Executive Summary
| Summary | |
|---|---|
| Title | OpenSSL: Multiple vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | GLSA-201110-01 | First vendor Publication | 2011-10-09 |
| Vendor | Gentoo | Last vendor Modification | 2011-10-09 |
| Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Synopsis Multiple vulnerabilities were found in OpenSSL, allowing for the execution of arbitrary code and other attacks. Background Description Impact Workaround Resolution NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 17, 2011. It is likely that your system is already no longer affected by most of these issues. References Availability http://security.gentoo.org/glsa/glsa-201110-01.xml |
Original Source
| Url : http://security.gentoo.org/glsa/glsa-201110-01.xml |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 33 % | CWE-399 | Resource Management Errors |
| 25 % | CWE-20 | Improper Input Validation |
| 17 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 8 % | CWE-362 | Race Condition |
| 8 % | CWE-310 | Cryptographic Issues |
| 8 % | CWE-287 | Improper Authentication |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11260 | |||
| Oval ID: | oval:org.mitre.oval:def:11260 | ||
| Title: | Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. | ||
| Description: | Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4355 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12299 | |||
| Oval ID: | oval:org.mitre.oval:def:12299 | ||
| Title: | DSA-2100-1 openssl -- double free | ||
| Description: | George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code. For the stable distribution, this problem has been fixed in version 0.9.8g-15+lenny8. For the unstable distribution, this problem has been fixed in version 0.9.8o-2. We recommend that you upgrade your openssl packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2100-1 CVE-2010-2939 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12481 | |||
| Oval ID: | oval:org.mitre.oval:def:12481 | ||
| Title: | DSA-2141-4 lighttpd -- compatibility problem with updated openssl | ||
| Description: | The openssl update in DSA-2141-1 caused a regression in lighttpd. Due to a bug in lighttpd, the server fails to start in some configurations if using the updated openssl libraries. This update fixes this problem. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2141-4 CVE-2009-3555 CVE-2010-4180 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | lighttpd |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12486 | |||
| Oval ID: | oval:org.mitre.oval:def:12486 | ||
| Title: | USN-884-1 -- openssl vulnerability | ||
| Description: | It was discovered that OpenSSL did not correctly free unused memory in certain situations. A remote attacker could trigger this flaw in services that used SSL, causing the service to use all available system memory, leading to a denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-884-1 CVE-2009-4355 | Version: | 5 |
| Platform(s): | Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.10 Ubuntu 6.06 Ubuntu 9.04 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12573 | |||
| Oval ID: | oval:org.mitre.oval:def:12573 | ||
| Title: | DSA-2141-3 apache2 -- backward compatibility option for SSL/TLS insecure | ||
| Description: | DSA-2141-1 changed the behaviour of the openssl libraries in a server environment to only allow SSL/TLS renegotiation for clients that support the RFC5746 renegotiation extension. This update to apache2 adds the new SSLInsecureRenegotiation configuration option that allows to restore support for insecure clients. More information can be found in the file /usr/share/doc/apache2.2-common/NEWS.Debian.gz . | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2141-3 CVE-2009-3555 CVE-2010-4180 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | apache2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12598 | |||
| Oval ID: | oval:org.mitre.oval:def:12598 | ||
| Title: | DSA-2125-1 openssl -- buffer overflow | ||
| Description: | A flaw has been found in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. This allows an attacker to cause an appliation crash or potentially to execute arbitrary code. However, not all OpenSSL based SSL/TLS servers are vulnerable: A server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. In particular the Apache HTTP server and Stunnel are NOT affected. This upgrade fixes this issue. After the upgrade, any services using the openssl libraries need to be restarted. The checkrestart script from the debian-goodies package or lsof can help to find out which services need to be restarted. A note to users of the tor packages from the Debian backports or Debian volatile: This openssl update causes problems with some versions of tor. You need to update to tor 0.2.1.26-4~bpo50+1 or 0.2.1.26-1~lennyvolatile2, respectively. The tor package version 0.2.0.35-1~lenny2 from Debian stable is not affected by these problems. For the stable distribution, the problem has been fixed in openssl version 0.9.8g-15+lenny9. For the testing distribution and the unstable distribution, this problem has been fixed in version 0.9.8o-3. We recommend that you upgrade your openssl packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2125-1 CVE-2010-3864 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12707 | |||
| Oval ID: | oval:org.mitre.oval:def:12707 | ||
| Title: | DSA-2141-1 openssl -- SSL/TLS insecure renegotiation protocol design flaw | ||
| Description: | CVE-2009-3555: Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension which fixes this issue. If openssl is used in a server application, it will by default no longer accept renegotiation from clients that do not support the RFC5746 secure renegotiation extension. A separate advisory will add RFC5746 support for nss, the security library used by the iceweasel web browser. For apache2, there will be an update which allows to re-enable insecure renegotiation. This version of openssl is not compatible with older versions of tor. You have to use at least tor version 0.2.1.26-1~lenny+1, which has been included in the point release 5.0.7 of Debian stable. Currently we are not aware of other software with similar compatibility problems. CVE-2010-4180: In addition, this update fixes a flaw that allowed a client to bypass restrictions configured in the server for the used cipher suite. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2141-1 CVE-2009-3555 CVE-2010-4180 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12801 | |||
| Oval ID: | oval:org.mitre.oval:def:12801 | ||
