Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title HP SSL for OpenVMS, Remote Unauthorized Data Injection, Denial of Service(Dos)
Informations
Name HPSBOV02540 SSRT090249 First vendor Publication 2010-06-16
Vendor HP Last vendor Modification 2010-06-16
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential security vulnerabilities have been identified with HP SSL for OpenVMS. The vulnerabilities could be remotely exploited resulting in unauthorized data injection or a Denial of Service (DoS).

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02227287

CWE : Common Weakness Enumeration

% Id Name
40 % CWE-20 Improper Input Validation
20 % CWE-287 Improper Authentication
20 % CWE-189 Numeric Errors (CWE/SANS Top 25)
20 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10198
 
Oval ID: oval:org.mitre.oval:def:10198
Title: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Description: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0590
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11738
 
Oval ID: oval:org.mitre.oval:def:11738
Title: HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
Description: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3245
 Version: 11
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13504
 
Oval ID: oval:org.mitre.oval:def:13504
Title: DSA-1701-1 openssl, openssl097 -- interpretation conflict
Description: It was discovered that OpenSSL does not properly verify DSA signatures on X.509 certificates due to an API misuse, potentially leading to the acceptance of incorrect X.509 certificates as genuine. For the stable distribution, this problem has been fixed in version 0.9.8c-4etch4 of the openssl package, and version 0.9.7k-3.1etch2 of the openssl097 package. For the unstable distribution, this problem has been fixed in version 0.9.8g-15. The testing distribution will be fixed soon. We recommend that you upgrade your OpenSSL packages.
Family: unix Class: patch
Reference(s): DSA-1701-1
CVE-2008-5077
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): openssl
openssl097
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13751
 
Oval ID: oval:org.mitre.oval:def:13751
Title: DSA-1763-1 openssl -- programming error
Description: It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate. For the old stable distribution, this problem has been fixed in version 0.9.8c-4etch5 of the openssl package and in version 0.9.7k-3.1etch3 of the openssl097 package. For the stable distribution, this problem has been fixed in version 0.9.8g-15+lenny1. For the unstable distribution, this problem has been fixed in version 0.9.8g-16. We recommend that you upgrade your openssl packages.
Family: unix Class: patch
Reference(s): DSA-1763-1
CVE-2009-0590
 Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
 Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13799
 
Oval ID: oval:org.mitre.oval:def:13799
Title: USN-750-1 -- openssl vulnerability
Description: It was discovered that OpenSSL did not properly validate the length of an encoded BMPString or UniversalString when printing ASN.1 strings. If a user or automated system were tricked into processing a crafted certificate, an attacker could cause a denial of service via application crash in applications linked against OpenSSL.
Family: unix Class: patch
Reference(s): USN-750-1
CVE-2009-0590
 Version: 5
Platform(s): Ubuntu 7.10
Ubuntu 8.04
Ubuntu 6.06
Ubuntu 8.10
 Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13925
 
Oval ID: oval:org.mitre.oval:def:13925
Title: USN-704-1 -- openssl vulnerability
Description: It was discovered that OpenSSL did not properly perform signature verification on DSA and ECDSA keys. If user or automated system connected to a malicious server or a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.
Family: unix Class: patch
Reference(s): USN-704-1
CVE-2008-5077
 Version: 5
Platform(s): Ubuntu 7.10
Ubuntu 8.04
Ubuntu 6.06
Ubuntu 8.10
 Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20930
 
Oval ID: oval:org.mitre.oval:def:20930
Title: "Record of death" vulnerability
Description: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3245
 Version: 4
Platform(s): IBM AIX 6.1
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21759
 
Oval ID: oval:org.mitre.oval:def:21759
Title: ELSA-2009:0004: openssl security update (Important)
Description: OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Family: unix Class: patch
Reference(s): ELSA-2009:0004-01
CVE-2008-5077
 Version: 6
Platform(s): Oracle Linux 5
 Product(s): openssl
openssl095a
openssl096
openssl096b
openssl097a
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21864
 
