Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2012.0084.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2012:0084-1)
Summary:The remote host is missing an update for the 'OpenSSL' package(s) announced via the SUSE-SU-2012:0084-1 advisory.
Description:Summary:
The remote host is missing an update for the 'OpenSSL' package(s) announced via the SUSE-SU-2012:0084-1 advisory.

Vulnerability Insight:
Various security vulnerabilities have been fixed in OpenSSL:

* DTLS plaintext recovery attack (CVE-2011-4108)
* double-free in Policy Checks (CVE-2011-4109)
* uninitialized SSL 3.0 padding (CVE-2011-4576)
* malformed RFC 3779 data can cause assertion failures
(CVE-2011-4577)
* SGC restart DoS attack (CVE-2011-4619)

Security Issue references:

* CVE-2011-4108
>
* CVE-2011-4109
>
* CVE-2011-4576
>
* CVE-2011-4577
>
* CVE-2011-4619
>

Affected Software/OS:
'OpenSSL' package(s) on SLE SDK 10 SP4, SUSE Linux Enterprise Desktop 10 SP4, SUSE Linux Enterprise Desktop 11 SP1, SUSE Linux Enterprise Server 10 SP4, SUSE Linux Enterprise Server 11 SP1, SUSE Linux Enterprise Software Development Kit 11 SP1.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-4108
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
CERT/CC vulnerability note: VU#737740
http://www.kb.cert.org/vuls/id/737740
Debian Security Information: DSA-2390 (Google Search)
http://www.debian.org/security/2012/dsa-2390
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
HPdes Security Advisory: HPSBMU02776
http://marc.info/?l=bugtraq&m=133951357207000&w=2
HPdes Security Advisory: HPSBMU02786
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
HPdes Security Advisory: HPSBOV02793
http://marc.info/?l=bugtraq&m=134039053214295&w=2
HPdes Security Advisory: HPSBUX02734
http://marc.info/?l=bugtraq&m=132750648501816&w=2
HPdes Security Advisory: SSRT100729
HPdes Security Advisory: SSRT100852
HPdes Security Advisory: SSRT100877
HPdes Security Advisory: SSRT100891
http://www.mandriva.com/security/advisories?name=MDVSA-2012:006
http://www.mandriva.com/security/advisories?name=MDVSA-2012:007
http://www.isg.rhul.ac.uk/~kp/dtls.pdf
RedHat Security Advisories: RHSA-2012:1306
http://rhn.redhat.com/errata/RHSA-2012-1306.html
RedHat Security Advisories: RHSA-2012:1307
http://rhn.redhat.com/errata/RHSA-2012-1307.html
RedHat Security Advisories: RHSA-2012:1308
http://rhn.redhat.com/errata/RHSA-2012-1308.html
http://secunia.com/advisories/48528
http://secunia.com/advisories/57260
http://secunia.com/advisories/57353
SuSE Security Announcement: SUSE-SU-2012:0084 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html
SuSE Security Announcement: openSUSE-SU-2012:0083 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-4109
XForce ISS Database: openssl-policy-checks-dos(72129)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72129
Common Vulnerability Exposure (CVE) ID: CVE-2011-4576
http://secunia.com/advisories/55069
Common Vulnerability Exposure (CVE) ID: CVE-2011-4577
Common Vulnerability Exposure (CVE) ID: CVE-2011-4619
HPdes Security Advisory: HPSBUX02782
http://marc.info/?l=bugtraq&m=133728068926468&w=2
HPdes Security Advisory: SSRT100844
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.