Download
| Alert*
oval:org.secpod.oval:def:25120
The host is installed with OpenSSL 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n or 1.0.2 before 1.0.2b and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle ECParameters structures in which the curve is over a malformed binary pol ... oval:org.secpod.oval:def:25116 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not reinitialize CHOICE and ADB data structures. Successful exploitation allows ... oval:org.secpod.oval:def:25117 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a double free or an application crash vulnerability. A flaw is present in the application, which fails to handle a NewSessionTicket during an attempt to reuse a ti ... oval:org.secpod.oval:def:117130 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:117138 The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. oval:org.secpod.oval:def:203645 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:203644 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:25118 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a NULL pointer dereference and application crash crash vulnerability. A flaw is present in the application, which fails to handle a PKCS#7 blob. Successful exploit ... oval:org.secpod.oval:def:25119 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a out-of-bounds read and application crash crash vulnerability. A flaw is present in the application, which fails to handle a crafted length field in ASN1_TIME dat ... oval:org.secpod.oval:def:1501037 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:1501036 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:1800800 CVE-2016-2179 The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service by maintaining many crafted DTLS sessions simultaneously, related to d1_lib ... oval:org.secpod.oval:def:1800093 CVE-2016-2179: The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service by maintaining many crafted DTLS sessions simultaneously, related to d1_li ... oval:org.secpod.oval:def:501577 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ... oval:org.secpod.oval:def:1800305 The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service via a crafted time-stamp file that is mishandled by the "openssl ts" command.. oval:org.secpod.oval:def:503314 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: 0-byte record padding oracle For more details about the security issue, including the impact, a CVSS scor ... oval:org.secpod.oval:def:1502595 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205247 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: 0-byte record padding oracle For more details about the security issue, including the impact, a CVSS scor ... oval:org.secpod.oval:def:603677 Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL. oval:org.secpod.oval:def:1901120 0-byte record padding oracle oval:org.secpod.oval:def:53527 Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL. oval:org.secpod.oval:def:51229 openssl1.0: Secure Socket Layer cryptographic library and tools - openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to expose sensitive information over the network. oval:org.secpod.oval:def:704657 openssl1.0: Secure Socket Layer cryptographic library and tools - openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to expose sensitive information over the network. oval:org.secpod.oval:def:58642 The host is installed with OpenSSL 1.1.0 through 1.1.0k, 1.0.2 through 1.0.2s or 1.1.1 through 1.1.1c and is prone to a padding Oracle attack vulnerability. A flaw is present in the application which fails to handle the public RSA key. Successful exploitation allows an attacker to recover a CMS/PKCS ... oval:org.secpod.oval:def:604551 Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the ... oval:org.secpod.oval:def:604550 Two security issues were discovered in OpenSSL: A timing attack against ECDSA and a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey. oval:org.secpod.oval:def:50989 The host is installed with OpenSSL 1.0.2 through 1.0.2q or Oracle MySQL Server through 5.6.43, 5.7.25 or 8.0.15 and is prone to a padding oracle attack vulnerability. The vulnerability is present in the SSL_shutdown() method used in conjunction with non-stitched ciphersuites. On successful exploitat ... oval:org.secpod.oval:def:58644 The host is installed with OpenSSL 1.1.0 through 1.1.0k, 1.0.2 through 1.0.2s or 1.1.1 through 1.1.1c, Oracle VM VirtualBox before 5.2.34, prior to 6.0.14 or Oracle MySQL Server through 5.6.46, 5.7.26 or 8.0.18and is prone to a ECDSA remote timing attack vulnerability. A flaw is present in the appli ... oval:org.secpod.oval:def:54331 The host is installed with Oracle MySQL Server through 5.6.43, 5.7.25 or 8.0.15 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Compiling (OpenSSL). Successful exploitation allows attackers to affect Confidentiality ... oval:org.secpod.oval:def:1501268 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked cou ... oval:org.secpod.oval:def:501727 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to caus ... oval:org.secpod.oval:def:31678 The host is installed with OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, 1.0.2 before 1.0.2e, VM VirtualBox 4.3.x before 4.3.36 or 5.0.x before 5.0.14 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle err ... oval:org.secpod.oval:def:203787 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to caus ... oval:org.secpod.oval:def:38965 The host is installed with OpenSSL 1.1.0 before 1.1.0d or 1.0.2 before 1.0.2k or MySQL Server through 5.6.35 or 5.7.18 is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails through unknown vectors. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:503264 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: 0-byte record padding oracle * openssl: timing side channel attack in the DSA signature algorithm For mo ... oval:org.secpod.oval:def:205268 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: 0-byte record padding oracle * openssl: timing side channel attack in the DSA signature algorithm For mo ... oval:org.secpod.oval:def:1600985 The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key oval:org.secpod.oval:def:1700153 A microprocessor side-channel vulnerability was found on SMT architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.If an application encounters a fatal protocol error and then calls SSL_shutdown twice t ... oval:org.secpod.oval:def:1600996 A microprocessor side-channel vulnerability was found on SMT architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information. If an application encounters a fatal protocol error and then calls SSL_shutdown twice ... oval:org.secpod.oval:def:1800417 CVE-2017-3731: Truncated packet could crash via OOB read. If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the cr ... oval:org.secpod.oval:def:1700120 The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key oval:org.secpod.oval:def:1800846 CVE-2017-3731: Truncated packet could crash via OOB read If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the cra ... oval:org.secpod.oval:def:109202 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:109227 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1501059 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An out-of-bounds read flaw was found in the X509_cmp_time function of OpenSSL. A specially crafted X.509 certificate or a Certific ... oval:org.secpod.oval:def:501585 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An out-of-bounds read flaw was found in the X509_cmp_time function of OpenSSL. A specially crafted X.509 certificate or a Certific ... oval:org.secpod.oval:def:203662 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An out-of-bounds read flaw was found in the X509_cmp_time function of OpenSSL. A specially crafted X.509 certificate or a Certific ... oval:org.secpod.oval:def:109274 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1200038 LOGJAM: A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange . An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in wh ... oval:org.secpod.oval:def:109268 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:33156 The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g, Oracle MySQL 5.6.x through 5.6.29 or 5.7.x through 5.7.11 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle malformed DSA private key. Successful exploitatio ... oval:org.secpod.oval:def:400661 This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack : OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenba ... oval:org.secpod.oval:def:400786 This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory a ... oval:org.secpod.oval:def:501818 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:501822 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:501829 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:110297 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1600367 A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicl ... oval:org.secpod.oval:def:204130 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:1501454 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows libraries and development tools. oval:org.secpod.oval:def:400742 This update for openssl fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack : OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a B ... oval:org.secpod.oval:def:34271 The host is installed with OpenSSL 1.0.1 before 1.0.1t or 1.0.2 before 1.0.2h or Oracle MySQL 5.6.x through 5.6.30 or 5.7.x through 5.7.12 and is prone to a heap overflow vulnerability. A flaw is present in the application, which fails to handle very large amounts of input data. Successful exploitat ... oval:org.secpod.oval:def:1501463 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create ... oval:org.secpod.oval:def:1501503 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:400727 This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check - CVE-2016-2105: EVP_EncodeUpdate overflow - CVE-2016-2106: EVP_EncryptUpdate overflow - CVE-2016-2109: ASN.1 BIO excessive memory a ... oval:org.secpod.oval:def:203943 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:110255 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1501483 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create ... oval:org.secpod.oval:def:38969 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to dec ... oval:org.secpod.oval:def:203932 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to creat ... oval:org.secpod.oval:def:502153 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to de ... oval:org.secpod.oval:def:1502342 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502341 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1800624 CVE-2017-3737: Read/write after SSL object in error state. OpenSSL 1.0.2 introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This w ... oval:org.secpod.oval:def:1600954 Libgcrypt allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacke ... oval:org.secpod.oval:def:115169 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:53292 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3738 David Benjamin of Google reported an overflow bug in the AVX2 Montgomery multiplication procedure used in exponent ... oval:org.secpod.oval:def:1800292 CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read If an X.509 certificate has a malformed