Oval ID: oval:org.mitre.oval:def:21864
Title: HP-UX Running OpenSSL, Remote Unauthorized Access
Description: OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5077
 Version: 9
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22023
 
Oval ID: oval:org.mitre.oval:def:22023
Title: HP-UX Running OpenSSL, Remote Denial of Service (DoS), Bypass Security Restrictions
Description: The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0591
 Version: 8
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22194
 
Oval ID: oval:org.mitre.oval:def:22194
Title: HP-UX Running OpenSSL, Remote Denial of Service (DoS), Bypass Security Restrictions
Description: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0590
 Version: 8
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22331
 
Oval ID: oval:org.mitre.oval:def:22331
Title: HP-UX Running OpenSSL, Remote Denial of Service (DoS), Bypass Security Restrictions
Description: OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0789
 Version: 8
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25083
 
Oval ID: oval:org.mitre.oval:def:25083
Title: Vulnerability in OpenSSL 0.9.8h through 0.9.8j, allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid
Description: The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0591
 Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
 Product(s): OpenSSL
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25086
 
Oval ID: oval:org.mitre.oval:def:25086
Title: Vulnerability in OpenSSL before 0.9.8k on WIN64, allows remote attackers to cause a denial of service (invalid memory access and application crash)
Description: OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0789
 Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
 Product(s): OpenSSL
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25158
 
Oval ID: oval:org.mitre.oval:def:25158
Title: Vulnerability in OpenSSL before 0.9.8m, does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c
Description: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3245
 Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
 Product(s): OpenSSL
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25196
 
Oval ID: oval:org.mitre.oval:def:25196
Title: Vulnerability in OpenSSL before 0.9.8k, allows remote attackers to cause a denial of service (invalid memory access and application crash)
Description: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0590
 Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
 Product(s): OpenSSL
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28712
 
Oval ID: oval:org.mitre.oval:def:28712
Title: RHSA-2009:0004 -- openssl security update (Important)
Description: Updated OpenSSL packages that correct a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength, general purpose, cryptography library. The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a malicious server, or able to effect a man in the middle attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client and bypass validation. (CVE-2008-5077)
Family: unix Class: patch
Reference(s): RHSA-2009:0004
CESA-2009:0004-CentOS 3
CESA-2009:0004-CentOS 5
CESA-2009:0004-CentOS 2
CVE-2008-5077
 Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 3
CentOS Linux 5
CentOS Linux 2
 Product(s): openssl
openssl095a
openssl096
openssl096b
openssl097a
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6380
 
Oval ID: oval:org.mitre.oval:def:6380
Title: OpenSSL DSA and ECDSA "EVP_VerifyFinal()" Spoofing Vulnerability
Description: OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5077
 Version: 1
Platform(s): VMWare ESX Server 3
VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6640
 
Oval ID: oval:org.mitre.oval:def:6640
Title: VMware ESX, Service Console update for OpenSSL, GnuTLS, NSS and NSPR.
Description: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3245
 Version: 5
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6996
 
Oval ID: oval:org.mitre.oval:def:6996
Title: OpenSSL Multiple Vulnerabilities
Description: The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0590
 Version: 5
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7738
 
Oval ID: oval:org.mitre.oval:def:7738
Title: DSA-1701 openssl, openssl097 -- interpretation conflict
Description: It was discovered that OpenSSL does not properly verify DSA signatures on X.509 certificates due to an API misuse, potentially leading to the acceptance of incorrect X.509 certificates as genuine (CVE-2008-5077).
Family: unix Class: patch
Reference(s): DSA-1701
CVE-2008-5077
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): openssl
openssl097
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8038
 
Oval ID: oval:org.mitre.oval:def:8038
Title: DSA-1763 openssl -- programming error
Description: It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate.
Family: unix Class: patch
Reference(s): DSA-1763
CVE-2009-0590
 Version: 3
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
 Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9155
 
