The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0154 advisory.

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS)     protocols, as well as a full-strength general-purpose cryptography library.

    Security Fix(es):

    * openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)

    * OpenSSL: Excessive time spent checking DH q parameter value (CVE-2023-3817)

    * openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or     parameters may be very slow (CVE-2023-5678)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * openssl: Excessive time spent checking DH q parameter value (JIRA:RHEL-14238)

    * openssl: Excessive time spent checking DH keys and parameters (JIRA:RHEL-14244)

    * openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or     parameters may be very slow (JIRA:RHEL-16537)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 22df5074-71cd-11ee-85eb-84a93843eb75 advisory.

  - PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that     may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit     platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other     platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has a similar bug.
    (CVE-2022-42898)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported     versions that are affected are 5.7.42 and prior and 8.0.31 and prior. Easily exploitable vulnerability     allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Server. (CVE-2023-22015, CVE-2023-22026)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported     versions that are affected are 5.7.43 and prior and 8.0.31 and prior. Easily exploitable vulnerability     allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Server. (CVE-2023-22028)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported     versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high     privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful     attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable     crash (complete DOS) of MySQL Server. (CVE-2023-22032, CVE-2023-22070, CVE-2023-22078, CVE-2023-22103)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported     versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows low     privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful     attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable     crash (complete DOS) of MySQL Server. (CVE-2023-22059)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported     versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. (CVE-2023-22064, CVE-2023-22092, CVE-2023-22112)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported     versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. (CVE-2023-22065, CVE-2023-22110)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are     affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker     with network access via multiple protocols to compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. (CVE-2023-22066, CVE-2023-22068, CVE-2023-22097, CVE-2023-22114)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported     versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows low privileged     attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. (CVE-2023-22079)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are     affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high     privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful     attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable     crash (complete DOS) of MySQL Server. (CVE-2023-22084)

  - Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Supported     versions that are affected are Prior to 1.6.8. Easily exploitable vulnerability allows low privileged     attacker with logon to the infrastructure where MySQL Installer executes to compromise MySQL Installer.
    Successful attacks require human interaction from a person other than the attacker and while the     vulnerability is in MySQL Installer, attacks may significantly impact additional products (scope change).
    Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification     access to critical data or all MySQL Installer accessible data and unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL Installer. Note: This patch is used in MySQL Server     bundled version 8.0.35 and 5.7.44. (CVE-2023-22094)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). The supported     version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged attacker with     network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL     Server. (CVE-2023-22095)

  - Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions     that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker     with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require     human interaction from a person other than the attacker and while the vulnerability is in MySQL     Connectors, attacks may significantly impact additional products (scope change). Successful attacks of     this vulnerability can result in takeover of MySQL Connectors. (CVE-2023-22102)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are     affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with     network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL     Server. (CVE-2023-22104)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions     that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker     with network access via multiple protocols to compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. (CVE-2023-22111)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
    Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high     privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful     attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server     accessible data. (CVE-2023-22113)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions     that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker     with network access via multiple protocols to compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server. (CVE-2023-22115)

  - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be     very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL     subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to     very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT     IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit.
    OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the     OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT     IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER     is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the     translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n'     being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic     algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs     in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be     received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to     specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest     passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any     version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In     OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts     anything that processes X.509 certificates, including simple things like verifying its signature. The     impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's     certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client     authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509     certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so     these versions are considered not affected by this issue in such a way that it would be cause for concern,     and the severity is therefore considered low. (CVE-2023-2650)

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key     or DH parameters may experience long delays. Where the key or parameters that are being checked have been     obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs     various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter     value can also trigger an overly long computation during some of these checks. A correct q value, if     present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if     q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an     untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself     called by a number of other OpenSSL functions. An application calling any of those other functions may     similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().
    Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the -check     option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS     providers are not affected by this issue. (CVE-2023-3817)

  - This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to     pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting     done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected     to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due     to this bug, the local variable that means let the host resolve the name could get the wrong value     during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target     buffer instead of copying just the resolved address there. The target buffer being a heap based buffer,     and the host name coming from the URL that curl has been told to operate with. (CVE-2023-38545)

  - CVE-2023-38545 is a heap-based buffer overflow vulnerability in the SOCKS5 proxy handshake in libcurl and     curl.  When curl is given a hostname to pass along to a SOCKS5 proxy that is greater than 255 bytes in     length, it will switch to local name resolution in order to resolve the address before passing it on to     the SOCKS5 proxy. However, due to a bug introduced in 2020, this local name resolution could fail due to a     slow SOCKS5 handshake, causing curl to pass on the hostname greater than 255 bytes in length into the     target buffer, leading to a heap overflow.  The advisory for CVE-2023-38545 gives an example exploitation     scenario of a malicious HTTPS server redirecting to a specially crafted URL. While it might seem that an     attacker would need to influence the slowness of the SOCKS5 handshake, the advisory states that server     latency is likely slow enough to trigger this bug. (CVE-2023-38545)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7625 advisory.

    Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This     software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under     Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update     experience.