| Title: | DSA-2141-2 nss -- SSL/TLS insecure renegotiation protocol design flaw | ||
| Description: | CVE-2009-3555: Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for the new RFC5746 renegotiation extension which fixes this issue. The updated libraries allow to use shell environment variables to configure if insecure renegotiation is still allowed. The syntax of these environment variables is described in the release notes to version 3.12.6 of nss: https://developer.mozilla.org/NSS_3.12.6_release_notes However, the default behaviour for nss in Debian 5.0 is NSS_SSL_ENABLE_RENEGOTIATION=3, which allows clients to continue to renegotiate with vulnerable servers. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2141-2 CVE-2009-3555 CVE-2010-4180 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | nss |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12844 | |||
| Oval ID: | oval:org.mitre.oval:def:12844 | ||
| Title: | USN-1003-1 -- openssl vulnerabilities | ||
| Description: | It was discovered that OpenSSL incorrectly handled return codes from the bn_wexpand function calls. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. It was discovered that OpenSSL incorrectly handled certain private keys with an invalid prime. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1003-1 CVE-2009-3245 CVE-2010-2939 | Version: | 5 |
| Platform(s): | Ubuntu 9.04 Ubuntu 9.10 Ubuntu 6.06 Ubuntu 8.04 Ubuntu 10.10 Ubuntu 10.04 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12932 | |||
| Oval ID: | oval:org.mitre.oval:def:12932 | ||
| Title: | DSA-2162-1 openssl -- invalid memory access | ||
| Description: | Neel Mehta discovered that an incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension. Packages in the oldstable distribution are not affected by this problem. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2162-1 CVE-2011-0014 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:13303 | |||
| Oval ID: | oval:org.mitre.oval:def:13303 | ||
| Title: | DSA-1970-1 openssl -- denial of service | ||
| Description: | It was discovered that a significant memory leak could occur in openssl, related to the reinitialisation of zlib. This could result in a remotely exploitable denial of service vulnerability when using the Apache httpd server in a configuration where mod_ssl, mod_php5, and the php5-curl extension are loaded. The old stable distribution is not affected by this issue. For the stable distribution, this problem has been fixed in version 0.9.8g-15+lenny6. The packages for the arm architecture are not included in this advisory. They will be released as soon as they become available. For the testing distribution and the unstable distribution, this problem will be fixed soon. The issue does not seem to be exploitable with the apache2 package contained in squeeze/sid. We recommend that you upgrade your openssl packages. You also need to restart your Apache httpd server to make sure it uses the updated libraries. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1970-1 CVE-2009-4355 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:13383 | |||
| Oval ID: | oval:org.mitre.oval:def:13383 | ||
| Title: | USN-1018-1 -- openssl vulnerability | ||
| Description: | Rob Hulswit discovered a race condition in the OpenSSL TLS server extension parsing code when used within a threaded server. A remote attacker could trigger this flaw to cause a denial of service or possibly execute arbitrary code with application privileges | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1018-1 CVE-2010-3864 | Version: | 5 |
| Platform(s): | Ubuntu 8.04 Ubuntu 10.10 Ubuntu 9.10 Ubuntu 10.04 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13649 | |||
| Oval ID: | oval:org.mitre.oval:def:13649 | ||
| Title: | USN-1064-1 -- openssl vulnerability | ||
| Description: | Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1064-1 CVE-2011-0014 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 Ubuntu 10.04 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18910 | |||
| Oval ID: | oval:org.mitre.oval:def:18910 | ||
| Title: | OpenSSL vulnerability before 0.9.8q, and 1.0.x before 1.0.0c in VisualSVN Server (CVE-2010-4180) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 5 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | VisualSVN Server |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18985 | |||
| Oval ID: | oval:org.mitre.oval:def:18985 | ||
| Title: | OpenSSL vulnerability 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c in VisualSVN Server (CVE-2011-0014) | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0014 | Version: | 5 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | VisualSVN Server |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19039 | |||
| Oval ID: | oval:org.mitre.oval:def:19039 | ||
| Title: | OpenSSL vulnerability before 1.0.0c in VisualSVN Server (CVE-2010-4252) | ||
| Description: | OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4252 | Version: | 5 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | VisualSVN Server |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19752 | |||
| Oval ID: | oval:org.mitre.oval:def:19752 | ||
| Title: | VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20422 | |||
| Oval ID: | oval:org.mitre.oval:def:20422 | ||
| Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
| Description: | Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3864 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20537 | |||
| Oval ID: | oval:org.mitre.oval:def:20537 | ||
| Title: | Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | ||
| Description: | Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2939 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20561 | |||
| Oval ID: | oval:org.mitre.oval:def:20561 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4252 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20568 | |||
| Oval ID: | oval:org.mitre.oval:def:20568 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0014 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20685 | |||
| Oval ID: | oval:org.mitre.oval:def:20685 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3864 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20705 | |||
| Oval ID: | oval:org.mitre.oval:def:20705 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20732 | |||
| Oval ID: | oval:org.mitre.oval:def:20732 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0014 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20741 | |||
| Oval ID: | oval:org.mitre.oval:def:20741 | ||
| Title: | "Record of death" vulnerability | ||
