Vulnerability CVE-2018-0734


Published: 2018-10-30

Description:
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).

Type:

CWE-320

(Key Management Errors)

Vendor: Debian
Product: Debian linux 
Version: 9.0;
Vendor: Nodejs
Product: Node.js 
Version:
8.9.4
8.9.3
8.9.2
8.9.1
8.9.0
8.14.0
8.13.0
8.12.0
8.11.4
8.11.3
8.11.2
8.11.1
8.10.0
6.9.5
6.9.4
6.9.3
6.9.2
6.9.1
6.9.0
6.15.1
6.15.0
6.14.4
6.14.3
6.14.2
6.14.1
6.14.0
6.13.1
6.13.0
6.12.3
6.12.2
6.12.1
6.12.0
6.11.5
6.11.4
6.11.3
6.11.2
6.10.3
6.10.1
6.10.0
11.4.0
11.3.0
11.2.0
11.1.0
11.0.0
10.14.1
10.14.0
10.13.0
Vendor: Canonical
Product: Ubuntu linux 
Version:
18.10
18.04
16.04
14.04
Vendor: Openssl
Product: Openssl 
Version:
1.1.1
1.1.0i
1.1.0h
1.1.0g
1.1.0f
1.1.0e
1.1.0d
1.1.0c
1.1.0b
1.1.0a
1.1.0
1.0.2p
1.0.2o
1.0.2n
1.0.2m
1.0.2l
1.0.2k
1.0.2j
1.0.2i
1.0.2h
1.0.2g
1.0.2f
1.0.2e
1.0.2d
1.0.2c
1.0.2b
1.0.2a
1.0.2
Vendor: Netapp
Product: Oncommand unified manager 
Product: Cn1610 firmware 
Product: Cloud backup 
Product: Santricity smi-s provider 
Product: Steelstore 

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://www.securityfocus.com/bid/105758
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=43e6a58d4991a451daf4891ff05a48735df871ac
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8abfe72e8c1de1b95f50aa0d9134803b4d00070f
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ef11e19d1365eea2b1851e6f540a0bf365d303e7
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
https://security.netapp.com/advisory/ntap-20181105-0002/
https://security.netapp.com/advisory/ntap-20190118-0002/
https://security.netapp.com/advisory/ntap-20190423-0002/
https://usn.ubuntu.com/3840-1/
https://www.debian.org/security/2018/dsa-4348
https://www.debian.org/security/2018/dsa-4355
https://www.openssl.org/news/secadv/20181030.txt
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.tenable.com/security/tns-2018-16
https://www.tenable.com/security/tns-2018-17

Related CVE
CVE-2019-9946
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptable...
CVE-2019-7612
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as p...
CVE-2019-3863
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bound...
CVE-2019-3861
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or...
CVE-2019-3860
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3857
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execut...
CVE-2019-3856
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client syst...
CVE-2019-3858
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client mem...

Copyright 2019, cxsecurity.com

 

Back to Top