Download
| Alert*
|
oval:org.secpod.oval:def:24420
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle attempts to use unsupported protocols. Successful exploitation allows attackers to cra ... oval:org.secpod.oval:def:1200139 OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1 ... oval:org.secpod.oval:def:601907 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2014-3569 Frank Schmirler reported that the ssl23_get_client_hello function in OpenSSL does not properly handle attempts to ... oval:org.secpod.oval:def:2100751 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439. oval:org.secpod.oval:def:22717 The host is installed with MYSQL Server 5.6.22 and earlier, OpenSSL 1.0.1 before 1.0.1k or 1.0.0 before 1.0.0p and is prone to denial of service vulnerability. The flaw is present in the ssl23_get_client_hello function in s23_srvr.c in OpenSSL, which fails to properly handle an unexpected handshake. ... oval:org.secpod.oval:def:24460 The host is missing a security update according to Apple advisory, APPLE-SA-2015-04-08-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to execute arbitrary code or crash ... |