| Description: | The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-0740 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20828 | |||
| Oval ID: | oval:org.mitre.oval:def:20828 | ||
| Title: | Multiple OpenSSL vulnerabilities | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20886 | |||
| Oval ID: | oval:org.mitre.oval:def:20886 | ||
| Title: | "Record of death" vulnerability | ||
| Description: | The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-0433 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20930 | |||
| Oval ID: | oval:org.mitre.oval:def:20930 | ||
| Title: | "Record of death" vulnerability | ||
| Description: | OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-3245 | Version: | 4 |
| Platform(s): | IBM AIX 6.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20975 | |||
| Oval ID: | oval:org.mitre.oval:def:20975 | ||
| Title: | RHSA-2011:0677: openssl security, bug fix, and enhancement update (Moderate) | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0677-01 CVE-2011-0014 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21649 | |||
| Oval ID: | oval:org.mitre.oval:def:21649 | ||
| Title: | RHSA-2011:1409: openssl security update (Moderate) | ||
| Description: | crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:1409-01 CVE-2011-3207 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21795 | |||
| Oval ID: | oval:org.mitre.oval:def:21795 | ||
| Title: | RHSA-2010:0054: openssl security update (Moderate) | ||
| Description: | Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0054-01 CESA-2010:0054 CVE-2009-2409 CVE-2009-4355 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22038 | |||
| Oval ID: | oval:org.mitre.oval:def:22038 | ||
| Title: | RHSA-2010:0978: openssl security update (Moderate) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0978-01 CESA-2010:0978 CVE-2008-7270 CVE-2010-4180 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22097 | |||
| Oval ID: | oval:org.mitre.oval:def:22097 | ||
| Title: | RHSA-2010:0979: openssl security update (Moderate) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0979-01 CVE-2010-4180 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22196 | |||
| Oval ID: | oval:org.mitre.oval:def:22196 | ||
| Title: | RHSA-2010:0162: openssl security update (Important) | ||
| Description: | The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0162-01 CESA-2010:0162 CVE-2009-3245 CVE-2009-3555 CVE-2010-0433 | Version: | 42 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22306 | |||
| Oval ID: | oval:org.mitre.oval:def:22306 | ||
| Title: | ELSA-2010:0978: openssl security update (Moderate) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0978-01 CVE-2008-7270 CVE-2010-4180 | Version: | 13 |
| Platform(s): | Oracle Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22343 | |||
| Oval ID: | oval:org.mitre.oval:def:22343 | ||
| Title: | RHSA-2010:0888: openssl security update (Important) | ||
| Description: | Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0888-01 CVE-2010-3864 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22780 | |||
| Oval ID: | oval:org.mitre.oval:def:22780 | ||
| Title: | ELSA-2010:0979: openssl security update (Moderate) | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0979-01 CVE-2010-4180 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22987 | |||
| Oval ID: | oval:org.mitre.oval:def:22987 | ||
| Title: | ELSA-2010:0054: openssl security update (Moderate) | ||
| Description: | Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0054-01 CVE-2009-2409 CVE-2009-4355 | Version: | 13 |
| Platform(s): | Oracle Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23054 | |||
| Oval ID: | oval:org.mitre.oval:def:23054 | ||
| Title: | ELSA-2010:0162: openssl security update (Important) | ||
| Description: | The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0162-01 CVE-2009-3245 CVE-2009-3555 CVE-2010-0433 | Version: | 17 |
| Platform(s): | Oracle Linux 5 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23375 | |||
| Oval ID: | oval:org.mitre.oval:def:23375 | ||
| Title: | ELSA-2011:1409: openssl security update (Moderate) | ||
| Description: | crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:1409-01 CVE-2011-3207 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23416 | |||
| Oval ID: | oval:org.mitre.oval:def:23416 | ||
| Title: | ELSA-2011:0677: openssl security, bug fix, and enhancement update (Moderate) | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:0677-01 CVE-2011-0014 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23654 | |||
| Oval ID: | oval:org.mitre.oval:def:23654 | ||
| Title: | ELSA-2010:0888: openssl security update (Important) | ||
| Description: | Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0888-01 CVE-2010-3864 | Version: | 6 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24436 | |||
| Oval ID: | oval:org.mitre.oval:def:24436 | ||
| Title: | Vulnerability in OpenSSL 1.0.0a, 0.9.8, 0.9.7, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code | ||
| Description: | Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-2939 | Version: | 4 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24643 | |||
| Oval ID: | oval:org.mitre.oval:def:24643 | ||
| Title: | Vulnerability in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c, allows remote attackers to cause a denial of service (crash) | ||
| Description: | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-0014 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24702 | |||
| Oval ID: | oval:org.mitre.oval:def:24702 | ||
| Title: | Vulnerability in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, might allow remote attackers to execute arbitrary code | ||
| Description: | Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-3864 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24792 | |||
| Oval ID: | oval:org.mitre.oval:def:24792 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8n, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) | ||
| Description: | The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0433 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24950 | |||
| Oval ID: | oval:org.mitre.oval:def:24950 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8o and 1.x before 1.0.0a, allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code | ||
| Description: | The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0742 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24952 | |||
| Oval ID: | oval:org.mitre.oval:def:24952 | ||
| Title: | Vulnerability in OpenSSL 1.x before 1.0.0a, might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information | ||