Oval ID: oval:org.mitre.oval:def:9155
Title: OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Description: OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5077
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9790
 
Oval ID: oval:org.mitre.oval:def:9790
Title: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
Description: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3245
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 257
Os 2

OpenVAS Exploits

Date Description
2012-07-30 Name : CentOS Update for openssl CESA-2010:0977 centos4 x86_64
File : nvt/gb_CESA-2010_0977_openssl_centos4_x86_64.nasl
2012-04-16 Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-01 (openssl)
File : nvt/glsa_201110_01.nasl
2011-08-19 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)
File : nvt/secpod_macosx_su11-004.nasl
2011-08-09 Name : CentOS Update for openssl CESA-2009:1335 centos5 i386
File : nvt/gb_CESA-2009_1335_openssl_centos5_i386.nasl
2011-08-09 Name : CentOS Update for openssl CESA-2010:0162 centos5 i386
File : nvt/gb_CESA-2010_0162_openssl_centos5_i386.nasl
2011-08-09 Name : CentOS Update for openssl CESA-2009:0004 centos5 i386
File : nvt/gb_CESA-2009_0004_openssl_centos5_i386.nasl
2011-08-09 Name : CentOS Update for openssl CESA-2009:0004-01 centos2 i386
File : nvt/gb_CESA-2009_0004-01_openssl_centos2_i386.nasl
2011-08-09 Name : CentOS Update for openssl096b CESA-2009:0004 centos3 i386
File : nvt/gb_CESA-2009_0004_openssl096b_centos3_i386.nasl
2011-08-09 Name : CentOS Update for openssl097a CESA-2009:0004 centos5 i386
File : nvt/gb_CESA-2009_0004_openssl097a_centos5_i386.nasl
2011-08-09 Name : CentOS Update for openssl CESA-2009:0004 centos4 i386
File : nvt/gb_CESA-2009_0004_openssl_centos4_i386.nasl
2011-01-31 Name : CentOS Update for openssl CESA-2010:0977 centos4 i386
File : nvt/gb_CESA-2010_0977_openssl_centos4_i386.nasl
2010-12-28 Name : RedHat Update for openssl RHSA-2010:0977-01
File : nvt/gb_RHSA-2010_0977-01_openssl.nasl
2010-10-19 Name : Ubuntu Update for openssl vulnerabilities USN-1003-1
File : nvt/gb_ubuntu_USN_1003_1.nasl
2010-06-25 Name : Fedora Update for openssl FEDORA-2010-9421
File : nvt/gb_fedora_2010_9421_openssl_fc11.nasl
2010-05-28 Name : Fedora Update for openssl FEDORA-2010-8742
File : nvt/gb_fedora_2010_8742_openssl_fc12.nasl
2010-05-12 Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2010-04-30 Name : HP-UX Update for OpenSSL HPSBUX02517
File : nvt/gb_hp_ux_HPSBUX02517.nasl
2010-04-29 Name : Mandriva Update for openssl MDVSA-2010:076-1 (openssl)
File : nvt/gb_mandriva_MDVSA_2010_076_1.nasl
2010-04-19 Name : Fedora Update for openssl FEDORA-2010-5357
File : nvt/gb_fedora_2010_5357_openssl_fc11.nasl
2010-04-19 Name : Mandriva Update for openssl MDVSA-2010:076 (openssl)
File : nvt/gb_mandriva_MDVSA_2010_076.nasl
2010-03-31 Name : CentOS Update for openssl096b CESA-2010:0173 centos3 i386
File : nvt/gb_CESA-2010_0173_openssl096b_centos3_i386.nasl
2010-03-31 Name : CentOS Update for openssl CESA-2010:0163 centos3 i386
File : nvt/gb_CESA-2010_0163_openssl_centos3_i386.nasl
2010-03-31 Name : CentOS Update for openssl CESA-2010:0163 centos4 i386
File : nvt/gb_CESA-2010_0163_openssl_centos4_i386.nasl
2010-03-31 Name : CentOS Update for openssl096b CESA-2010:0173 centos4 i386
File : nvt/gb_CESA-2010_0173_openssl096b_centos4_i386.nasl
