oval:org.mitre.oval:def:24741

Definition Id: oval:org.mitre.oval:def:24741

Oval ID:	oval:org.mitre.oval:def:24741
Title:	OpenSSL vulnerability in 0.9.8, makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic
Description:	The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-1923.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-5095	Version:	4
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check if the version of OpenSSL 0.9.8 AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check if the version of OpenSSL 0.9.8 (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 0.9.8 AND Check if the version of ssleay32.dll 0.9.8 (32_bit) AND Check if the version of ssleay32.dll 0.9.8 under System Root