| Description: | RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1633 | Version: | 4 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24954 | |||
| Oval ID: | oval:org.mitre.oval:def:24954 | ||
| Title: | Vulnerability in OpenSSL 1.0.x before 1.0.0e, does not initialize certain structure members | ||
| Description: | crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-3207 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24969 | |||
| Oval ID: | oval:org.mitre.oval:def:24969 | ||
| Title: | Vulnerability in OpenSSL 0.9.8q, and 1.0.x before 1.0.0c, does not properly prevent modification of the ciphersuite in the session cache | ||
| Description: | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4180 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24993 | |||
| Oval ID: | oval:org.mitre.oval:def:24993 | ||
| Title: | Vulnerability in OpenSSL before 1.0.0c, does not properly validate the public parameters in the J-PAKE protocol | ||
| Description: | OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-4252 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25015 | |||
| Oval ID: | oval:org.mitre.oval:def:25015 | ||
| Title: | Vulnerability in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e, allows remote attackers to cause a denial of service (daemon crash) | ||
| Description: | The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2011-3210 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25065 | |||
| Oval ID: | oval:org.mitre.oval:def:25065 | ||
| Title: | Vulnerability in OpenSSL 0.9.8f through 0.9.8m, allows remote attackers to cause a denial of service (crash) | ||
| Description: | The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0740 | Version: | 4 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25124 | |||
| Oval ID: | oval:org.mitre.oval:def:25124 | ||
| Title: | Vulnerability in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4, allows remote attackers to cause a denial of service (memory consumption) | ||
| Description: | Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2009-4355 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25158 | |||
| Oval ID: | oval:org.mitre.oval:def:25158 | ||
| Title: | Vulnerability in OpenSSL before 0.9.8m, does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c | ||
| Description: | OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2009-3245 | Version: | 3 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25193 | |||
| Oval ID: | oval:org.mitre.oval:def:25193 | ||
| Title: | SUSE-SU-2013:1165-1 -- Security update for libcurl4 | ||
| Description: | This update of curl fixes several security issues: * libcurl URL decode buffer boundary flaw (bnc#824517 / CVE-2013-2174) * cookie domain tailmatch (bnc#814655 / CVE-2013-1944) * curl sets SSL_OP_ALL (bnc#742306 / CVE-2011-3389) * When SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier (CVE-2010-4180) | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:1165-1 CVE-2013-2174 CVE-2013-1944 CVE-2011-3389 CVE-2010-4180 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Desktop 10 | Product(s): | libcurl4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:28024 | |||
| Oval ID: | oval:org.mitre.oval:def:28024 | ||
| Title: | DEPRECATED: ELSA-2011-0677 -- openssl security, bug fix, and enhancement update (moderate) | ||
| Description: | [1.0.0-10] - fix OCSP stapling vulnerability - CVE-2011-0014 (#676063) - correct the README.FIPS document [1.0.0-8] - add -x931 parameter to openssl genrsa command to use the ANSI X9.31 key generation method - use FIPS-186-3 method for DSA parameter generation - add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable to allow using MD5 when the system is in the maintenance state even if the /proc fips flag is on - make openssl pkcs12 command work by default in the FIPS mode [1.0.0-7] - listen on ipv6 wildcard in s_server so we accept connections from both ipv4 and ipv6 (#601612) - fix openssl speed command so it can be used in the FIPS mode with FIPS allowed ciphers (#619762) [1.0.0-6] - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304) [1.0.0-5] - fix race in extension parsing code - CVE-2010-3864 (#649304) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0677 CVE-2011-0014 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:28075 | |||
| Oval ID: | oval:org.mitre.oval:def:28075 | ||
| Title: | DEPRECATED: ELSA-2011-1409 -- openssl security update (moderate) | ||
| Description: | [1.0.0-10.5] - initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207 (#736087) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-1409 CVE-2011-3207 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:28187 | |||
| Oval ID: | oval:org.mitre.oval:def:28187 | ||
| Title: | DEPRECATED: ELSA-2010-0979 -- openssl security update (moderate) | ||
| Description: | [1.0.0-4.2] - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304) [1.0.0-4.1] - fix race in extension parsing code - CVE-2010-3864 (#649304) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010-0979 CVE-2010-3864 CVE-2010-4180 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | openssl |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6640 | |||
| Oval ID: | oval:org.mitre.oval:def:6640 | ||
| Title: | VMware ESX, Service Console update for OpenSSL, GnuTLS, NSS and NSPR. | ||
| Description: | OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-3245 | Version: | 5 |
| Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6678 | |||
| Oval ID: | oval:org.mitre.oval:def:6678 | ||
| Title: | OpenSSL 'zlib' Compression Memory Leak Remote Denial of Service Vulnerability | ||
| Description: | Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4355 | Version: | 5 |
| Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6718 | |||
| Oval ID: | oval:org.mitre.oval:def:6718 | ||
| Title: | VMware ESX, Service Console update for OpenSSL, GnuTLS, NSS and NSPR. | ||
| Description: | The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-0433 | Version: | 5 |
| Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6964 | |||
| Oval ID: | oval:org.mitre.oval:def:6964 | ||
| Title: | DSA-1970 openssl -- denial of service | ||
| Description: | It was discovered that a significant memory leak could occur in OpenSSL, related to the reinitialisation of zlib. This could result in a remotely exploitable denial of service vulnerability when using the Apache httpd server in a configuration where mod_ssl, mod_php5, and the php5-curl extension are loaded. The old stable distribution is not affected by this issue. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1970 CVE-2009-4355 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | openssl |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:9790 | |||
