[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:600621
Several fraudulent SSL certificates have been found in the wild issued by the DigiNotar Certificate Authority, obtained through a security compromise of said company. After further updates on this incident, it has been determined that all of DigiNotar"s signing certificates can no longer be trusted. ...

oval:org.secpod.oval:def:500754
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when pe ...

oval:org.secpod.oval:def:202280
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when pe ...

oval:org.secpod.oval:def:600782
Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2012-0884 Ivan Nestlerode discovered a weakness in the CMS and PKCS #7 implementations that could allow an attacker to decrypt data via a Million Message Attack ...

oval:org.secpod.oval:def:202303
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL parsed Secure/Multipurpose Internet Mail Extensions messages. An att ...

oval:org.secpod.oval:def:202305
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL parsed Secure/Multipurpose Internet Mail Extensions messages. An att ...

oval:org.secpod.oval:def:500773
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer dereference flaw was found in the way OpenSSL parsed Secure/Multipurpose Internet Mail Extensions messages. An att ...

oval:org.secpod.oval:def:202325
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1 data from BIO input ...

oval:org.secpod.oval:def:600786
Tomas Hoger, Red Hat, discovered that the fix for CVE-2012-2110 for the 0.9.8 series of OpenSSL was incomplete. It has been assigned the CVE-2012-2131 identifier. For reference, the original description of CVE-2012-2110 from DSA-2454-1 is quoted below: CVE-2012-2110 Tavis Ormandy, Google Security Te ...

oval:org.secpod.oval:def:202321
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1 data from BIO input ...

oval:org.secpod.oval:def:500789
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1 data from BIO input ...

oval:org.secpod.oval:def:20038
The host is installed with OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i or 1.0.1 before 1.0.1a and is prone to buffer overflow vulnerability. A flaw is present in asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL, which does not properly interpret integer data. Successful exploitation al ...

oval:org.secpod.oval:def:20039
The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to denial of service vulnerability. A flaw is present in the Server Gated Cryptography (SGC) implementation, which does not properly handle handshake restarts. Successful exploitation allows remote attackers to cause ...

oval:org.secpod.oval:def:20043
The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomo ...

oval:org.secpod.oval:def:20044
The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to information disclosure vulnerability. A flaw is present in SSL 3.0 implementation in OpenSSL, which does not properly initialize data structures for block cipher padding. Successful exploitation might allow remote ...

oval:org.secpod.oval:def:20042
The host is installed with OpenSSL before 0.9.8u or 1.x before 1.0.0h and is prone to a denial of service vulnerability. A flaw is present in the mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL, which does not properly handle a crafted S/MIME message. Successful exploitation allows remo ...

oval:org.secpod.oval:def:20040
The host is installed with OpenSSL before 0.9.8u or 1.x before 1.0.0h and is prone to a security bypass vulnerability. A flaw is present in the Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL, which does not properly handle Million Message Attack (MMA) adaptive chosen ciphertext attack. Su ...

oval:org.secpod.oval:def:20025
The host is installed with OpenSSL before 0.9.8j and is prone to security bypass vulnerability. A flaw is present in the application, which does not prevent modification of the ciphersuite in the session cache. Successful exploitation could allow remote attackers to force the use of a disabled ciphe ...

oval:org.secpod.oval:def:1225
The host is installed with OpenSSL and is prone to lattice calculation and timing attack vulnerability. A flaw is present in elliptic curve cryptography (ECC) subsystem, which fails to properly implement curves over binary fields. Successful exploitation allow context-dependent attackers to determin ...

oval:org.secpod.oval:def:20034
The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to denial of service vulnerability. A flaw is present in DTLS implementation in OpenSSL, which performs a MAC check only if certain padding is valid. Successful exploitation makes it easier for remote attackers to rec ...

oval:org.secpod.oval:def:20017
The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to denial of service vulnerability. A flaw is present in GOST ENGINE in OpenSSL, which does not properly handle invalid parameters for the GOST block cipher. Successful exploitation allows remote attackers to cause a ...

oval:org.secpod.oval:def:20028
The host is installed with OpenSSL before 0.9.8k and is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle a malformed ASN.1 structure. Successful exploitation could allow remote attackers to cause a denial of service (invalid memory access and a ...

