Download
| Alert*
oval:org.secpod.oval:def:602756
Several vulnerabilities were discovered in OpenSSL: CVE-2016-7056 A local timing attack was discovered against ECDSA P-256. CVE-2016-8610 It was discovered that no limit was imposed on alert packets during an SSL handshake. CVE-2017-3731 Robert Swiecki discovered that the RC4-MD5 cipher when running ... oval:org.secpod.oval:def:112006 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:38965 The host is installed with OpenSSL 1.1.0 before 1.1.0d or 1.0.2 before 1.0.2k or MySQL Server through 5.6.35 or 5.7.18 is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails through unknown vectors. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:112007 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:51710 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:204437 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly u ... oval:org.secpod.oval:def:1501771 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:39946 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:1000774 The remote host is missing a patch 151913-09 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1501772 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204438 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly u ... oval:org.secpod.oval:def:1800846 CVE-2017-3731: Truncated packet could crash via OOB read If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the cra ... oval:org.secpod.oval:def:38970 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:1000771 The remote host is missing a patch 151912-09 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:703441 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:52183 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89044816 This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] Security issues fixed: - CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results - CVE-2017-3731: Truncated packet could crash via OOB read - CVE-2017-37 ... oval:org.secpod.oval:def:1000749 The remote host is missing a patch 150383-18 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1600507 An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. A denial of service flaw was found in the way the TLS/SSL protocol defined pro ... oval:org.secpod.oval:def:2100467 If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users s ... oval:org.secpod.oval:def:501978 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly u ... oval:org.secpod.oval:def:1800417 CVE-2017-3731: Truncated packet could crash via OOB read. If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the cr ... |