| Oval ID: | oval:org.mitre.oval:def:9790 | ||
| Title: | OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. | ||
| Description: | OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-3245 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:9856 | |||
| Oval ID: | oval:org.mitre.oval:def:9856 | ||
| Title: | The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. | ||
| Description: | The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-0433 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2010-04-22 | OpenSSL remote DoS |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
| 2012-07-30 | Name : CentOS Update for openssl CESA-2010:0977 centos4 x86_64 File : nvt/gb_CESA-2010_0977_openssl_centos4_x86_64.nasl |
| 2012-07-09 | Name : RedHat Update for openssl RHSA-2011:1409-01 File : nvt/gb_RHSA-2011_1409-01_openssl.nasl |
| 2012-06-06 | Name : RedHat Update for openssl RHSA-2011:0677-01 File : nvt/gb_RHSA-2011_0677-01_openssl.nasl |
| 2012-06-04 | Name : Fedora Update for openssl FEDORA-2012-8024 File : nvt/gb_fedora_2012_8024_openssl_fc15.nasl |
| 2012-05-11 | Name : Fedora Update for openssl FEDORA-2012-6395 File : nvt/gb_fedora_2012_6395_openssl_fc15.nasl |
| 2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
| 2012-04-13 | Name : Fedora Update for openssl FEDORA-2012-4659 File : nvt/gb_fedora_2012_4659_openssl_fc15.nasl |
| 2012-03-19 | Name : Fedora Update for openssl FEDORA-2011-12233 File : nvt/gb_fedora_2011_12233_openssl_fc16.nasl |
| 2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
| 2012-03-15 | Name : VMSA-2011-0013.2 VMware third party component updates for VMware vCenter Serv... File : nvt/gb_VMSA-2011-0013.nasl |
| 2012-02-13 | Name : Ubuntu Update for openssl USN-1357-1 File : nvt/gb_ubuntu_USN_1357_1.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-01 (openssl) File : nvt/glsa_201110_01.nasl |
| 2012-01-25 | Name : Fedora Update for openssl FEDORA-2012-0702 File : nvt/gb_fedora_2012_0702_openssl_fc15.nasl |
| 2012-01-16 | Name : Fedora Update for openssl FEDORA-2012-0250 File : nvt/gb_fedora_2012_0250_openssl_fc15.nasl |
| 2011-09-30 | Name : Mandriva Update for openssl MDVSA-2011:137 (openssl) File : nvt/gb_mandriva_MDVSA_2011_137.nasl |
| 2011-09-21 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl4.nasl |
| 2011-09-12 | Name : Fedora Update for openssl FEDORA-2011-12281 File : nvt/gb_fedora_2011_12281_openssl_fc14.nasl |
| 2011-08-19 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004) File : nvt/secpod_macosx_su11-004.nasl |
| 2011-08-09 | Name : CentOS Update for openssl CESA-2010:0978 centos5 i386 File : nvt/gb_CESA-2010_0978_openssl_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for openssl CESA-2010:0054 centos5 i386 File : nvt/gb_CESA-2010_0054_openssl_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for openssl CESA-2010:0162 centos5 i386 File : nvt/gb_CESA-2010_0162_openssl_centos5_i386.nasl |
| 2011-05-05 | Name : Fedora Update for mingw32-openssl FEDORA-2011-5876 File : nvt/gb_fedora_2011_5876_mingw32-openssl_fc13.nasl |
| 2011-05-05 | Name : Fedora Update for mingw32-openssl FEDORA-2011-5865 File : nvt/gb_fedora_2011_5865_mingw32-openssl_fc14.nasl |
| 2011-05-05 | Name : HP-UX Update for OpenSSL HPSBUX02638 File : nvt/gb_hp_ux_HPSBUX02638.nasl |
| 2011-03-24 | Name : Fedora Update for openssl FEDORA-2011-1255 File : nvt/gb_fedora_2011_1255_openssl_fc13.nasl |
| 2011-03-07 | Name : Debian Security Advisory DSA 2162-1 (openssl) File : nvt/deb_2162_1.nasl |
| 2011-02-18 | Name : Ubuntu Update for openssl vulnerability USN-1064-1 File : nvt/gb_ubuntu_USN_1064_1.nasl |
| 2011-02-18 | Name : Mandriva Update for openssl MDVSA-2011:028 (openssl) File : nvt/gb_mandriva_MDVSA_2011_028.nasl |
| 2011-02-16 | Name : Fedora Update for openssl FEDORA-2011-1273 File : nvt/gb_fedora_2011_1273_openssl_fc14.nasl |
| 2011-01-31 | Name : CentOS Update for openssl CESA-2010:0977 centos4 i386 File : nvt/gb_CESA-2010_0977_openssl_centos4_i386.nasl |
| 2011-01-24 | Name : FreeBSD Ports: openssl File : nvt/freebsd_openssl3.nasl |
| 2011-01-24 | Name : FreeBSD Security Advisory (FreeBSD-SA-10:10.openssl.asc) File : nvt/freebsdsa_openssl8.nasl |
| 2011-01-04 | Name : HP-UX Update for OpenSSL HPSBUX02610 File : nvt/gb_hp_ux_HPSBUX02610.nasl |
| 2010-12-28 | Name : RedHat Update for openssl RHSA-2010:0977-01 File : nvt/gb_RHSA-2010_0977-01_openssl.nasl |
| 2010-12-28 | Name : Fedora Update for openssl FEDORA-2010-18765 File : nvt/gb_fedora_2010_18765_openssl_fc14.nasl |
| 2010-12-28 | Name : Fedora Update for openssl FEDORA-2010-18736 File : nvt/gb_fedora_2010_18736_openssl_fc13.nasl |
| 2010-12-28 | Name : RedHat Update for openssl RHSA-2010:0978-01 File : nvt/gb_RHSA-2010_0978-01_openssl.nasl |
| 2010-12-23 | Name : Mandriva Update for openssl MDVSA-2010:248 (openssl) File : nvt/gb_mandriva_MDVSA_2010_248.nasl |
| 2010-12-23 | Name : Ubuntu Update for openssl vulnerabilities USN-1029-1 File : nvt/gb_ubuntu_USN_1029_1.nasl |
| 2010-12-02 | Name : Fedora Update for openssl FEDORA-2010-17827 File : nvt/gb_fedora_2010_17827_openssl_fc14.nasl |
| 2010-11-23 | Name : Mandriva Update for openssl MDVSA-2010:238 (openssl) File : nvt/gb_mandriva_MDVSA_2010_238.nasl |
| 2010-11-23 | Name : Fedora Update for openssl FEDORA-2010-17847 File : nvt/gb_fedora_2010_17847_openssl_fc13.nasl |
| 2010-11-23 | Name : Fedora Update for openssl FEDORA-2010-17826 File : nvt/gb_fedora_2010_17826_openssl_fc12.nasl |
| 2010-11-23 | Name : Ubuntu Update for openssl vulnerability USN-1018-1 File : nvt/gb_ubuntu_USN_1018_1.nasl |
| 2010-10-19 | Name : Ubuntu Update for openssl vulnerabilities USN-1003-1 File : nvt/gb_ubuntu_USN_1003_1.nasl |
| 2010-10-10 | Name : Debian Security Advisory DSA 2100-1 (openssl) File : nvt/deb_2100_1.nasl |
| 2010-09-27 | Name : Mandriva Update for openssl MDVSA-2010:168 (openssl) File : nvt/gb_mandriva_MDVSA_2010_168.nasl |
| 2010-08-10 | Name : OpenSSL 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption Vulnerability File : nvt/gb_openssl_42306.nasl |
| 2010-06-25 | Name : Fedora Update for openssl FEDORA-2010-9421 File : nvt/gb_fedora_2010_9421_openssl_fc11.nasl |
| 2010-06-18 | Name : Fedora Update for openssl FEDORA-2010-9639 File : nvt/gb_fedora_2010_9639_openssl_fc12.nasl |
| 2010-06-18 | Name : Fedora Update for openssl FEDORA-2010-9574 File : nvt/gb_fedora_2010_9574_openssl_fc13.nasl |
| 2010-06-07 | Name : HP-UX Update for Apache-based Web Server HPSBUX02531 File : nvt/gb_hp_ux_HPSBUX02531.nasl |
