mdk") )
  62. {
  63.  security_hole(0);
  64.  exit(0);
  65. }
  66. if ( rpm_check( reference:"openssl-devel-0.9.5a-9.5mdk", release:"MDK7.2", yank:"mdk") )
  67. {
  68.  security_hole(0);
  69.  exit(0);
  70. }
  71. if ( rpm_check( reference:"openssl-0.9.6i-1.3mdk", release:"MDK8.0", yank:"mdk") )
  72. {
  73.  security_hole(0);
  74.  exit(0);
  75. }
  76. if ( rpm_check( reference:"openssl-devel-0.9.6i-1.3mdk", release:"MDK8.0", yank:"mdk") )
  77. {
  78.  security_hole(0);
  79.  exit(0);
  80. }
  81. if ( rpm_check( reference:"openssl-0.9.6i-1.4mdk", release:"MDK8.1", yank:"mdk") )
  82. {
  83.  security_hole(0);
  84.  exit(0);
  85. }
  86. if ( rpm_check( reference:"libopenssl0-0.9.6i-1.4mdk", release:"MDK8.1", yank:"mdk") )
  87. {
  88.  security_hole(0);
  89.  exit(0);
  90. }
  91. if ( rpm_check( reference:"libopenssl0-devel-0.9.6i-1.4mdk", release:"MDK8.1", yank:"mdk") )
  92. {
  93.  security_hole(0);
  94.  exit(0);
  95. }
  96. if ( rpm_check( reference:"openssl-0.9.6i-1.4mdk", release:"MDK8.2", yank:"mdk") )
  97. {
  98.  security_hole(0);
  99.  exit(0);
  100. }
  101. if ( rpm_check( reference:"libopenssl0-0.9.6i-1.4mdk", release:"MDK8.2", yank:"mdk") )
  102. {
  103.  security_hole(0);
  104.  exit(0);
  105. }
  106. if ( rpm_check( reference:"libopenssl0-devel-0.9.6i-1.4mdk", release:"MDK8.2", yank:"mdk") )
  107. {
  108.  security_hole(0);
  109.  exit(0);
  110. }
  111. if ( rpm_check( reference:"openssl-0.9.6i-1.4mdk", release:"MDK9.0", yank:"mdk") )
  112. {
  113.  security_hole(0);
  114.  exit(0);
  115. }
  116. if ( rpm_check( reference:"libopenssl0-0.9.6i-1.4mdk", release:"MDK9.0", yank:"mdk") )
  117. {
  118.  security_hole(0);
  119.  exit(0);
  120. }
  121. if ( rpm_check( reference:"libopenssl0-devel-0.9.6i-1.4mdk", release:"MDK9.0", yank:"mdk") )
  122. {
  123.  security_hole(0);
  124.  exit(0);
  125. }
  126. if ( rpm_check( reference:"openssl-0.9.7a-1.1mdk", release:"MDK9.1", yank:"mdk") )
  127. {
  128.  security_hole(0);
  129.  exit(0);
  130. }
  131. if ( rpm_check( reference:"libopenssl0-0.9.6i-1.1mdk", release:"MDK9.1", yank:"mdk") )
  132. {
  133.  security_hole(0);
  134.  exit(0);
  135. }
  136. if ( rpm_check( reference:"libopenssl0.9.7-0.9.7a-1.1mdk", release:"MDK9.1", yank:"mdk") )
  137. {
  138.  security_hole(0);
  139.  exit(0);
  140. }
  141. if ( rpm_check( reference:"libopenssl0.9.7-devel-0.9.7a-1.1mdk", release:"MDK9.1", yank:"mdk") )
  142. {
  143.  security_hole(0);
  144.  exit(0);
  145. }
  146. if (rpm_exists(rpm:"openssl-", release:"MDK7.2")
  147.  || rpm_exists(rpm:"openssl-", release:"MDK8.0")
  148.  || rpm_exists(rpm:"openssl-", release:"MDK8.1")
  149.  || rpm_exists(rpm:"openssl-", release:"MDK8.2")
  150.  || rpm_exists(rpm:"openssl-", release:"MDK9.0")
  151.  || rpm_exists(rpm:"openssl-", release:"MDK9.1") )
  152. {
  153.  set_kb_item(name:"CAN-2003-0131", value:TRUE);
  154.  set_kb_item(name:"CAN-2003-0147", value:TRUE);
  155. }
  156.