USN-1029-1 -- openssl vulnerabilitiesID: oval:org.secpod.oval:def:700140 | Date: (C)2011-01-28 (M)2022-08-04 |
Class: PATCH | Family: unix |
It was discovered that an old bug workaround in the SSL/TLS server code allowed an attacker to modify the stored session cache ciphersuite. This could possibly allow an attacker to downgrade the ciphersuite to a weaker one on subsequent connections. It was discovered that an old bug workaround in the SSL/TLS server code allowed allowed an attacker to modify the stored session cache ciphersuite. An attacker could possibly take advantage of this to force the use of a disabled cipher. This vulnerability only affects the versions of OpenSSL in Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10
Platform: |
Ubuntu 8.04 |
Ubuntu 10.10 |
Ubuntu 10.04 |
Ubuntu 9.10 |
Ubuntu 6.06 |