Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2016.0098 OpenSSL '20160926' Advisory Affects Tenable Nessus 6.8.x 26 October 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Tenable Nessus Operating System: Windows OS X Linux variants FreeBSD Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Access Privileged Data -- Existing Account Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2016-7052 CVE-2016-6329 CVE-2016-6309 CVE-2016-6308 CVE-2016-6307 CVE-2016-6306 CVE-2016-6305 CVE-2016-6304 CVE-2016-6303 CVE-2016-6302 CVE-2016-2182 CVE-2016-2181 CVE-2016-2180 CVE-2016-2179 CVE-2016-2178 CVE-2016-2177 Member content until: Friday, November 25 2016 Reference: ESB-2016.2368 ESB-2016.2332 ESB-2016.2271 ESB-2016.2268 OVERVIEW Multiple vulnerabilities have been identified in Tenable Nessus prior to version 6.9. [1] IMPACT The vendor has provided the following details regarding the vulnerabilities: "CVE-2016-6308 - OpenSSL ssl/statem/statem_dtls.c dtls1_preprocess_fragment() Function DTLS Message Handling Memory Exhaustion Remote DoS CVE-2016-6305 - OpenSSL ssl/record/rec_layer_s3.c SSL_peek() Function Empty Record Handling Remote DoS CVE-2016-6304 - OpenSSL ssl/t1_lib.c ssl_parse_clienthello_tlsext() Function OCSP Status Request Extension Handling Memory Exhaustion Remote DoS CVE-2016-6306 - OpenSSL Certificate Message Handling Limited Out-of-bounds Read DoS Weakness CVE-2016-6307 - OpenSSL ssl/statem/statem_lib.c tls_get_message_header() Function Memory Exhaustion Remote DoS CVE-2016-6303 - OpenSSL crypto/mdc2/mdc2dgst.c MDC2_Update() Function Buffer Overflow Weakness CVE-2016-6329 - Triple Data Encryption Algorithm (3DES) 64-bit Block Size Birthday Attack HTTPS Cookie MitM Disclosure (SWEET32) CVE-2016-6302 - OpenSSL ssl/t1_lib.c tls_decrypt_ticket() Function Ticket HMAC Digest Handling Remote DoS CVE-2016-2179 - OpenSSL DTLS Buffered Message Saturation Queue Exhaustion Remote DoS CVE-2016-2181 - OpenSSL DTLS Implementation Record Epoch Sequence Number Handling Remote DoS CVE-2016-2182 - OpenSSL crypto/bn/bn_print.c BN_bn2dec() Function BIGNUM Handling Buffer Overflow DoS CVE-2016-2180 - OpenSSL crypto/ts/ts_lib.c TS_OBJ_print_bio() Function Out-of-bounds Read Issue CVE-2016-2178 - OpenSSL crypto/dsa/dsa_ossl.c DSA Signing Algorithm Constant Time Failure Side-channel Attack Information Disclosure CVE-2016-2177 - OpenSSL Integer Overflow Unspecified Weakness CVE-2016-6309 - OpenSSL ssl/statem/statem.c read_state_machine() Function Message Handling Use-after-free Remote Code Execution CVE-2016-7052 - OpenSSL CRL Handling Unspecified NULL Pointer Dereference DoS"[1] MITIGATION Tenable advises users should upgrade to the latest version of Nessus to address these issues. [1] REFERENCES [1] OpenSSL '20160926' Advisory Affects Tenable Nessus http://www.tenable.com/security/tns-2016-16 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWBBFbox+lLeg9Ub1AQgeoA//dpwKz/pex8iGCpw0wv/BOkRvkoSPRyTw RmN/v8aCNjP4sVYwvE7dcoiIVk+VZIaYjfAZwDzrreyvLn+bs49W8V+R8Oe+GAB+ CY0cFhpjOCt1lS+BrjBjd6AHR2XHLHbqg/F9Dk9F1AgLU0D4D+Vi/B+3C6w8fNo9 a56zy+RhOWfmw1x1kROWpT/tsNmQ3kozGr6OG0zF5+VfDYFYqlTqvC3uHHr179Nw W247aHMf4p0gassGaHXeNN8O/ksWCq5vcYkRNRPJ75fjxGd7V/kpwOOKIP1yhIqm Z1up8Hto+UKJGAlsXjebuz2LUkPFu1BlBs9iMUTEZrMtZs0N9H3ugmnccalbkoQV iQFuaPGDzYGJJ54MLvEJxH5+mJhN1YJLMLRSaKZJC9mXIBqeMWK6CSqdLoGskere N/tsReg12tpdpFsKt0JR7GRT+HMkB1nnKYsGSNayRUTyx0PdJ6vrW5/c3I56jrh6 sZaqwtInUicmoyfv1uMn/VX9j+7NiaknkINiWi9PYBHYOnb3LCXTOuiAr+vF+SWn FQWEm084ZtKhHv9MDRV8z73VFa/V+ouMZ3SQFa56oJ/c8f6WdfjCgicxPIOWt1Ko FSRruAmiuzDXfj56W63ooFMsc/Rdj3ITuLbTYBK6F6l7BIQrFcGUj9OM4SqLYSkV efAL2B/XghM= =MELt -----END PGP SIGNATURE-----