2010-03-31 Name : RedHat Update for openssl RHSA-2010:0162-01
File : nvt/gb_RHSA-2010_0162-01_openssl.nasl
2010-03-31 Name : RedHat Update for openssl RHSA-2010:0163-01
File : nvt/gb_RHSA-2010_0163-01_openssl.nasl
2010-03-31 Name : RedHat Update for openssl096b RHSA-2010:0173-02
File : nvt/gb_RHSA-2010_0173-02_openssl096b.nasl
2010-03-10 Name : OpenSSL 'bn_wexpand()' Multiple Vulnerabilities (Win)
File : nvt/gb_openssl_bnwexpand_mul_vuln_win.nasl
2010-03-02 Name : Mandriva Update for rsh MDVA-2010:076 (rsh)
File : nvt/gb_mandriva_MDVA_2010_076.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-19 Name : Mandrake Security Advisory MDVSA-2009:271 (libnasl)
File : nvt/mdksa_2009_271.nasl
2009-10-13 Name : Solaris Update for sshd 140119-11
File : nvt/gb_solaris_140119_11.nasl
2009-10-13 Name : Solaris Update for sshd 141742-04
File : nvt/gb_solaris_141742_04.nasl
2009-10-13 Name : SLES10: Security update for compat-openssl097g
File : nvt/sles10_compat-openssl0.nasl
2009-10-13 Name : SLES10: Security update for compat-openssl097g
File : nvt/sles10_compat-openssl00.nasl
2009-10-13 Name : SLES10: Security update for openssl
File : nvt/sles10_openssl.nasl
2009-10-13 Name : SLES10: Security update for OpenSSL
File : nvt/sles10_openssl1.nasl
2009-10-11 Name : SLES11: Security update for OpenSSL
File : nvt/sles11_libopenssl0_9_8.nasl
2009-10-10 Name : SLES9: Security update for openssl
File : nvt/sles9p5041421.nasl
2009-10-10 Name : SLES9: Security update for OpenSSL
File : nvt/sles9p5048397.nasl
2009-09-23 Name : Solaris Update for sshd 140119-07
File : nvt/gb_solaris_140119_07.nasl
2009-09-23 Name : Solaris Update for sshd 140119-09
File : nvt/gb_solaris_140119_09.nasl
2009-09-23 Name : Solaris Update for sshd 141742-02
File : nvt/gb_solaris_141742_02.nasl
2009-09-21 Name : CentOS Security Advisory CESA-2009:1335 (openssl)
File : nvt/ovcesa2009_1335.nasl
2009-09-09 Name : RedHat Security Advisory RHSA-2009:1335
File : nvt/RHSA_2009_1335.nasl
2009-07-17 Name : HP-UX Update for OpenSSL HPSBUX02435
File : nvt/gb_hp_ux_HPSBUX02435.nasl
2009-06-23 Name : Fedora Core 10 FEDORA-2009-5412 (openssl)
File : nvt/fcore_2009_5412.nasl
2009-06-23 Name : Fedora Core 9 FEDORA-2009-5423 (openssl)
File : nvt/fcore_2009_5423.nasl
2009-06-05 Name : Ubuntu USN-776-2 (kvm)
File : nvt/ubuntu_776_2.nasl
2009-06-05 Name : Ubuntu USN-707-1 (cupsys)
File : nvt/ubuntu_707_1.nasl
2009-06-03 Name : Solaris Update for Kernel 139555-08
File : nvt/gb_solaris_139555_08.nasl
2009-06-03 Name : Solaris Update for sshd 140119-06
File : nvt/gb_solaris_140119_06.nasl
2009-05-20 Name : SuSE Security Summary SUSE-SR:2009:010
File : nvt/suse_sr_2009_010.nasl
2009-05-11 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD.nasl
2009-05-05 Name : HP-UX Update for OpenSSL HPSBUX02418
File : nvt/gb_hp_ux_HPSBUX02418.nasl
2009-04-28 Name : FreeBSD Security Advisory (FreeBSD-SA-09:08.openssl.asc)
File : nvt/freebsdsa_openssl7.nasl
2009-04-15 Name : Debian Security Advisory DSA 1763-1 (openssl)
File : nvt/deb_1763_1.nasl
2009-04-15 Name : Gentoo Security Advisory GLSA 200904-08 (openssl)
File : nvt/glsa_200904_08.nasl
2009-04-06 Name : Gentoo Security Advisory GLSA 200904-05 (ntp)
File : nvt/glsa_200904_05.nasl
2009-04-06 Name : Ubuntu USN-750-1 (openssl)
File : nvt/ubuntu_750_1.nasl
2009-04-06 Name : Mandrake Security Advisory MDVSA-2009:087 (openssl)
File : nvt/mdksa_2009_087.nasl
