Download
| Alert*
|
oval:org.secpod.oval:def:1601328
It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. ... oval:org.secpod.oval:def:400409 Various security vulnerabilities have been fixed in openssl: - DTLS plaintext recovery attack - uninitialized SSL 3.0 padding - malformed RFC 3779 data can cause assertion failures - SGC restart DoS attack - invalid GOST parameters DoS attack oval:org.secpod.oval:def:600700 Several vulnerabilities were discovered in OpenSSL, an implementation of TLS and related protocols. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2011-4108 The DTLS implementation performs a MAC check only if certain padding is valid, which makes it e ... oval:org.secpod.oval:def:202264 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when pe ... oval:org.secpod.oval:def:103412 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:14147 The host is installed with OS X Lion 10.7 through 10.7.5, OS X Lion Server 10.7 through 10.7.5, OS X Mountain Lion 10.8 through 10.8.3, Apple Mac OS X Server 10.6.8 or Apple Mac OS X 10.6.8 and is prone to information disclosure vulnerability. A flaw is present in the application, which does not pro ... oval:org.secpod.oval:def:1300013 Multiple vulnerabilities has been found and corrected in openssl: The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack . Double free vu ... oval:org.secpod.oval:def:103447 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:202245 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record paddi ... oval:org.secpod.oval:def:700763 openssl: Secure Socket Layer binary and related cryptographic tools Multiple vulnerabilities exist in OpenSSL that could expose sensitive information or cause applications to crash. oval:org.secpod.oval:def:202280 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when pe ... oval:org.secpod.oval:def:500752 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when pe ... oval:org.secpod.oval:def:500754 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when pe ... oval:org.secpod.oval:def:20044 The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to information disclosure vulnerability. A flaw is present in SSL 3.0 implementation in OpenSSL, which does not properly initialize data structures for block cipher padding. Successful exploitation might allow remote ... oval:org.secpod.oval:def:302883 Multiple vulnerabilities has been found and corrected in openssl: The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack . Double free vu ... oval:org.secpod.oval:def:500722 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record paddi ... oval:org.secpod.oval:def:1503807 Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ... oval:org.secpod.oval:def:302893 Multiple vulnerabilities has been found and corrected in openssl: The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack . Double free vu ... oval:org.secpod.oval:def:21273 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:14174 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-06-04-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... |
