-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2018.0271
      Multiple vulnerabilities have been identified in Tenable Nessus
                              24 October 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Tenable Nessus
Operating System:     Windows
                      UNIX variants (UNIX, Linux, OSX)
Impact/Access:        Access Privileged Data -- Remote/Unauthenticated
                      Denial of Service      -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
CVE Names:            CVE-2018-0737 CVE-2018-0732 
Member content until: Friday, November 23 2018
Reference:            ASB-2018.0265
                      ASB-2018.0250
                      ASB-2018.0241
                      ESB-2018.3221
                      ESB-2018.3049
                      ESB-2018.3014
                      ESB-2018.2960

OVERVIEW

        Multiple vulnerabilities have been identified in Tenable Nessus prior to 
        version 8.0.0. [1]


IMPACT

        Tenable have provided the following details regarding the 
        vulnerabilities:
        
        CVE-2018-732:
        
        "Description
        
        During key agreement in a TLS handshake using a DH(E) based 
        ciphersuite a malicious server can send a very large prime value to
        the client. This will cause the client to spend an unreasonably long
        period of time generating a key for this prime resulting in a hang 
        until the client has finished. This could be exploited in a Denial 
        Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 
        1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o)."
        [2]
        
        CVE-2018-0737: "Description
        
        The OpenSSL RSA Key generation algorithm has been shown to be 
        vulnerable to a cache timing side channel attack. An attacker with 
        sufficient access to mount cache timing attacks during the RSA key 
        generation process could recover the private key. Fixed in OpenSSL 
        1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev 
        (Affected 1.0.2b-1.0.2o)." [3]


MITIGATION

        Tenable recommends users upgrade to the latest version of Nessus to
        address these issues. [1]


REFERENCES

        [1] [R1] Nessus 8.0.0 Fixes Multiple Third-party Vulnerabilities
            https://www.tenable.com/security/tns-2018-14

        [2] CVE-2018-0732
            https://www.tenable.com/cve/CVE-2018-0732

        [3] CVE-2018-0737
            https://www.tenable.com/cve/CVE-2018-0737

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW8+/D2aOgq3Tt24GAQgcnw//XzCrbJoDfjpidqgWyvxX8RC3vP2x/nJv
3rYvWIaXHwDQKTFdQkZH/ZN/Pkzpggj6+/P7z8TV8SZFpd5y3q/Iw7s3LrisjdJm
S20/DENIsVIctHxyZjWbOypiBXWsI9eS35IdLrz7hyK6jdU3V5H9aS0VjtAxHzpL
vqvjjlmhFMHdJvwmAJ6GrnkdLR6mgCWkQiXLZA4bO2uSnyE7qSvT3+8aNZxnn0Cy
GZd4p3zbuNU55W5pmSszcmDB7Yp4gbXhN5tj26MY1l2lpADLhKNFungi/d9lYx+D
ot6kuhxwJrKgI+NoBY+tMELjfxFVqihEkdRlBO54IUlgKsgCq6SKkxW6ITlBiwlp
ucBrdiTfZJdDL+IjVKsFXTJD4zR3Xm+pw3KEDrJFD4167hcHfb59Us7qN7Q1Lmeh
F5fZGDUw6b9NubS7fMfrorvXFt7pcw1daiAU7qlqzDzxN/K7KhdUyORnilIzYEGa
SxteYlMvVGMKSM4sQhBclwp+5HNX+Ye3+ntzw+TW8+xZ2W6gtfpgnDY2GbbWuU78
p2Jys3gaXgUK8ulXSzkXgMj8jrtIOyCr/CBKiVVjRzNMExpazqZFHuiadu+ViL9A
reXfLLsdB4xR87I2y3PuHbZ/G6BSPOLd9IN0X1RglN5+nt+QMOIw7W/SoCdoB3I/
VfSpt0hagag=
=C7aS
-----END PGP SIGNATURE-----