| 2010-06-04 | Name : OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability File : nvt/gb_openssl_40502.nasl |
| 2010-05-28 | Name : Fedora Update for openssl FEDORA-2010-8742 File : nvt/gb_fedora_2010_8742_openssl_fc12.nasl |
| 2010-04-30 | Name : HP-UX Update for OpenSSL HPSBUX02517 File : nvt/gb_hp_ux_HPSBUX02517.nasl |
| 2010-04-29 | Name : Mandriva Update for openssl MDVSA-2010:076-1 (openssl) File : nvt/gb_mandriva_MDVSA_2010_076_1.nasl |
| 2010-04-20 | Name : OpenSSL 'ssl3_get_record()' Remote Denial of Service Vulnerability File : nvt/gb_openssl_39013.nasl |
| 2010-04-20 | Name : OpenSSL 'dtls1_retrieve_buffered_fragment()' Remote Denial of Service Vulnera... File : nvt/gb_openssl_38533.nasl |
| 2010-04-19 | Name : Mandriva Update for openssl MDVSA-2010:076 (openssl) File : nvt/gb_mandriva_MDVSA_2010_076.nasl |
| 2010-04-19 | Name : Fedora Update for openssl FEDORA-2010-5357 File : nvt/gb_fedora_2010_5357_openssl_fc11.nasl |
| 2010-03-31 | Name : CentOS Update for openssl096b CESA-2010:0173 centos3 i386 File : nvt/gb_CESA-2010_0173_openssl096b_centos3_i386.nasl |
| 2010-03-31 | Name : CentOS Update for openssl096b CESA-2010:0173 centos4 i386 File : nvt/gb_CESA-2010_0173_openssl096b_centos4_i386.nasl |
| 2010-03-31 | Name : RedHat Update for openssl RHSA-2010:0162-01 File : nvt/gb_RHSA-2010_0162-01_openssl.nasl |
| 2010-03-31 | Name : RedHat Update for openssl096b RHSA-2010:0173-02 File : nvt/gb_RHSA-2010_0173-02_openssl096b.nasl |
| 2010-03-10 | Name : OpenSSL 'bn_wexpand()' Multiple Vulnerabilities (Win) File : nvt/gb_openssl_bnwexpand_mul_vuln_win.nasl |
| 2010-03-10 | Name : OpenSSL 'kssl_keytab_is_available()' Denial Of Service Vulnerability (Win) File : nvt/gb_openssl_sslkss_dos_vuln_win.nasl |
| 2010-03-02 | Name : Mandriva Update for rsh MDVA-2010:076 (rsh) File : nvt/gb_mandriva_MDVA_2010_076.nasl |
| 2010-01-29 | Name : SuSE Update for acroread SUSE-SA:2010:008 File : nvt/gb_suse_2010_008.nasl |
| 2010-01-22 | Name : Mandriva Update for openssl MDVSA-2010:022 (openssl) File : nvt/gb_mandriva_MDVSA_2010_022.nasl |
| 2010-01-20 | Name : RedHat Update for openssl RHSA-2010:0054-01 File : nvt/gb_RHSA-2010_0054-01_openssl.nasl |
| 2010-01-19 | Name : Ubuntu Update for openssl vulnerability USN-884-1 File : nvt/gb_ubuntu_USN_884_1.nasl |
| 0000-00-00 | Name : OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability File : nvt/gb_openssl_38562.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2010-090-01 openssl File : nvt/esoft_slk_ssa_2010_090_01.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2011-041-04 openssl File : nvt/esoft_slk_ssa_2011_041_04.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2010-060-02 openssl File : nvt/esoft_slk_ssa_2010_060_02.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2010-326-01 openssl File : nvt/esoft_slk_ssa_2010_326_01.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2010-340-01 openssl File : nvt/esoft_slk_ssa_2010_340_01.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 75230 | OpenSSL Ephemeral ECDH Ciphersuites Handshake Message Parsing Remote DoS |
| 75229 | OpenSSL Certificate Revocation Lists (CRL) nextUpdate Field Remote DoS |
| 70847 | OpenSSL ClientHello Handshake Message Parsing Invalid Memory Access OpenSSL contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs while parsing malformed ClientHello handshake messages, which may be exploited to trigger an invalid memory access with a crafted ClientHello handshake message. This may allow a remote attacker to cause a denial of service. Certain applications which use SSL may also allow the disclosure of the contents of parsed OCSP extensions. |
| 69657 | OpenSSL J-PAKE Public Parameter Validation Shared Secret Authentication Bypass OpenSSL contains a flaw related to public parameter validation of the J-PAKE protocol. The issue is triggered when a remote attacker uses crafted values for each round of the protocol to avoid the requirement for the shared sacred and bypass authentication. |
| 69565 | OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Do... OpenSSL contains a flaw related to the SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG workaround in the SSL/TLS server code. The issue is triggered when a remote attacker downgrades the cached ciphersuite, leading to the client using a weaker ciphersuite. |
| 69265 | OpenSSL TLS Server ssl/t1_lib.c Extension Parsing Race Condition Overflow OpenSSL TLS Server is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted request, a remote attacker can cause a denial of service and potentially compromise an application using the library. |
| 66946 | OpenSSL ssl/s3_clnt.c ssl3_get_key_exchange() Function Use-After-Free DoS |
| 65058 | OpenSSL Verification Recovery Process EVP_PKEY_verify_recover() RSA Key Valid... |
| 65057 | OpenSSL Cryptographic Message Syntax crypto/cms/cms_asn1.c OriginatorInfo Ele... |
| 63299 | OpenSSL ssl/s3_pkt.c ssl3_get_record Function TLS Connection Record Remote DoS |
| 62844 | OpenSSL bn_wexpand Function NULL Return Value Check Weakness |
| 62719 | OpenSSL Kerberos ssl/kssl.c kssk_keytab_is_available() Function NULL Derefere... |
| 61684 | OpenSSL CRYPTO_free_all_ex_data() Function Memory Exhaustion DoS |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2012-09-27 | IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884 |
| 2012-09-13 | IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794 |
| 2012-04-05 | IAVM : 2012-B-0038 - Multiple Vulnerabilities in HP Onboard Administrator Severity : Category I - VMSKEY : V0031972 |
| 2011-12-01 | IAVM : 2011-A-0160 - Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana... Severity : Category I - VMSKEY : V0030769 |
| 2011-05-12 | IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-12-03 | OpenSSL ECDH malformed Client Hello denial of service attempt RuleID : 52042 - Revision : 1 - Type : SERVER-OTHER |
| 2014-01-10 | OpenSSL ssl3_get_key_exchange use-after-free attempt RuleID : 19092 - Revision : 10 - Type : SERVER-OTHER |
| 2014-01-10 | OpenSSL ssl3_get_key_exchange use-after-free attempt RuleID : 19091 - Revision : 10 - Type : SERVER-OTHER |
| 2014-01-10 | OpenSSL CMS structure OriginatorInfo memory corruption attempt RuleID : 18766 - Revision : 9 - Type : SERVER-OTHER |
| 2014-01-10 | OpenSSL TLS connection record handling denial of service attempt RuleID : 18714 - Revision : 8 - Type : SERVER-OTHER |
| 2014-01-10 | OpenSSL TLS connection record handling denial of service attempt RuleID : 18713 - Revision : 9 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-08 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0015_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0013_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO |
