Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2018.0925.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2018:0925-1)
Resumen:The remote host is missing an update for the 'openssl' package(s) announced via the SUSE-SU-2018:0925-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'openssl' package(s) announced via the SUSE-SU-2018:0925-1 advisory.

Vulnerability Insight:
This update for openssl fixes the following issues:
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition
(such as can be found in PKCS7) could eventually exceed the stack
given malicious input with excessive recursion. This could result in
a Denial Of Service attack. There are no such structures used within
SSL/TLS that come from untrusted sources so this is considered safe.
(bsc#1087102).

Affected Software/OS:
'openssl' package(s) on OpenStack Cloud Magnum Orchestration 7, SUSE CaaS Platform ALL, SUSE Linux Enterprise Desktop 12-SP2, SUSE Linux Enterprise Desktop 12-SP3, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server for Raspberry Pi 12-SP2, SUSE Linux Enterprise Software Development Kit 12-SP2, SUSE Linux Enterprise Software Development Kit 12-SP3.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-0739
BugTraq ID: 103518
http://www.securityfocus.com/bid/103518
BugTraq ID: 105609
http://www.securityfocus.com/bid/105609
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
https://security.netapp.com/advisory/ntap-20180330-0002/
https://security.netapp.com/advisory/ntap-20180726-0002/
https://securityadvisories.paloaltonetworks.com/Home/Detail/133
https://www.openssl.org/news/secadv/20180327.txt
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.tenable.com/security/tns-2018-04
https://www.tenable.com/security/tns-2018-06
https://www.tenable.com/security/tns-2018-07
Debian Security Information: DSA-4157 (Google Search)
https://www.debian.org/security/2018/dsa-4157
Debian Security Information: DSA-4158 (Google Search)
https://www.debian.org/security/2018/dsa-4158
https://security.gentoo.org/glsa/201811-21
https://security.gentoo.org/glsa/202007-53
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html
RedHat Security Advisories: RHSA-2018:3090
https://access.redhat.com/errata/RHSA-2018:3090
RedHat Security Advisories: RHSA-2018:3221
https://access.redhat.com/errata/RHSA-2018:3221
RedHat Security Advisories: RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2018:3505
RedHat Security Advisories: RHSA-2019:0366
https://access.redhat.com/errata/RHSA-2019:0366
RedHat Security Advisories: RHSA-2019:0367
https://access.redhat.com/errata/RHSA-2019:0367
RedHat Security Advisories: RHSA-2019:1711
https://access.redhat.com/errata/RHSA-2019:1711
RedHat Security Advisories: RHSA-2019:1712
https://access.redhat.com/errata/RHSA-2019:1712
http://www.securitytracker.com/id/1040576
https://usn.ubuntu.com/3611-1/
https://usn.ubuntu.com/3611-2/
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.