Executive Summary

Summary
Title	HP-UX Running OpenSSL, Remote Execution of Arbitrary Code, Denial of Service (DoS)

Informations
Name	HPSBUX02610 SSRT100341	First vendor Publication	2010-12-01
Vendor	HP	Last vendor Modification	2010-12-01
Severity (Vendor)	N/A	Revision	1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS).

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02629503

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-310	Cryptographic Issues

OVAL Definitions

 

Definition Id: oval:org.mitre.oval:def:12395
Oval ID:	oval:org.mitre.oval:def:12395
Title:	HP-UX Running OpenSSL, Remote Execution of Arbitrary Code, Denial of Service (DoS)
Description:	The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2010-0742	Version:	12
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02610 HP Release B.11.23 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.08o.002 AND openssl.OPENSSL-CONF version is less than A.00.09.08o.002 AND openssl.OPENSSL-DOC version is less than A.00.09.08o.002 AND openssl.OPENSSL-INC version is less than A.00.09.08o.002 AND openssl.OPENSSL-LIB version is less than A.00.09.08o.002 AND openssl.OPENSSL-MAN version is less than A.00.09.08o.002 AND openssl.OPENSSL-MIS version is less than A.00.09.08o.002 AND openssl.OPENSSL-PRNG version is less than A.00.09.08o.002 AND openssl.OPENSSL-PVT version is less than A.00.09.08o.002 AND openssl.OPENSSL-SRC version is less than A.00.09.08o.002 AND openssl.OPENSSL-RUN version is less than A.00.09.08o.002 OR Criteria meets HP Security Bulletin HPSBUX02610 HP Release B.11.11 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.08o.003 AND openssl.OPENSSL-CONF version is less than A.00.09.08o.003 AND openssl.OPENSSL-DOC version is less than A.00.09.08o.003 AND openssl.OPENSSL-INC version is less than A.00.09.08o.003 AND openssl.OPENSSL-LIB version is less than A.00.09.08o.003 AND openssl.OPENSSL-MAN version is less than A.00.09.08o.003 AND openssl.OPENSSL-MIS version is less than A.00.09.08o.003 AND openssl.OPENSSL-PRNG version is less than A.00.09.08o.003 AND openssl.OPENSSL-SRC version is less than A.00.09.08o.003 AND openssl.OPENSSL-PVT version is less than A.00.09.08o.003 AND openssl.OPENSSL-RUN version is less than A.00.09.08o.003 OR Criteria meets HP Security Bulletin HPSBUX02610 HP-UX B.11.31 AND filesets tests openssl.OPENSSL-CER version is less than A.00.09.08o.003 AND openssl.OPENSSL-CONF version is less than A.00.09.08o.003 AND openssl.OPENSSL-DOC version is less than A.00.09.08o.003 AND openssl.OPENSSL-INC version is less than A.00.09.08o.003 AND openssl.OPENSSL-LIB version is less than A.00.09.08o.003 AND openssl.OPENSSL-MAN version is less than A.00.09.08o.003 AND openssl.OPENSSL-MIS version is less than A.00.09.08o.003 AND openssl.OPENSSL-PRNG version is less than A.00.09.08o.003 AND openssl.OPENSSL-PVT version is less than A.00.09.08o.003 AND openssl.OPENSSL-SRC version is less than A.00.09.08o.003 AND openssl.OPENSSL-RUN version is less than A.00.09.08o.003

 

Definition Id: oval:org.mitre.oval:def:24950
Oval ID:	oval:org.mitre.oval:def:24950
Title:	Vulnerability in OpenSSL before 0.9.8o and 1.x before 1.0.0a, allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code
Description:	The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0742	Version:	3
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check vulnerable versions of OpenSSL Check if the version of OpenSSL 0.9.1c before 0.9.8o AND Check if the version of OpenSSL 1.0.0 before 1.0.0a AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check vulnerable versions of OpenSSL (32_bit) Check if the version of OpenSSL 0.9.1c before 0.9.8o (32_bit) AND Check if the version of OpenSSL 1.0.0 before 1.0.0a (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8o ProgramFilesDir AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8o ProgramFilesDir x86 AND Check if the version of ssleay32.dll 0.9.1c before 0.9.8o under Sytem32 and SysWOW64 AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a ProgramFilesDir AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a ProgramFilesDir x86 AND Check if the version of ssleay32.dll 1.0.0 before 1.0.0a under Sytem32 and SysWOW64