2009-04-06 Name : Ubuntu USN-749-1 (libsndfile)
File : nvt/ubuntu_749_1.nasl
2009-04-02 Name : OpenSSL Multiple Vulnerabilities (Win)
File : nvt/gb_openssl_mult_vuln_win.nasl
2009-04-02 Name : OpenSSL Multiple Vulnerabilities (Linux)
File : nvt/gb_openssl_mult_vuln_lin.nasl
2009-02-18 Name : Mandrake Security Advisory MDVSA-2009:037 (bind)
File : nvt/mdksa_2009_037.nasl
2009-02-13 Name : Gentoo Security Advisory GLSA 200902-02 (openssl)
File : nvt/glsa_200902_02.nasl
2009-02-10 Name : CentOS Security Advisory CESA-2009:0004-01 (openssl)
File : nvt/ovcesa2009_0004_01.nasl
2009-01-26 Name : Fedora Core 9 FEDORA-2009-0547 (ntp)
File : nvt/fcore_2009_0547.nasl
2009-01-26 Name : SuSE Security Advisory SUSE-SA:2009:006 (openssl)
File : nvt/suse_sa_2009_006.nasl
2009-01-26 Name : Fedora Core 10 FEDORA-2009-0544 (ntp)
File : nvt/fcore_2009_0544.nasl
2009-01-22 Name : OpenSSL DSA_do_verify() Security Bypass Vulnerability in NASL
File : nvt/secpod_nasl_sec_bypass_vuln.nasl
2009-01-20 Name : Fedora Core 10 FEDORA-2009-0419 (tqsllib)
File : nvt/fcore_2009_0419.nasl
2009-01-20 Name : Fedora Core 9 FEDORA-2009-0543 (tqsllib)
File : nvt/fcore_2009_0543.nasl
2009-01-15 Name : OpenSSL DSA_verify() Security Bypass Vulnerability in BIND
File : nvt/gb_bind_sec_bypass_vuln.nasl
2009-01-13 Name : Ubuntu USN-704-1 (openssl)
File : nvt/ubuntu_704_1.nasl
2009-01-13 Name : Debian Security Advisory DSA 1701-1 (openssl, openssl097)
File : nvt/deb_1701_1.nasl
2009-01-13 Name : Fedora Core 9 FEDORA-2009-0325 (openssl)
File : nvt/fcore_2009_0325.nasl
2009-01-13 Name : FreeBSD Security Advisory (FreeBSD-SA-09:02.openssl.asc)
File : nvt/freebsdsa_openssl6.nasl
2009-01-13 Name : CentOS Security Advisory CESA-2009:0004 (openssl)
File : nvt/ovcesa2009_0004.nasl
2009-01-13 Name : Fedora Core 10 FEDORA-2009-0331 (openssl)
File : nvt/fcore_2009_0331.nasl
2009-01-09 Name : libcrypt-openssl-dsa-perl Security Bypass Vulnerability in OpenSSL
File : nvt/gb_openssl_sec_bypass_vuln.nasl
2009-01-07 Name : RedHat Security Advisory RHSA-2009:0004
File : nvt/RHSA_2009_0004.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-014-01 openssl
File : nvt/esoft_slk_ssa_2009_014_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-014-02 bind
File : nvt/esoft_slk_ssa_2009_014_02.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-014-03 ntp
File : nvt/esoft_slk_ssa_2009_014_03.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-098-01 openssl
File : nvt/esoft_slk_ssa_2009_098_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-060-02 openssl
File : nvt/esoft_slk_ssa_2010_060_02.nasl
0000-00-00 Name : OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability
File : nvt/gb_openssl_38562.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
62881 SSH Tectia Audit Player ASN1_STRING_print_ex() Function BMPString / Universal...
62880 SSH Tectia Audit Player CMS_verify() Function Malformed Signed Attribute Cont...
62878 SSH Tectia Audit Player EVP_VerifyFinal Function DSA / ECDSA Key Validation W...
62844 OpenSSL bn_wexpand Function NULL Return Value Check Weakness
52866 OpenSSL Malformed ASN1 Structure Handling DoS
52865 OpenSSL CMS_verify() Function Malformed Signed Attribute Content Digest Valid...
52864 OpenSSL ASN1_STRING_print_ex() Function BMPString / UniversalString Handling DoS
51164 OpenSSL EVP_VerifyFinal Function DSA / ECDSA Key Validation Weakness