| 2015-10-12 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17382.nasl - Type : ACT_GATHER_INFO |
| 2015-09-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17248.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO |
| 2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-4.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL11533.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15404.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-76.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-100927.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-101119.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-101207.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-110210.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libopenssl-devel-110920.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_curl-120124.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libopenssl-devel-110920.nasl - Type : ACT_GATHER_INFO |
| 2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory.nasl - Type : ACT_GATHER_INFO |
| 2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory2.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities. File : vmware_esxi_5_0_build_912577_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-04.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0054.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0162.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0173.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0977.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0978.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0979.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1409.nasl - Type : ACT_GATHER_INFO |
| 2013-07-10 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libcurl4-8618.nasl - Type : ACT_GATHER_INFO |
| 2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_4.nasl - Type : ACT_GATHER_INFO |
| 2013-06-05 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-002.nasl - Type : ACT_GATHER_INFO |
| 2012-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18035.nasl - Type : ACT_GATHER_INFO |
| 2012-08-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100119_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100325_openssl096b_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100325_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101116_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101213_openssl_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101213_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110519_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111026_openssl_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-04-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO |
| 2012-02-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1357-1.nasl - Type : ACT_GATHER_INFO |
| 2012-01-04 | Name : The remote server is affected by a buffer overflow vulnerability. File : openssl_0_9_8p_1_0_0b.nasl - Type : ACT_GATHER_INFO |
| 2012-01-04 | Name : The remote SSL layer is affected by a denial of service vulnerability. File : openssl_0_9_8p_1_0_0e.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-110920.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-7645.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7462.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7760.nasl - Type : ACT_GATHER_INFO |
| 2011-10-28 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0013.nasl - Type : ACT_GATHER_INFO |
| 2011-10-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1409.nasl - Type : ACT_GATHER_INFO |
| 2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7766.nasl - Type : ACT_GATHER_INFO |
| 2011-10-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-01.nasl - Type : ACT_GATHER_INFO |
| 2011-09-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-137.nasl - Type : ACT_GATHER_INFO |
| 2011-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12233.nasl - Type : ACT_GATHER_INFO |
| 2011-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12281.nasl - Type : ACT_GATHER_INFO |
| 2011-09-12 | Name : The remote web server is affected by multiple SSL-related vulnerabilities. File : openssl_1_0_0e.nasl - Type : ACT_GATHER_INFO |
| 2011-09-08 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2ecb7b20d97e11e0b2e200215c6a37bb.nasl - Type : ACT_GATHER_INFO |
| 2011-07-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-110721.nasl - Type : ACT_GATHER_INFO |
| 2011-07-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_compat-openssl097g-7644.nasl - Type : ACT_GATHER_INFO |
| 2011-06-24 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_6_8.nasl - Type : ACT_GATHER_INFO |
| 2011-05-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0677.nasl - Type : ACT_GATHER_INFO |
| 2011-05-13 | Name : The remote media server is affected by multiple vulnerabilities. File : adobe_fms_4_0_2.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-100927.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-101111.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-101207.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libopenssl-devel-100927.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libopenssl-devel-101119.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libopenssl-devel-101207.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libopenssl-devel-110210.nasl - Type : ACT_GATHER_INFO |
| 2011-05-04 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12701.nasl - Type : ACT_GATHER_INFO |
| 2011-05-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7463.nasl - Type : ACT_GATHER_INFO |
| 2011-05-02 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5865.nasl - Type : ACT_GATHER_INFO |
| 2011-05-02 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5876.nasl - Type : ACT_GATHER_INFO |
| 2011-04-29 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5878.nasl - Type : ACT_GATHER_INFO |
| 2011-04-22 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_6_3_0_22.nasl - Type : ACT_GATHER_INFO |
| 2011-03-27 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-110210.nasl - Type : ACT_GATHER_INFO |
| 2011-03-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1255.nasl - Type : ACT_GATHER_INFO |
| 2011-02-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-028.nasl - Type : ACT_GATHER_INFO |
| 2011-02-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1064-1.nasl - Type : ACT_GATHER_INFO |
