Download
| Alert*
|
oval:org.secpod.oval:def:703441
openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89044816 This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] Security issues fixed: - CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results - CVE-2017-3731: Truncated packet could crash via OOB read - CVE-2017-37 ... oval:org.secpod.oval:def:38025 The host is installed with OpenSSL 1.1.0 before 1.1.0c and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle specially crafted input. Successful exploitation allows remote attackers to cause transient authentication and key negotiation fai ... oval:org.secpod.oval:def:1000749 The remote host is missing a patch 150383-18 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:51710 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:1800417 CVE-2017-3731: Truncated packet could crash via OOB read. If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the cr ... oval:org.secpod.oval:def:1800846 CVE-2017-3731: Truncated packet could crash via OOB read If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the cra ... oval:org.secpod.oval:def:1000771 The remote host is missing a patch 151912-09 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:2100679 There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is becau ... oval:org.secpod.oval:def:1000774 The remote host is missing a patch 151913-09 containing a security fix. For more information please visit the reference link. |