OpenSSL contains a flaw that may allow a malicious user to perform a 'man in the middle' attack. The issue is triggered when several functions within OpenSSL incorrectly check the result of the EVP_VerifyFinal function. It is possible that the flaw may allow a malformed signature to be treated as a good signature instead of an error, resulting in a loss of integrity.

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0015_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0019_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0004_remote.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2009-0011.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL11503.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15404.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL9754.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO
2014-04-16 Name : The remote AIX host is running a vulnerable version of OpenSSL.
File : aix_openssl_advisory.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0004.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0020.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-0046.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0162.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0163.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2010-0173.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0977.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1335.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090107_openssl_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090902_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20100325_openssl096b_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100325_openssl_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100325_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101213_openssl_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-01-04 Name : The remote server is affected by a signature validation bypass vulnerability.
File : openssl_0_9_8j.nasl - Type : ACT_GATHER_INFO
2012-01-04 Name : The remote server is affected by multiple vulnerabilities.
File : openssl_0_9_8k.nasl - Type : ACT_GATHER_INFO
2012-01-04 Name : The remote server is affected by a signature repudiation vulnerability.
File : openssl_0_9_8k_CMS.nasl - Type : ACT_GATHER_INFO
2012-01-04 Name : The remote server is affected by multiple vulnerabilities.
File : openssl_0_9_8l.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-7645.nasl - Type : ACT_GATHER_INFO
2011-10-10 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-01.nasl - Type : ACT_GATHER_INFO
2011-07-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO
2011-07-28 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-7644.nasl - Type : ACT_GATHER_INFO
2011-06-24 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_6_8.nasl - Type : ACT_GATHER_INFO
2011-05-28 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-014-02.nasl - Type : ACT_GATHER_INFO
2011-01-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0977.nasl - Type : ACT_GATHER_INFO
2010-12-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0977.nasl - Type : ACT_GATHER_INFO
2010-12-08 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0019.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libopenssl-devel-100331.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openssl-6944.nasl - Type : ACT_GATHER_INFO
2010-10-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1003-1.nasl - Type : ACT_GATHER_INFO
2010-10-04 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0015.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-5357.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-5744.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-8742.nasl - Type : ACT_GATHER_INFO
2010-06-01 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0162.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0163.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0173.nasl - Type : ACT_GATHER_INFO
2010-04-19 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-076.nasl - Type : ACT_GATHER_INFO
2010-04-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libopenssl-devel-100331.nasl - Type : ACT_GATHER_INFO
2010-04-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libopenssl-devel-100401.nasl - Type : ACT_GATHER_INFO
2010-04-02 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12606.nasl - Type : ACT_GATHER_INFO
2010-03-31 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openssl-6943.nasl - Type : ACT_GATHER_INFO
2010-03-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0162.nasl - Type : ACT_GATHER_INFO
2010-03-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0163.nasl - Type : ACT_GATHER_INFO
2010-03-26 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2010-0173.nasl - Type : ACT_GATHER_INFO