IPAddressFamily extension,OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format. Fixed In Version openssl 1.0.2m, o ... oval:org.secpod.oval:def:53169 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily ex ... oval:org.secpod.oval:def:113571 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:204794 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: bn_sqrx8x_internal carry bug on x86_64 * openssl: Read/write after SSL object in error state * openssl: ... oval:org.secpod.oval:def:1501275 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked cou ... oval:org.secpod.oval:def:1501274 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked cou ... oval:org.secpod.oval:def:109986 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:111384 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1600457 It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system. It was discovered that the Dat ... oval:org.secpod.oval:def:53471 Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. oval:org.secpod.oval:def:1800596 CVE-2017-3737: Read/write after SSL object in error state OpenSSL 1.0.2 introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This wo ... oval:org.secpod.oval:def:1700029 bn_sqrx8x_internal carry bug on x86_64There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to ... oval:org.secpod.oval:def:603153 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily ex ... oval:org.secpod.oval:def:1200112 A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. A memory leak vulnerability was ... oval:org.secpod.oval:def:1501604 The host is installed with OpenSSL or NSS and is prone to a birthday attack vulnerability. A flaw is present in 3DES cipher as used in TLS protocol, which fails to renegotiate running connections. Successful exploitation could allow attackers to recover partial plaintext information. oval:org.secpod.oval:def:1700093 During key agreement in a TLS handshake using a DH based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This cou ... oval:org.secpod.oval:def:204094 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiat ... oval:org.secpod.oval:def:1600886 There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks a ... oval:org.secpod.oval:def:204093 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiat ... oval:org.secpod.oval:def:1800544 CVE-2016-2183: SWEET32 Mitigation. SWEET32 oval:org.secpod.oval:def:501726 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked cou ... oval:org.secpod.oval:def:603582 Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. oval:org.secpod.oval:def:1800308 CVE-2017-3737: Read/write after SSL object in error state; OpenSSL 1.0.2 introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This w ... oval:org.secpod.oval:def:603338 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3738 David Benjamin of Google reported an overflow bug in the AVX2 Montgomery multiplication procedure used in exponent ... oval:org.secpod.oval:def:111444 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:115123 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:31679 The host is installed with OpenSSL 1.0.1 before 1.0.1q or 1.0.2 before 1.0.2e, Oracle MySQL 5.6.x through 5.6.28 or 5.7.x through 5.7.10 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle an RSA PSS ASN.1 signature that lack ... oval:org.secpod.oval:def:1501583 Several vulnerabilities were discovered in OpenSSL: CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ CVE-2016-2178 Cesar Pereida, Billy Brumley and ... oval:org.secpod.oval:def:1501581 Several vulnerabilities were discovered in OpenSSL: CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ CVE-2016-2178 Cesar Pereida, Billy Brumley and ... oval:org.secpod.oval:def:1800136 CVE-2017-3737: Read/write after SSL object in error state¶ OpenSSL 1.0.2 introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake thenOpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. Th ... oval:org.secpod.oval:def:1800659 CVE-2016-2177 CVE-2016-2178 oval:org.secpod.oval:def:36843 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a sweet32 birthday attack vulnerability. A flaw is present in Triple-DES, which fails to handle a crafted Javascript. Successful exploitation allows remote attackers to send enough traffic to cause a coll ... oval:org.secpod.oval:def:1600942 During key agreement in a TLS handshake using a DH based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This cou ... oval:org.secpod.oval:def:502273 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: bn_sqrx8x_internal carry bug on x86_64 * openssl: Read/write after SSL object in error state * openssl: ... oval:org.secpod.oval:def:203783 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked cou ... oval:org.secpod.oval:def:203782 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked cou ... oval:org.secpod.oval:def:1800720 CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read; If an X.509 certificate has a malformed IPAddressFamily extension,OpenSSL could do a one-byte buffer over read. The most likely result would be an erroneous display of the certificate in text format. Fixed In Version: openssl 1.0.2m ... oval:org.secpod.oval:def:113486 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1502170 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:113480 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1800554 CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read. If an X.509 certificate has a malformed IPAddressFamily extension,OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format. Fixed In Version: openssl 1.0.2m, ... oval:org.secpod.oval:def:501879 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiat ... |