oval:org.mitre.oval:def:27052
Definition Id: oval:org.mitre.oval:def:27052 | |||
Oval ID: | oval:org.mitre.oval:def:27052 | ||
Title: | USN-2385-1 -- OpenSSL vulnerabilities | ||
Description: | It was discovered that OpenSSL incorrectly handled memory when parsing DTLS SRTP extension data. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3513">CVE-2014-3513</a>) It was discovered that OpenSSL incorrectly handled memory when verifying the integrity of a session ticket. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3567">CVE-2014-3567</a>) In addition, this update introduces support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV). This new feature prevents protocol downgrade attacks when certain applications such as web browsers attempt to reconnect using a lower protocol version for interoperability reasons. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2385-1 CVE-2014-3513 CVE-2014-3567 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13089 | |||
Oval ID: | oval:org.mitre.oval:def:13089 | ||
Title: | Ubuntu 10.04 is installed | ||
Description: | Ubuntu 10.04 is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:canonical:ubuntu_linux:10.04 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:27052 |
Definition Id: oval:org.mitre.oval:def:24421 | |||
Oval ID: | oval:org.mitre.oval:def:24421 | ||
Title: | Ubuntu 14.04 is installed | ||
Description: | Ubuntu 14.04 is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:canonical:ubuntu_linux:14.04 | Version: | 5 |
Platform(s): | Ubuntu 14.04 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:27052 |
Definition Id: oval:org.mitre.oval:def:15824 | |||
Oval ID: | oval:org.mitre.oval:def:15824 | ||
Title: | Ubuntu 12.04 is installed | ||
Description: | Ubuntu 12.04 is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:canonical:ubuntu_linux:12.04 | Version: | 5 |
Platform(s): | Ubuntu 12.04 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:27052 |