oval:org.mitre.oval:def:22306

Definition Id: oval:org.mitre.oval:def:22306

Oval ID:	oval:org.mitre.oval:def:22306
Title:	ELSA-2010:0978: openssl security update (Moderate)
Description:	OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0978-01 CVE-2008-7270 CVE-2010-4180	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	openssl
Definition Synopsis:
Oracle Linux 5.x rpm test openssl is earlier than 0:0.9.8e-12.el5_5.7 AND openssl-perl is earlier than 0:0.9.8e-12.el5_5.7 AND openssl-devel is earlier than 0:0.9.8e-12.el5_5.7

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:22306