CVE-2018-0732 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2018-0732?

CVE-2018-0732 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-0732?

Check the references section above for vendor advisories and patch information. Affected products include: Openssl Openssl, Canonical Ubuntu Linux, Debian Debian Linux, Nodejs Node.Js.

Vulnerability Description

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Openssl	Openssl	>= 1.0.2, <= 1.0.2o
Canonical	Ubuntu Linux	12.04
Debian	Debian Linux	8.0
Nodejs	Node.Js	>= 6.0.0, < 6.8.1

Related Weaknesses (CWE)

CWE-320

References

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlPatchThird Party Advisory
http://www.securityfocus.com/bid/104442Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1041090Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:2552Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2553Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3221Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3505Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1296Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1297Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1543Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdfThird Party Advisory
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3984ef0b72831da
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ea7abeeabf92b7a
https://lists.debian.org/debian-lts-announce/2018/07/msg00043.htmlThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro

FAQ

What is CVE-2018-0732?

CVE-2018-0732 is a vulnerability with a CVSS score of 7.5 (HIGH). During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long per...

How severe is CVE-2018-0732?

CVE-2018-0732 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-0732?

Check the references section above for vendor advisories and patch information. Affected products include: Openssl Openssl, Canonical Ubuntu Linux, Debian Debian Linux, Nodejs Node.Js.