Download
| Alert*
oval:org.secpod.oval:def:109227
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:109268 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:108526 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:24117 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:204175 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL"s ASN1_TYPE_cmp function. A remote attacker could crash a TLS/SSL client or serve ... oval:org.secpod.oval:def:702469 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:602010 The openssl update issued as DSA 3197-1 caused regressions. This update reverts the defective patch applied in that update causing these problems. Additionally a follow-up fix for CVE-2015-0209 is applied. For reference the original advisory text follows. Multiple vulnerabilities have been discovere ... oval:org.secpod.oval:def:203608 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could m ... oval:org.secpod.oval:def:602003 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-0286 Stephen Henson discovered that the ASN1_TYPE_cmp function can be crashed, resulting in denial of service. CVE-2015 ... oval:org.secpod.oval:def:52432 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:1504296 [1.0.1m-2.0.1] - update to upstream 1.0.1m - update to fips canister 2.0.9 - regenerated below patches openssl-1.0.1-beta2-rpmbuild.patch openssl-1.0.1m-rhcompat.patch openssl-1.0.1m-ecc-suiteb.patch openssl-1.0.1m-fips-mode.patch openssl-1.0.1m-version.patch openssl-1.0.1m-evp-devel.patch [1.0.1j-2 ... oval:org.secpod.oval:def:203581 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL"s ASN1_TYPE_cmp function. A remote attacker could crash a TLS/SSL client or serve ... oval:org.secpod.oval:def:501541 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL"s ASN1_TYPE_cmp function. A remote attacker could crash a TLS/SSL client or serve ... oval:org.secpod.oval:def:501540 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL"s ASN1_TYPE_cmp function. A remote attacker could crash a TLS/SSL client or serve ... oval:org.secpod.oval:def:1200089 A use-after-free flaw was found in the way OpenSSL importrf certain Elliptic Curve private keys. An attacker could use this flaw to crash OpenSSL, if a specially-crafted certificate was imported. A denial of service flaw was found in the way OpenSSL handled certain SSLv2 messages. A malicious client ... oval:org.secpod.oval:def:1500983 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could m ... oval:org.secpod.oval:def:23953 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not reinitialize CHOICE and ADB data structures. Successful exploitation allows ... oval:org.secpod.oval:def:203574 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL"s ASN1_TYPE_cmp function. A remote attacker could crash a TLS/SSL client or serve ... oval:org.secpod.oval:def:25302 The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which does not reinitialize CHOICE and ADB data structures. Successful exploitation allow remote attackers to cause a denial of se ... oval:org.secpod.oval:def:501555 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could m ... oval:org.secpod.oval:def:30961 The host is missing a security update according to Apple advisory, APPLE-SA-2015-09-30-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... oval:org.secpod.oval:def:1500952 An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application. oval:org.secpod.oval:def:1500953 An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application. oval:org.secpod.oval:def:25312 The host is missing a security update according to Apple advisory, APPLE-SA-2015-06-30-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted vectors. Successful exploitation leads to information disclosure, security bypas ... oval:org.secpod.oval:def:108520 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. |