[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78764

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:21397
The host is installed with OpenSSL 1.0.1 before 1.0.1j, 1.0.0 before 1.0.0o or 0.9.8 before 0.9.8zc and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a large number of invalid session tickets. Successful exploitation could allow a ...

oval:org.secpod.oval:def:1600169
A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. A memory leak flaw was found in the way an Ope ...

oval:org.secpod.oval:def:21399
The host is installed with OpenSSL 1.0.1 before 1.0.1j, 1.0.0 before 1.0.0o or 0.9.8 before 0.9.8zc and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a SSL handshake request. Successful exploitation could allow attackers to mak ...

oval:org.secpod.oval:def:1200139
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1 ...

oval:org.secpod.oval:def:108125
libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all platform differences in this library.

oval:org.secpod.oval:def:1600161
Running yum clean all followed by yum update openssl will install the fixed package.For Amazon Linux AMIs "locked" to the 2014.03 repositories, openssl-1.0.1i-1.79.amzn1 also addresses this CVE. Running yum clean all followed by yum update openssl will install the fixed package.For Amazon Linux AMIs ...

oval:org.secpod.oval:def:107878
Claws Mail is an email client , based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility.

oval:org.secpod.oval:def:107915
The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server. Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no ...

oval:org.secpod.oval:def:501486
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:501489
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:108280
Additional plugins for Claws Mail.

oval:org.secpod.oval:def:1500761
Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System ba ...

oval:org.secpod.oval:def:501405
OpenSSL is a toolkit that implements the Secure Sockets Layer , Transport Layer Security , and Datagram Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value , which can be use ...

oval:org.secpod.oval:def:1500884
Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500883
Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500886
Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500888
Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings ...

oval:org.secpod.oval:def:108520
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:23618
The host is missing a patch containing a security fixes, which affects the following package(s): Java

oval:org.secpod.oval:def:1500889
Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings ...

oval:org.secpod.oval:def:1500803
Updated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. ...

oval:org.secpod.oval:def:501491
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:501490
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An ...

oval:org.secpod.oval:def:1600038
A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining mode. This flaw allows a man-in-the-middle attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim applic ...

oval:org.secpod.oval:def:1500891
Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500771
Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System ba ...

oval:org.secpod.oval:def:1500892
Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings ...

oval:org.secpod.oval:def:108196
Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

oval:org.secpod.oval:def:108232
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows libraries and development tools.

oval:org.secpod.oval:def:1500775
Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. OpenSSL is a toolkit that implements the Secure Sockets Layer , Transport ...

oval:org.secpod.oval:def:1200135
Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. Multiple improper permi ...

oval:org.secpod.oval:def:400675
- Previous versions of cyrus-imapd would not allow its users to disable old protocols like SSLv1 and SSLv2 that are unsafe due to various known attacks like BEAST and POODLE. https://bugzilla.cyrusimap.org/show_bug.cgi?id=3867 remedies this issue by adding the configuration option "tls_versions" to ...

oval:org.secpod.oval:def:107894
The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server. Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no ...

oval:org.secpod.oval:def:108269
Claws Mail is an email client , based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility.

oval:org.secpod.oval:def:107898
A small library for communicating with the REST interface of a Red Hat Unified Entitlement Platform. This interface is used for the management of system entitlements, certificates, and access to content.

oval:org.secpod.oval:def:108229
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows libraries and development tools.

oval:org.secpod.oval:def:108506
Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

oval:org.secpod.oval:def:107815
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:107818
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:501462
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. This update adds support for the TLS Fallback Sig ...

oval:org.secpod.oval:def:203465
OpenSSL is a toolkit that implements the Secure Sockets Layer, Transport Layer Security, and Datagram Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to ...

oval:org.secpod.oval:def:204279
OpenSSL is a toolkit that implements the Secure Sockets Layer , Transport Layer Security , and Datagram Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value , which can be use ...

oval:org.secpod.oval:def:203540
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An ...

oval:org.secpod.oval:def:1200041
A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the JAX-WS, and RMI components i ...

oval:org.secpod.oval:def:203546
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:203545
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:203543
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:21398
The host is installed with OpenSSL 1.0.1 before 1.0.1j, 1.0.0 before 1.0.0o or 0.9.8 before 0.9.8zc or Oracle Java SE 5.0u75 and earlier, 6u85 and earlier, 7u72 and earlier or 8u25 and earlier and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the applications, which fail ...

oval:org.secpod.oval:def:501427
OpenSSL is a toolkit that implements the Secure Sockets Layer , Transport Layer Security , and Datagram Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value , which can be use ...

oval:org.secpod.oval:def:1500862
Updated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. ...

oval:org.secpod.oval:def:203548
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:203504
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. This update adds support for the TLS Fallback Sig ...

oval:org.secpod.oval:def:203547
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:1200086
A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the JAX-WS, and RMI components i ...

oval:org.secpod.oval:def:108462
Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

oval:org.secpod.oval:def:107890
The purpose of this mail library is to provide a portable, efficient middle-ware for different kinds of mail access. When using the drivers interface, the interface is the same for all kinds of mail access, remote and local mailboxes.

oval:org.secpod.oval:def:108187
Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware.

oval:org.secpod.oval:def:203509
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. This update adds support for the TLS Fallback Sig ...

oval:org.secpod.oval:def:109595
Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface.

oval:org.secpod.oval:def:203508
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. This update adds support for the TLS Fallback Sig ...

oval:org.secpod.oval:def:21591
The host is missing a patch containing a security fixes, which affects the following package(s): Java

oval:org.secpod.oval:def:108267
The purpose of this mail library is to provide a portable, efficient middle-ware for different kinds of mail access. When using the drivers interface, the interface is the same for all kinds of mail access, remote and local mailboxes.

oval:org.secpod.oval:def:108059
Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

oval:org.secpod.oval:def:109589
Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface.

oval:org.secpod.oval:def:108338
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.

oval:org.secpod.oval:def:21535
The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base

oval:org.secpod.oval:def:107888
A small library for communicating with the REST interface of a Red Hat Unified Entitlement Platform. This interface is used for the management of system entitlements, certificates, and access to content.

oval:org.secpod.oval:def:203457
OpenSSL is a toolkit that implements the Secure Sockets Layer, Transport Layer Security, and Datagram Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to ...

oval:org.secpod.oval:def:203456
OpenSSL is a toolkit that implements the Secure Sockets Layer, Transport Layer Security, and Datagram Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to ...

oval:org.secpod.oval:def:203539
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to ...

oval:org.secpod.oval:def:108052
libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all platform differences in this library.

oval:org.secpod.oval:def:108053
libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all platform differences in this library.

oval:org.secpod.oval:def:108055
Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

oval:org.secpod.oval:def:107880
Additional plugins for Claws Mail.

oval:org.secpod.oval:def:107882
The Subscription Manager package provides programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

oval:org.secpod.oval:def:601802
Several vulnerabilities have been found in OpenSSL, the Secure Sockets Layer library and toolkit. CVE-2014-3513 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol extension data. A remote attacker could send multiple specially crafted handshake messa ...

CVE    4
CVE-2014-3568
CVE-2014-3566
CVE-2017-3735
CVE-2014-3567
...
*CPE
cpe:/a:openssl:openssl:0.9.8zb

© 2013 SecPod Technologies