Test ID:	1.3.6.1.4.1.25623.1.0.842898
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3087-2)
Summary:	The remote host is missing an update for the 'openssl' package(s) announced via the USN-3087-2 advisory.
Description:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the USN-3087-2 advisory. Vulnerability Insight: USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. (CVE-2016-6304) Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2177) Cesar Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL did not properly use constant-time operations when performing DSA signing. A remote attacker could possibly use this issue to perform a cache-timing attack and recover private DSA keys. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. (CVE-2016-2179) Shi Lei discovered that OpenSSL incorrectly handled memory in the TS_OBJ_print_bio() function. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2180) It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay feature. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves DES from the HIGH cipher list to MEDIUM. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. A remote attacker could use this issue to cause a denial of service. (CVE-2016-6302) Shi Lei discovered that OpenSSL incorrectly handled memory in the MDC2_Update() function. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-6306) Affected Software/OS: 'openssl' package(s) on Ubuntu 12.04, Ubuntu 14.04, Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2177 BugTraq ID: 91319 http://www.securityfocus.com/bid/91319 Bugtraq: 20170801 [security bulletin] HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS) (Google Search) http://www.securityfocus.com/archive/1/540957/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540957/100/0/threaded Cisco Security Advisory: 20160927 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl Debian Security Information: DSA-3673 (Google Search) http://www.debian.org/security/2016/dsa-3673 FreeBSD Security Advisory: FreeBSD-SA-16:26 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc http://seclists.org/fulldisclosure/2017/Jul/31 https://security.gentoo.org/glsa/201612-16 https://ics-cert.us-cert.gov/advisories/ICSA-18-144-01 https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24 http://www.openwall.com/lists/oss-security/2016/06/08/9 RedHat Security Advisories: RHSA-2016:1940 http://rhn.redhat.com/errata/RHSA-2016-1940.html RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html RedHat Security Advisories: RHSA-2017:0193 https://access.redhat.com/errata/RHSA-2017:0193 RedHat Security Advisories: RHSA-2017:0194 https://access.redhat.com/errata/RHSA-2017:0194 RedHat Security Advisories: RHSA-2017:1658 https://access.redhat.com/errata/RHSA-2017:1658 RedHat Security Advisories: RHSA-2017:1659 http://rhn.redhat.com/errata/RHSA-2017-1659.html http://www.securitytracker.com/id/1036088 SuSE Security Announcement: SUSE-SU-2016:2387 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html SuSE Security Announcement: SUSE-SU-2016:2394 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html SuSE Security Announcement: SUSE-SU-2016:2458 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html SuSE Security Announcement: SUSE-SU-2016:2468 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html SuSE Security Announcement: SUSE-SU-2016:2469 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html SuSE Security Announcement: SUSE-SU-2017:2699 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html SuSE Security Announcement: SUSE-SU-2017:2700 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html SuSE Security Announcement: openSUSE-SU-2016:2391 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html SuSE Security Announcement: openSUSE-SU-2016:2407 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html SuSE Security Announcement: openSUSE-SU-2016:2537 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html SuSE Security Announcement: openSUSE-SU-2018:0458 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html http://www.ubuntu.com/usn/USN-3087-1 http://www.ubuntu.com/usn/USN-3087-2 http://www.ubuntu.com/usn/USN-3181-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-2178 BugTraq ID: 91081 http://www.securityfocus.com/bid/91081 http://eprint.iacr.org/2016/594.pdf http://www.openwall.com/lists/oss-security/2016/06/08/2 http://www.openwall.com/lists/oss-security/2016/06/08/10 http://www.openwall.com/lists/oss-security/2016/06/08/11 http://www.openwall.com/lists/oss-security/2016/06/08/12 http://www.openwall.com/lists/oss-security/2016/06/08/4 http://www.openwall.com/lists/oss-security/2016/06/08/5 http://www.openwall.com/lists/oss-security/2016/06/08/6 