oval:org.secpod.oval:def:600700
Several vulnerabilities were discovered in OpenSSL, an implementation of TLS and related protocols. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2011-4108 The DTLS implementation performs a MAC check only if certain padding is valid, which makes it e ...

oval:org.secpod.oval:def:202264
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when pe ...

oval:org.secpod.oval:def:500752
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security protocol implementation in OpenSSL leaked timing information when pe ...

oval:org.secpod.oval:def:20037
The host is installed with OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j or 1.0.1 before 1.0.1c and is prone to buffer overflow vulnerability. A flaw is present in asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL, which does not properly interpret integer data. Successful exploitation al ...

oval:org.secpod.oval:def:202342
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS application data record lengt ...

oval:org.secpod.oval:def:202344
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS application data record lengt ...

oval:org.secpod.oval:def:700872
openssl: Secure Socket Layer cryptographic library and tools Applications using OpenSSL in certain situations could be made to crash or expose sensitive information.

oval:org.secpod.oval:def:500803
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS application data record lengt ...

oval:org.secpod.oval:def:600812
It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service

oval:org.secpod.oval:def:500435
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was found that the OpenSSL library did not properly re-initialize its internal state in the SSL_library_init function after pre ...

oval:org.secpod.oval:def:201760
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was found that the OpenSSL library did not properly re-initialize its internal state in the SSL_library_init function after pre ...

oval:org.secpod.oval:def:201879
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was found that the OpenSSL library did not properly re-initialize its internal state in the SSL_library_init function after pre ...

oval:org.secpod.oval:def:20047
The host is installed with OpenSSL 0.9.8l and earlier and is prone to memory leak vulnerability. A flaw is present in crypto/comp/c_zlib.c, which fails to properly handle vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the ...

oval:org.secpod.oval:def:201721
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL did not always check the return value of the bn_wexpand function. An attacker able to trigger a mem ...

oval:org.secpod.oval:def:201797
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL did not always check the return value of the bn_wexpand function. An attacker able to trigger a mem ...

oval:org.secpod.oval:def:500412
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL did not always check the return value of the bn_wexpand function. An attacker able to trigger a mem ...

oval:org.secpod.oval:def:843
The host is installed with OpenSSL and is prone to remote code execution vulnerability. A flaw is present in Cryptographic Message Syntax (CMS) implementation, which fails to handle structures that contain OriginatorInfo element. Successful exploitation allows remote attackers to modify invalid memo ...

oval:org.secpod.oval:def:849
The host is installed with OpenSSL and is prone to ciphersuite downgrade vulnerability. A flaw is present in the application, which fails prevent modification of the ciphersuite in the session cache when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled. Successful exploitation allow remote attacke ...

oval:org.secpod.oval:def:1093
The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in ciphersuite, which fails to properly prevent modification of the ciphersuite in the session cache. Successful exploitation allow remote attackers to downgrade to an unintended cipher via vectors in ...

oval:org.secpod.oval:def:201859
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code. A remote attacker could possibly use this flaw to chang ...

oval:org.secpod.oval:def:201813
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code. A remote attacker could possibly use this flaw to chang ...

oval:org.secpod.oval:def:500383
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code. A remote attacker could possibly use this flaw to chang ...

oval:org.secpod.oval:def:500308
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code. A remote attacker could possibly use this flaw to chang ...

oval:org.secpod.oval:def:848
The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in the J-PAKE protocol, which fails to validate the public parameters. Successful exploitation allow remote attackers to bypass the authentication by sending crafted values in each round of the protoc ...

oval:org.secpod.oval:def:1092
The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in J-PAKE, which fails to properly validate the public parameters in the J-PAKE protocol. Successful exploitation allow remote attackers to bypass the need for knowledge of the shared secret, and succ ...

oval:org.secpod.oval:def:104689
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:501010
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode ...

oval:org.secpod.oval:def:104718
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:1300164
Multiple vulnerabilities has been found and corrected in openssl: OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid key . The TLS protocol ...

oval:org.secpod.oval:def:21275
The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base

oval:org.secpod.oval:def:1500102
Updated openssl packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:600964
Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-0166 OpenSSL does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid ...

oval:org.secpod.oval:def:1500085
Updated openssl packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are ava ...

oval:org.secpod.oval:def:701203
openssl: Secure Socket Layer cryptographic library and tools Details: USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0166 and CVE-2012-2686 introduced a regression causing decryption failures on hardware supporting AES-NI. This update temporarily reverts the security fix pending ...