2010-03-11 Name : The remote web server has multiple SSL-related vulnerabilities.
File : openssl_0_9_8m.nasl - Type : ACT_GATHER_INFO
2010-03-05 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO
2010-03-02 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-060-02.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-0046.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1335.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12341.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12397.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_compat-openssl097g-090416.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libopenssl-devel-090415.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-5957.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_compat-openssl097g-6170.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openssl-5949.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_openssl-6179.nasl - Type : ACT_GATHER_INFO
2009-09-11 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO
2009-07-27 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2009-0004.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_compat-openssl097g-090127.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_compat-openssl097g-090416.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libopenssl-devel-090121.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libopenssl-devel-090415.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_compat-openssl097g-090204.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_compat-openssl097g-090416.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libopenssl-devel-090121.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libopenssl-devel-090415.nasl - Type : ACT_GATHER_INFO
2009-05-20 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_3_0_1_73.nasl - Type : ACT_GATHER_INFO
2009-05-13 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO
2009-05-13 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO
2009-05-08 Name : The remote host is missing a security update
File : freebsd_pkg_fbc8413f2f7a11de9a3f001b77d09812.nasl - Type : ACT_GATHER_INFO
2009-04-30 Name : The remote openSUSE host is missing a security update.
File : suse_compat-openssl097g-6175.nasl - Type : ACT_GATHER_INFO
2009-04-30 Name : The remote openSUSE host is missing a security update.
File : suse_libopenssl-devel-6173.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2009-0331.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2009-0544.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-001.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-037.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-087.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-704-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-705-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-706-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-750-1.nasl - Type : ACT_GATHER_INFO
2009-04-08 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-098-01.nasl - Type : ACT_GATHER_INFO
2009-04-07 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1763.nasl - Type : ACT_GATHER_INFO
2009-04-07 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200904-05.nasl - Type : ACT_GATHER_INFO
2009-04-07 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200904-08.nasl - Type : ACT_GATHER_INFO
2009-02-13 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200902-02.nasl - Type : ACT_GATHER_INFO
2009-02-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0020.nasl - Type : ACT_GATHER_INFO
2009-01-29 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-0046.nasl - Type : ACT_GATHER_INFO
2009-01-28 Name : The remote openSUSE host is missing a security update.
File : suse_compat-openssl097g-5964.nasl - Type : ACT_GATHER_INFO
2009-01-26 Name : The remote Fedora host is missing a security update.
File : fedora_2009-0547.nasl - Type : ACT_GATHER_INFO
2009-01-26 Name : The remote openSUSE host is missing a security update.
File : suse_libopenssl-devel-5951.nasl - Type : ACT_GATHER_INFO
2009-01-16 Name : The remote Fedora host is missing a security update.
File : fedora_2009-0325.nasl - Type : ACT_GATHER_INFO
2009-01-15 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-014-01.nasl - Type : ACT_GATHER_INFO
2009-01-15 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-014-03.nasl - Type : ACT_GATHER_INFO
2009-01-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1701.nasl - Type : ACT_GATHER_INFO
2009-01-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1702.nasl - Type : ACT_GATHER_INFO
2009-01-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0020.nasl - Type : ACT_GATHER_INFO
2009-01-08 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0004.nasl - Type : ACT_GATHER_INFO
2009-01-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0004.nasl - Type : ACT_GATHER_INFO