http://www.openwall.com/lists/oss-security/2016/06/08/7 http://www.openwall.com/lists/oss-security/2016/06/08/8 http://www.openwall.com/lists/oss-security/2016/06/09/2 http://www.openwall.com/lists/oss-security/2016/06/09/8 http://www.securitytracker.com/id/1036054 SuSE Security Announcement: SUSE-SU-2016:2470 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html SuSE Security Announcement: openSUSE-SU-2016:2496 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2016-2179 BugTraq ID: 92987 http://www.securityfocus.com/bid/92987 http://www.securitytracker.com/id/1036689 Common Vulnerability Exposure (CVE) ID: CVE-2016-2180 BugTraq ID: 92117 http://www.securityfocus.com/bid/92117 http://www.securitytracker.com/id/1036486 Common Vulnerability Exposure (CVE) ID: CVE-2016-2181 BugTraq ID: 92982 http://www.securityfocus.com/bid/92982 http://www.securitytracker.com/id/1036690 Common Vulnerability Exposure (CVE) ID: CVE-2016-2182 BugTraq ID: 92557 http://www.securityfocus.com/bid/92557 RedHat Security Advisories: RHSA-2018:2185 https://access.redhat.com/errata/RHSA-2018:2185 RedHat Security Advisories: RHSA-2018:2186 https://access.redhat.com/errata/RHSA-2018:2186 RedHat Security Advisories: RHSA-2018:2187 https://access.redhat.com/errata/RHSA-2018:2187 http://www.securitytracker.com/id/1036688 http://www.securitytracker.com/id/1037968 Common Vulnerability Exposure (CVE) ID: CVE-2016-2183 1036696 http://www.securitytracker.com/id/1036696 20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information http://www.securityfocus.com/archive/1/539885/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded 20170214 [security bulletin] HPESBGN03697 rev.1 - HPE Business Service Management (BSM), Remote Disclosure of Information http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded 20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities http://www.securityfocus.com/archive/1/540341/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded 20170529 SSD Advisory - IBM Informix Dynamic Server and Informix Open Admin Tool Multiple Vulnerabilities http://seclists.org/fulldisclosure/2017/May/105 20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities 20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information http://www.securityfocus.com/archive/1/541104/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded 20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information http://www.securityfocus.com/archive/1/542005/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded 20181113 [security bulletin] MFSBGN03831 rev. - Service Management Automation, remote disclosure of information https://seclists.org/bugtraq/2018/Nov/21 42091 https://www.exploit-db.com/exploits/42091/ 92630 http://www.securityfocus.com/bid/92630 95568 http://www.securityfocus.com/bid/95568 DSA-3673 GLSA-201612-16 GLSA-201701-65 https://security.gentoo.org/glsa/201701-65 GLSA-201707-01 https://security.gentoo.org/glsa/201707-01 RHSA-2017:0336 http://rhn.redhat.com/errata/RHSA-2017-0336.html RHSA-2017:0337 http://rhn.redhat.com/errata/RHSA-2017-0337.html RHSA-2017:0338 http://rhn.redhat.com/errata/RHSA-2017-0338.html RHSA-2017:0462 http://rhn.redhat.com/errata/RHSA-2017-0462.html RHSA-2017:1216 https://access.redhat.com/errata/RHSA-2017:1216 RHSA-2017:2708 https://access.redhat.com/errata/RHSA-2017:2708 RHSA-2017:2709 https://access.redhat.com/errata/RHSA-2017:2709 RHSA-2017:2710 https://access.redhat.com/errata/RHSA-2017:2710 RHSA-2017:3113 https://access.redhat.com/errata/RHSA-2017:3113 RHSA-2017:3114 https://access.redhat.com/errata/RHSA-2017:3114 RHSA-2017:3239 https://access.redhat.com/errata/RHSA-2017:3239 RHSA-2017:3240 https://access.redhat.com/errata/RHSA-2017:3240 RHSA-2018:2123 https://access.redhat.com/errata/RHSA-2018:2123 RHSA-2019:1245 https://access.redhat.com/errata/RHSA-2019:1245 RHSA-2019:2859 https://access.redhat.com/errata/RHSA-2019:2859 RHSA-2020:0451 https://access.redhat.com/errata/RHSA-2020:0451 SUSE-SU-2016:2387 SUSE-SU-2016:2394 SUSE-SU-2016:2458 SUSE-SU-2016:2468 SUSE-SU-2016:2469 SUSE-SU-2016:2470 SUSE-SU-2017:0346 http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html SUSE-SU-2017:0460 http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html SUSE-SU-2017:0490 http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html SUSE-SU-2017:1444 http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html SUSE-SU-2017:2699 SUSE-SU-2017:2700 USN-3087-1 USN-3087-2 USN-3179-1 http://www.ubuntu.com/usn/USN-3179-1 USN-3194-1 http://www.ubuntu.com/usn/USN-3194-1 USN-3198-1 http://www.ubuntu.com/usn/USN-3198-1 USN-3270-1 http://www.ubuntu.com/usn/USN-3270-1 USN-3372-1 http://www.ubuntu.com/usn/USN-3372-1 [tls] 20091120 RC4+3DES rekeying - long-lived TLS connections https://www.ietf.org/mail-archive/web/tls/current/msg04560.