Download
| Alert*
|
oval:org.secpod.oval:def:20878
The host is installed with OpenSSL 1.0.1 before 1.0.1i and is prone to denial of service vulnerability. The flaw is present in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL, which fails to properly handle an invalid SRP (1) g, (2) A, or (3) B parameter. Successful exploitation allows rem ... oval:org.secpod.oval:def:1600029 A flaw was discovered in the way OpenSSL handled DTLS packets. A remote attacker could use this flaw to cause a DTLS server or client using OpenSSL to crash or use excessive amounts of memory. Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i ... oval:org.secpod.oval:def:21534 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:601750 Multiple vulnerabilities have been identified in OpenSSL, a Secure Sockets Layer toolkit, that may result in denial of service , information leak, protocol downgrade. Additionally, a buffer overrun affecting only applications explicitly set up for SRP has been fixed . Detailed descriptions of the vu ... oval:org.secpod.oval:def:52277 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702158 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. |
