Download
| Alert*
|
oval:org.secpod.oval:def:25121
The host is installed with OpenSSL 0.9.8za, 1.0.0 before 1.0.0m, or 1.0.1 before 1.0.1h and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unexpected application data. Successful exploitation allows remote attackers to crash the se ... oval:org.secpod.oval:def:702596 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:203645 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:203644 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:501577 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:1501037 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:1501036 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:52497 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:602137 Multiple vulnerabilities were discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2014-8176 Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that an invalid memory free could be triggered when buffering DTLS data. This could allow remote attackers to cause a denial of service ... oval:org.secpod.oval:def:25420 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:1200038 LOGJAM: A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange . An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in wh ... |
