[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2015:2616-01 -- Redhat openssl

ID: oval:org.secpod.oval:def:501727Date: (C)2015-12-23   (M)2017-10-26
Class: PATCHFamily: unix




OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Platform:
Red Hat Enterprise Linux 5
Product:
openssl
Reference:
RHSA-2015:2616-01
CVE-2015-3195
CVE    1
CVE-2015-3195
CPE    47
cpe:/a:openssl:openssl:1.0.0n
cpe:/a:openssl:openssl:1.0.0m
cpe:/a:openssl:openssl:1.0.0p
cpe:/a:openssl:openssl:1.0.0o
...

© 2013 SecPod Technologies