    This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 2 serves as a     replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 1, and includes bug     fixes and enhancements, which are documented in the Release Notes linked to in the References section.

    Security Fix(es):

    * curl: a heap based buffer overflow in the SOCKS5 proxy handshake (CVE-2023-38545)
    * curl: out of heap memory issue due to missing limit on header quantity (CVE-2023-38039)
    * curl: cookie injection with none file (CVE-2023-38546)
    * jbcs-httpd24-mod_jk: httpd: Apache Tomcat Connectors (mod_jk) Information Disclosure (CVE-2023-41081)
    * jbcs-httpd24-openssl: OpenSSL: Excessive time spent checking DH q parameter value (CVE-2023-3817)
    * mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487) (CVE-2023-45802)
    * openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)
    * openssl: Invalid certificate policies in leaf certificates are silently ignored (CVE-2023-0465)
    * openssl: Possible DoS translating ASN.1 object identifiers (CVE-2023-2650)
    * openssl: Denial of service by excessive resource usage in verifying X509 policy constraints     (CVE-2023-0464)
    * openssl: Certificate policy check not enabled (CVE-2023-0466)

    A Red Hat Security Bulletin which addresses further details about this flaw is available in the References     section.

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be     very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL     subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to     very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT     IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit.
    OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the     OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT     IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER     is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the     translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n'     being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic     algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs     in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be     received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to     specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest     passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any     version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In     OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts     anything that processes X.509 certificates, including simple things like verifying its signature. The     impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's     certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client     authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509     certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so     these versions are considered not affected by this issue in such a way that it would be cause for concern,     and the severity is therefore considered low. (CVE-2023-2650)

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key     or DH parameters may experience long delays. Where the key or parameters that are being checked have been     obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs     various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too     large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is     over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or     parameters that have been supplied. Some of those checks use the supplied modulus value even if it has     already been found to be too large. An application that calls DH_check() and supplies a key or parameters     obtained from an untrusted source could be vulernable to a Denial of Service attack. The function     DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those     other functions may similarly be affected. The other functions affected by this are DH_check_ex() and     EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications     when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The     OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. (CVE-2023-3446)

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key     or DH parameters may experience long delays. Where the key or parameters that are being checked have been     obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs     various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter     value can also trigger an overly long computation during some of these checks. A correct q value, if     present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if     q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an     untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself     called by a number of other OpenSSL functions. An application calling any of those other functions may     similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().
    Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check'     option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS     providers are not affected by this issue. (CVE-2023-3817)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the compat-openssl10 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be     very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL     subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to     very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT     IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit.
    OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the     OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT     IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER     is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the     translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n'     being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic     algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs     in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be     received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to     specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest     passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any     version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In     OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts     anything that processes X.509 certificates, including simple things like verifying its signature. The     impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's     certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client     authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509     certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so     these versions are considered not affected by this issue in such a way that it would be cause for concern,     and the severity is therefore considered low. (CVE-2023-2650)

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key     or DH parameters may experience long delays. Where the key or parameters that are being checked have been     obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs     various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too     large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is     over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or     parameters that have been supplied. Some of those checks use the supplied modulus value even if it has     already been found to be too large. An application that calls DH_check() and supplies a key or parameters     obtained from an untrusted source could be vulernable to a Denial of Service attack. The function     DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those     other functions may similarly be affected. The other functions affected by this are DH_check_ex() and     EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications     when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The     OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. (CVE-2023-3446)

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key     or DH parameters may experience long delays. Where the key or parameters that are being checked have been     obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs     various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter     value can also trigger an overly long computation during some of these checks. A correct q value, if     present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if     q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an     untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself     called by a number of other OpenSSL functions. An application calling any of those other functions may     similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().
    Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check'     option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS     providers are not affected by this issue. (CVE-2023-3817)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key     or DH parameters may experience long delays. Where the key or parameters that are being checked have been     obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs     various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too     large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is     over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or     parameters that have been supplied. Some of those checks use the supplied modulus value even if it has     already been found to be too large. An application that calls DH_check() and supplies a key or parameters     obtained from an untrusted source could be vulernable to a Denial of Service attack. The function     DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those     other functions may similarly be affected. The other functions affected by this are DH_check_ex() and     EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications     when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The     OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. (CVE-2023-3446)

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key     or DH parameters may experience long delays. Where the key or parameters that are being checked have been     obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs     various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter     value can also trigger an overly long computation during some of these checks. A correct q value, if     present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if     q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an     untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself     called by a number of other OpenSSL functions. An application calling any of those other functions may     similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().
    Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check'     option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS     providers are not affected by this issue. (CVE-2023-3817)

  - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or     parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to     generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(),     DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may     experience long delays. Where the key or parameters that are being checked have been obtained from an     untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks     (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable     for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an     excessively large P, it doesn't check for an excessively large Q. An application that calls     DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source     could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also     called by a number of other OpenSSL functions. An application calling any of those other functions may     similarly be affected. The other functions affected by this are DH_check_pub_key_ex(),     EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line     application when using the '-pubcheck' option, as well as the OpenSSL genpkey command line application.
    The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers     are not affected by this issue. (CVE-2023-5678)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the linux-sgx packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient     to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful     decryption an attacker would have to be able to send a very large number of trial messages for decryption.
    The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS     connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An     attacker that had observed a genuine connection between a client and a server could use this flaw to send     trial messages to the server and record the time taken to process them. After a sufficiently large number     of messages the attacker could recover the pre-master secret used for the original connection and thus be     able to decrypt the application data sent over that connection. (CVE-2022-4304)

