oval:org.mitre.oval:def:11578

Definition Id: oval:org.mitre.oval:def:11578
 
Oval ID: oval:org.mitre.oval:def:11578
Title: Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects OpenSSL
Description: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3555
 Version: 3
Platform(s): Sun Solaris 10
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1440
 
Oval ID: oval:org.mitre.oval:def:1440
Title: Solaris 10 (SPARC) is installed
Description: The operating system installed on the system is Sun Solaris 10 for SPARC.
Family: unix Class: inventory
Reference(s): cpe:/o:sun:sunos:5.10::sparc
 Version: 1
Platform(s): Sun Solaris 10
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:11578
oval:org.mitre.oval:def:11578
Definition Id: oval:org.mitre.oval:def:1926
 
Oval ID: oval:org.mitre.oval:def:1926
Title: Solaris 10 (x86) is installed
Description: The operating system installed on the system is Sun Solaris 10 for x86.
Family: unix Class: inventory
Reference(s): cpe:/o:sun:sunos:5.10::ix86
 Version: 1
Platform(s): Sun Solaris 10
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:11578