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openssl cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:1.0.0:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8zg:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8zf:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8ze:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8zc:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8m:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8g:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8g:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8f:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8f:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8e:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8e:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8d:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8d:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8c:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8c:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.8:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7m:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7m:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7l:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7l:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7k:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7k:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7j:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7j:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7i:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7i:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7h:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7h:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7g:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7g:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7f:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7f:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7e:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7e:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7d:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7d:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7c:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7c:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7b:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7b:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7a:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7a:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta2:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta4:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta1:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta5:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta3:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta6:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta5:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta4:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta6:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta1:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta3:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:beta2:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6m:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6m:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6l:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6l:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6k:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6k:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6j:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6j:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6i:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6i:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6h:bogus:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6h:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6h:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6g:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6g:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6f:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6f:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6e:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6e:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6d:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6d:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6d:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6c:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6c:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6b:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6b:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6a:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:beta1:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:beta3:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:beta1:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:beta3:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:beta1:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:beta1:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:beta2:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:beta1:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:beta1:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:beta2:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.4:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.4:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.3a:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.3a:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.3:-:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.3:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.3:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.2b:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.2b:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.1c:*:%7E%7E%7E%7Ex86%7E:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.1c:*:~~~~x86~:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:x86:* cpe:2.3:a:openssl:openssl:0.9.1b:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:0.9.0b:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* cpe:2.3:a:openssl:openssl:*:*:openvms:*:*:*:*:* cpe:2.3:a:openssl:openssl:-:*:*:*:*:*:*:*	263

OpenVAS Exploits

Date	Description
2012-02-12	Name : Gentoo Security Advisory GLSA 201110-01 (openssl) File : nvt/glsa_201110_01.nasl
2011-03-24	Name : Fedora Update for openssl FEDORA-2011-1255 File : nvt/gb_fedora_2011_1255_openssl_fc13.nasl
2011-01-04	Name : HP-UX Update for OpenSSL HPSBUX02610 File : nvt/gb_hp_ux_HPSBUX02610.nasl
2010-12-28	Name : Fedora Update for openssl FEDORA-2010-18736 File : nvt/gb_fedora_2010_18736_openssl_fc13.nasl
2010-11-23	Name : Fedora Update for openssl FEDORA-2010-17826 File : nvt/gb_fedora_2010_17826_openssl_fc12.nasl
2010-11-23	Name : Fedora Update for openssl FEDORA-2010-17847 File : nvt/gb_fedora_2010_17847_openssl_fc13.nasl
2010-06-25	Name : Fedora Update for openssl FEDORA-2010-9421 File : nvt/gb_fedora_2010_9421_openssl_fc11.nasl
2010-06-18	Name : Fedora Update for openssl FEDORA-2010-9574 File : nvt/gb_fedora_2010_9574_openssl_fc13.nasl
2010-06-18	Name : Fedora Update for openssl FEDORA-2010-9639 File : nvt/gb_fedora_2010_9639_openssl_fc12.nasl
2010-06-04	Name : OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability File : nvt/gb_openssl_40502.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
65057	OpenSSL Cryptographic Message Syntax crypto/cms/cms_asn1.c OriginatorInfo Ele...

Snort® IPS/IDS

Date	Description
2014-01-10	OpenSSL CMS structure OriginatorInfo memory corruption attempt RuleID : 18766 - Revision : 9 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2015-09-10	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17248.nasl - Type : ACT_GATHER_INFO
2011-10-10	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-01.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-9421.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-9574.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-9639.nasl - Type : ACT_GATHER_INFO
2010-06-03	Name : The remote web server has a SSL-related vulnerability. File : openssl_1_0_0a.nasl - Type : ACT_GATHER_INFO