oval:org.secpod.oval:def:202626
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode ...

oval:org.secpod.oval:def:20035
The host is installed with OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k or 1.0.1 before 1.0.1d and is prone to denial of service vulnerability. A flaw is in the application, which does not properly handle an invalid key. Successful exploitation allows remote OCSP servers to cause a denial of service.

oval:org.secpod.oval:def:202572
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode ...

oval:org.secpod.oval:def:1600259
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding ...

oval:org.secpod.oval:def:202013
OpenSSL is a toolkit that implements Secure Sockets Layer and Transport Layer Security protocols as well as a full-strength, general purpose, cryptography library. The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a ma ...

oval:org.secpod.oval:def:202011
OpenSSL is a toolkit that implements Secure Sockets Layer and Transport Layer Security protocols as well as a full-strength, general purpose, cryptography library. The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a ma ...

oval:org.secpod.oval:def:202080
OpenSSL is a toolkit that implements Secure Sockets Layer and Transport Layer Security protocols as well as a full-strength, general purpose, cryptography library. The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a ma ...

oval:org.secpod.oval:def:202005
OpenSSL is a toolkit that implements Secure Sockets Layer and Transport Layer Security protocols as well as a full-strength, general purpose, cryptography library. The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a ma ...

oval:org.secpod.oval:def:500635
OpenSSL is a toolkit that implements Secure Sockets Layer and Transport Layer Security protocols as well as a full-strength, general purpose, cryptography library. The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a ma ...

oval:org.secpod.oval:def:20023
The host is installed with OpenSSL 0.9.8i and earlier and is prone to signature verification vulnerability. A flaw is present in the application, which does not properly check the return value from the EVP_VerifyFinal function. Successful exploitation could allow remote attackers to bypass validatio ...

oval:org.secpod.oval:def:20026
The host is installed with OpenSSL before 0.9.8k and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. Successful exploitation could ...

oval:org.secpod.oval:def:201982
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general purpose cryptography library. Datagram TLS is a protocol based on TLS that is capable of securing datagram transport . Multiple denial of service flaws were dis ...

oval:org.secpod.oval:def:202091
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general purpose cryptography library. Datagram TLS is a protocol based on TLS that is capable of securing datagram transport . Multiple denial of service flaws were dis ...

oval:org.secpod.oval:def:20031
The host is installed with OpenSSL 0.9.8i and is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle a DTLS ChangeCipherSpec packet that occurs before ClientHello. Successful exploitation could allow remote attackers to cause a denial of service ( ...

oval:org.secpod.oval:def:500658
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general purpose cryptography library. Datagram TLS is a protocol based on TLS that is capable of securing datagram transport . Multiple denial of service flaws were dis ...

oval:org.secpod.oval:def:20062
The host is installed with OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1g and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a FLUSH+RELOAD cache side-channel attack. Successful exploitation could allow local users ...

oval:org.secpod.oval:def:703881
openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.

oval:org.secpod.oval:def:19930
The host is installed with OpenSSL 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1h and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an SSL connection in a multithreaded environment. Successful exploitation allows remote attackers to i ...

oval:org.secpod.oval:def:21278
The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base

oval:org.secpod.oval:def:601270
Multiple vulnerabilities have been discovered in OpenSSL. The following Common Vulnerabilities and Exposures project ids identify them: CVE-2010-5298 A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a multi-thre ...

oval:org.secpod.oval:def:107025
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:107028
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:108232
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows libraries and development tools.

oval:org.secpod.oval:def:501303
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to us ...

oval:org.secpod.oval:def:107332
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:107326
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:203332
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying materi ...

oval:org.secpod.oval:def:1500637
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.

oval:org.secpod.oval:def:501321
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to us ...

oval:org.secpod.oval:def:1500771
Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System ba ...

oval:org.secpod.oval:def:108229
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows libraries and development tools.

oval:org.secpod.oval:def:107815
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:1600028
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. Note: In order to exploit this flaw, b ...

oval:org.secpod.oval:def:107818
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:1500558
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:108520
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:108338
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

CVE    31
CVE-2012-0027
CVE-2008-7270
CVE-2006-7250
CVE-2012-0884
...
*CPE
cpe:/a:openssl:openssl:0.9.7k

© 2013 SecPod Technologies