| 2011-02-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2162.nasl - Type : ACT_GATHER_INFO |
| 2011-02-15 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1273.nasl - Type : ACT_GATHER_INFO |
| 2011-02-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO |
| 2011-02-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-041-04.nasl - Type : ACT_GATHER_INFO |
| 2011-02-09 | Name : The remote web server has an SSL-related denial of service vulnerability. File : openssl_1_0_0d.nasl - Type : ACT_GATHER_INFO |
| 2011-02-07 | Name : The remote host allows resuming SSL sessions with a weaker cipher than the on... File : openssl_resume_different_cipher.nasl - Type : ACT_ATTACK |
| 2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0977.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-101116.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-101207.nasl - Type : ACT_GATHER_INFO |
| 2011-01-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2141.nasl - Type : ACT_GATHER_INFO |
| 2010-12-20 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18736.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0978.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0977.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0978.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0979.nasl - Type : ACT_GATHER_INFO |
| 2010-12-12 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18765.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-340-01.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-248.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1029-1.nasl - Type : ACT_GATHER_INFO |
| 2010-12-07 | Name : The remote web server is affected by multiple vulnerabilities. File : openssl_1_0_0c.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-100331.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-100927.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-101111.nasl - Type : ACT_GATHER_INFO |
| 2010-11-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2125.nasl - Type : ACT_GATHER_INFO |
| 2010-11-22 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-326-01.nasl - Type : ACT_GATHER_INFO |
| 2010-11-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17826.nasl - Type : ACT_GATHER_INFO |
| 2010-11-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17827.nasl - Type : ACT_GATHER_INFO |
| 2010-11-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17847.nasl - Type : ACT_GATHER_INFO |
| 2010-11-18 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_3042c33af23711df9d020018fe623f2b.nasl - Type : ACT_GATHER_INFO |
| 2010-11-18 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-238.nasl - Type : ACT_GATHER_INFO |
| 2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0888.nasl - Type : ACT_GATHER_INFO |
| 2010-11-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1018-1.nasl - Type : ACT_GATHER_INFO |
| 2010-11-16 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-7174.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-6944.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-CVE-2009-4355.patch-6783.nasl - Type : ACT_GATHER_INFO |
| 2010-10-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1003-1.nasl - Type : ACT_GATHER_INFO |
| 2010-10-04 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0015.nasl - Type : ACT_GATHER_INFO |
| 2010-09-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-168.nasl - Type : ACT_GATHER_INFO |
| 2010-09-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2100.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-5357.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-5744.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-8742.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-9421.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-9574.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-9639.nasl - Type : ACT_GATHER_INFO |
| 2010-06-03 | Name : The remote web server has a SSL-related vulnerability. File : openssl_1_0_0a.nasl - Type : ACT_GATHER_INFO |
| 2010-06-01 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO |
| 2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0162.nasl - Type : ACT_GATHER_INFO |
| 2010-05-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0173.nasl - Type : ACT_GATHER_INFO |
| 2010-04-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-076.nasl - Type : ACT_GATHER_INFO |
| 2010-04-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libopenssl-devel-100331.nasl - Type : ACT_GATHER_INFO |
| 2010-04-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libopenssl-devel-100401.nasl - Type : ACT_GATHER_INFO |
| 2010-04-02 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-090-01.nasl - Type : ACT_GATHER_INFO |
| 2010-04-02 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12606.nasl - Type : ACT_GATHER_INFO |
| 2010-03-31 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-6943.nasl - Type : ACT_GATHER_INFO |
| 2010-03-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0162.nasl - Type : ACT_GATHER_INFO |
| 2010-03-26 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0173.nasl - Type : ACT_GATHER_INFO |
| 2010-03-26 | Name : The remote web server has multiple SSL-related vulnerabilities. File : openssl_0_9_8n.nasl - Type : ACT_GATHER_INFO |
| 2010-03-11 | Name : The remote web server has multiple SSL-related vulnerabilities. File : openssl_0_9_8m.nasl - Type : ACT_GATHER_INFO |
| 2010-03-02 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-060-02.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1970.nasl - Type : ACT_GATHER_INFO |
| 2010-01-25 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_openssl-CVE-2009-4355_patch-100115.nasl - Type : ACT_GATHER_INFO |
| 2010-01-25 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_openssl-CVE-2009-4355_patch-100120.nasl - Type : ACT_GATHER_INFO |
| 2010-01-25 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_openssl-CVE-2009-4355_patch-100115.nasl - Type : ACT_GATHER_INFO |
| 2010-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_openssl-CVE-2009-4355_patch-100115.nasl - Type : ACT_GATHER_INFO |
| 2010-01-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-CVE-2009-4355.patch-6784.nasl - Type : ACT_GATHER_INFO |
| 2010-01-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0054.nasl - Type : ACT_GATHER_INFO |
| 2010-01-21 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-022.nasl - Type : ACT_GATHER_INFO |
| 2010-01-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0054.nasl - Type : ACT_GATHER_INFO |
| 2010-01-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-884-1.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:36:59 |
|