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697 http://www-01.ibm.com/support/docview.wss?uid=swg21991482 http://www-01.ibm.com/support/docview.wss?uid=swg21995039 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html http://www.splunk.com/view/SP-CAAAPSV http://www.splunk.com/view/SP-CAAAPUE https://access.redhat.com/articles/2548661 https://access.redhat.com/security/cve/cve-2016-2183 https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/ https://bto.bluecoat.com/security-advisory/sa133 https://bugzilla.redhat.com/show_bug.cgi?id=1369383 https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369403 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369415 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05385680 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390722 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390849 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312 https://kc.mcafee.com/corporate/index?page=content&id=SB10171 https://kc.mcafee.com/corporate/index?page=content&id=SB10186 https://kc.mcafee.com/corporate/index?page=content&id=SB10197 https://kc.mcafee.com/corporate/index?page=content&id=SB10215 https://kc.mcafee.com/corporate/index?page=content&id=SB10310 https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/ https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ https://security.netapp.com/advisory/ntap-20160915-0001/ https://security.netapp.com/advisory/ntap-20170119-0001/ https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178 https://support.f5.com/csp/article/K13167034 https://sweet32.info/ https://wiki.opendaylight.org/view/Security_Advisories https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008 https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/ https://www.openssl.org/blog/blog/2016/08/24/sweet32/ https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.sigsac.org/ccs/CCS2016/accepted-papers/ https://www.tenable.com/security/tns-2016-16 https://www.tenable.com/security/tns-2016-20 https://www.tenable.com/security/tns-2016-21 https://www.tenable.com/security/tns-2017-09 https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue openSUSE-SU-2016:2391 openSUSE-SU-2016:2407 openSUSE-SU-2016:2496 openSUSE-SU-2016:2537 openSUSE-SU-2017:0374 http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html openSUSE-SU-2017:0513 http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html openSUSE-SU-2018:0458 Common Vulnerability Exposure (CVE) ID: CVE-2016-6302 BugTraq ID: 92628 http://www.securityfocus.com/bid/92628 http://www.securitytracker.com/id/1036885 Common Vulnerability Exposure (CVE) ID: CVE-2016-6303 1036885 92984 http://www.securityfocus.com/bid/92984 FreeBSD-SA-16:26 https://bto.bluecoat.com/security-advisory/sa132 https://bugzilla.redhat.com/show_bug.cgi?id=1370146 https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=55d83bf7c10c7b205fffa23fa7c3977491e56c07 Common Vulnerability Exposure (CVE) ID: CVE-2016-6304 BugTraq ID: 93150 http://www.securityfocus.com/bid/93150 http://seclists.org/fulldisclosure/2016/Oct/62 http://seclists.org/fulldisclosure/2016/Dec/47 http://packetstormsecurity.com/files/139091/OpenSSL-x509-Parsing-Double-Free-Invalid-Free.html RedHat Security Advisories: RHSA-2016:2802 http://rhn.redhat.com/errata/RHSA-2016-2802.html RedHat Security Advisories: RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1413 RedHat Security Advisories: RHSA-2017:1414 https://access.redhat.com/errata/RHSA-2017:1414 RedHat Security Advisories: RHSA-2017:1415 http://rhn.redhat.com/errata/RHSA-2017-1415.html RedHat Security Advisories: RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1801 RedHat Security Advisories: RHSA-2017:1802 https://access.redhat.com/errata/RHSA-2017:1802 RedHat Security Advisories: RHSA-2017:2493 https://access.redhat.com/errata/RHSA-2017:2493 RedHat Security Advisories: RHSA-2017:2494 https://access.redhat.com/errata/RHSA-2017:2494 http://www.securitytracker.com/id/1036878 http://www.securitytracker.com/id/1037640 SuSE Security Announcement: openSUSE-SU-2016:2769 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00021.html SuSE Security Announcement: openSUSE-SU-2016:2788 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00027.html Common Vulnerability Exposure (CVE) ID: CVE-2016-6306 BugTraq ID: 93153 http://www.securityfocus.com/bid/93153 https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us https://www.openssl.org/news/secadv/20160922.txt
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.