  - The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the 'name' (e.g.
    'CERTIFICATE'), any header data and the payload data. If the function succeeds then the 'name_out',     'header' and 'data' arguments are populated with pointers to buffers containing the relevant decoded data.
    The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results     in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate     the header argument with a pointer to a buffer that has already been freed. If the caller also frees this     buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an     attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service     attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and     therefore these functions are also directly affected. These functions are also called indirectly by a     number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file()     which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the     caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations     include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL     asn1parse command line application is also impacted by this issue. (CVE-2022-4450)

  - The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is     primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may     also be called directly by end user applications. The function receives a BIO from the caller, prepends a     new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the     BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid,     the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this     case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal     pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then     a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the     internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call     BIO_pop() on the BIO. This internal function is in turn called by the public API functions     PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1,     SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include     i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL     cms and smime command line applications are similarly affected. (CVE-2023-0215)

  - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName.
    X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME     incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently     interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL     checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may     allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or     enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate     chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these     inputs, the other input must already contain an X.400 address as a CRL distribution point, which is     uncommon. As such, this vulnerability is most likely to only affect applications which have implemented     their own functionality for retrieving CRLs over a network. (CVE-2023-0286)

  - A security vulnerability has been identified in all supported versions of OpenSSL related to the     verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit     this vulnerability by creating a malicious certificate chain that triggers exponential use of     computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy     processing is disabled by default but can be enabled by passing the `-policy' argument to the command line     utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. (CVE-2023-0464)

  - Applications that use a non-default option when verifying certificates may be vulnerable to an attack from     a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are     silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A     malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent     policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled     by passing the `-policy' argument to the command line utilities or by calling the     `X509_VERIFY_PARAM_set1_policies()' function. (CVE-2023-0465)

  - The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy     check when doing certificate verification. However the implementation of the function does not enable the     check which allows certificates with invalid or incorrect policies to pass the certificate verification.
    As suddenly enabling the policy check could break existing deployments it was decided to keep the existing     behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to     perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the     policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument.
    Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.
    (CVE-2023-0466)

  - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be     very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL     subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to     very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT     IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit.
    OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the     OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT     IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER     is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the     translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n'     being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic     algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs     in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be     received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to     specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest     passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any     version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In     OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts     anything that processes X.509 certificates, including simple things like verifying its signature. The     impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's     certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client     authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509     certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so     these versions are considered not affected by this issue in such a way that it would be cause for concern,     and the severity is therefore considered low. (CVE-2023-2650)

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key     or DH parameters may experience long delays. Where the key or parameters that are being checked have been     obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs     various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter     value can also trigger an overly long computation during some of these checks. A correct q value, if     present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if     q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an     untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself     called by a number of other OpenSSL functions. An application calling any of those other functions may     similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().
    Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check'     option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS     providers are not affected by this issue. (CVE-2023-3817)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-1105 advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the -check option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

ID	名称	产品	系列	发布时间	最近更新时间	严重程度
189665	RHEL 8 : openssl (RHSA-2024:0154)	Nessus	Red Hat Local Security Checks	2024/1/26	2024/11/7	critical
183755	FreeBSD : MySQL -- Multiple vulnerabilities (22df5074-71cd-11ee-85eb-84a93843eb75)	Nessus	FreeBSD Local Security Checks	2023/10/23	2025/11/5	critical
186674	RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP2 (RHSA-2023:7625)	Nessus	Red Hat Local Security Checks	2023/12/7	2025/11/5	critical
188771	EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2023-3441)	Nessus	Huawei Local Security Checks	2024/1/16	2024/1/16	medium
188875	EulerOS Virtualization 3.0.6.0 : compat-openssl10 (EulerOS-SA-2023-3423)	Nessus	Huawei Local Security Checks	2024/1/16	2024/1/16	medium
197243	EulerOS Virtualization 3.0.6.6 : openssl (EulerOS-SA-2024-1660)	Nessus	Huawei Local Security Checks	2024/5/17	2024/5/17	medium
188732	EulerOS 2.0 SP11 : linux-sgx (EulerOS-SA-2023-3047)	Nessus	Huawei Local Security Checks	2024/1/16	2024/1/16	high
194925	Splunk Enterprise 9.0.0 < 9.0.7, 9.1.0 < 9.1.2 (SVD-2023-1105)	Nessus	CGI abuses	2024/5/2	2025/5/12	high
504024	Siemens SIMATIC S7-1500 Excessive Iteration (CVE-2023-3817)	Tenable OT Security	Tenable.ot	2025/11/13	2025/11/13	medium

检测

插件搜索

critical

critical

critical

medium

medium

medium

high

high

medium