Download
| Alert*
oval:org.secpod.oval:def:19875
OpenSSL 1.0.1 (32 bit) is installed oval:org.secpod.oval:def:19871 OpenSSL less than 1.0 (32 bit) is installed oval:org.secpod.oval:def:19873 OpenSSL 1.0.0 (32 bit) is installed oval:org.secpod.oval:def:20018 The host is installed with OpenSSL 0.9.8 and is prone to man-in-the-middle attack vulnerability. A flaw is present in Diffie-Hellman key-exchange implementation in OpenSSL, which does not properly validate a public parameter. Successful exploitation makes it easier for man-in-the-middle attackers to ... oval:org.secpod.oval:def:20027 The host is installed with OpenSSL 0.9.8h through 0.9.8j and is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle errors associated with malformed signed attributes. Successful exploitation could allow remote attackers to repudiate a signature t ... oval:org.secpod.oval:def:1225 The host is installed with OpenSSL and is prone to lattice calculation and timing attack vulnerability. A flaw is present in elliptic curve cryptography (ECC) subsystem, which fails to properly implement curves over binary fields. Successful exploitation allow context-dependent attackers to determin ... oval:org.secpod.oval:def:20025 The host is installed with OpenSSL before 0.9.8j and is prone to security bypass vulnerability. A flaw is present in the application, which does not prevent modification of the ciphersuite in the session cache. Successful exploitation could allow remote attackers to force the use of a disabled ciphe ... oval:org.secpod.oval:def:843 The host is installed with OpenSSL and is prone to remote code execution vulnerability. A flaw is present in Cryptographic Message Syntax (CMS) implementation, which fails to handle structures that contain OriginatorInfo element. Successful exploitation allows remote attackers to modify invalid memo ... oval:org.mitre.oval:def:12331 OpenSSL (32 bit) is installed oval:org.secpod.oval:def:849 The host is installed with OpenSSL and is prone to ciphersuite downgrade vulnerability. A flaw is present in the application, which fails prevent modification of the ciphersuite in the session cache when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled. Successful exploitation allow remote attacke ... oval:org.secpod.oval:def:550 The host is installed with OpenSSL and is prone to OCSP stapling vulnerability. A flaw is present in the application, which fails to correctly parse malformed ClientHello handshake messages. Successful exploitation could allow remote attackers to obtain contents of parsed OCSP (Online Certificate St ... oval:org.secpod.oval:def:48612 OpenSSL 1.1.1 (32 bit) is installed oval:org.secpod.oval:def:48611 The host is installed with OpenSSL 1.1.0 through 1.1.0i or 1.1.1 and is prone to a timing side channel attack vulnerability. A flaw is present in the ECDSA algorithm. On successful exploitation, an attacker could use variations in the signing algorithm to recover the private key. oval:org.secpod.oval:def:25121 The host is installed with OpenSSL 0.9.8za, 1.0.0 before 1.0.0m, or 1.0.1 before 1.0.1h and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unexpected application data. Successful exploitation allows remote attackers to crash the se ... oval:org.secpod.oval:def:20032 The host is installed with OpenSSL before 0.9.8h and is prone to an unspecified vulnerability. A flaw is present in the application, which uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:20017 The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to denial of service vulnerability. A flaw is present in GOST ENGINE in OpenSSL, which does not properly handle invalid parameters for the GOST block cipher. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:848 The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in the J-PAKE protocol, which fails to validate the public parameters. Successful exploitation allow remote attackers to bypass the authentication by sending crafted values in each round of the protoc ... oval:org.secpod.oval:def:847 The host is installed with OpenSSL or Adobe Flash media server before 3.5.6 or 4.x before 4.0.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle multi-threading and internal caching on a TLS server resulting in a race condition. Successful ex ... oval:org.secpod.oval:def:841 The host is installed with OpenSSL and is prone to Denial of service vulnerability. A flaw is present in kssl_keytab_is_available function in ssl/kssl.c, which fails to validate the return value from krb5_sname_to_principal() function causing NULL pointer dereference. Successful exploitation allow r ... oval:org.secpod.oval:def:20028 The host is installed with OpenSSL before 0.9.8k and is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle a malformed ASN.1 structure. Successful exploitation could allow remote attackers to cause a denial of service (invalid memory access and a ... oval:org.secpod.oval:def:1092 The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in J-PAKE, which fails to properly validate the public parameters in the J-PAKE protocol. Successful exploitation allow remote attackers to bypass the need for knowledge of the shared secret, and succ ... oval:org.secpod.oval:def:1093 The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in ciphersuite, which fails to properly prevent modification of the ciphersuite in the session cache. Successful exploitation allow remote attackers to downgrade to an unintended cipher via vectors in ... oval:org.secpod.oval:def:23950 OpenSSL 1.0.2 (32 bit) is installed oval:org.secpod.oval:def:77833 OpenSSL 3.0.x (32 bit) is installed oval:org.secpod.oval:def:25120 The host is installed with OpenSSL 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n or 1.0.2 before 1.0.2b and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle ECParameters structures in which the curve is over a malformed binary pol ... oval:org.secpod.oval:def:25116 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not reinitialize CHOICE and ADB data structures. Successful exploitation allows ... oval:org.secpod.oval:def:25117 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a double free or an application crash vulnerability. A flaw is present in the application, which fails to handle a NewSessionTicket during an attempt to reuse a ti ... oval:org.secpod.oval:def:31681 The host is installed with OpenSSL 1.0.2 before 1.0.2e and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:25321 The host is installed with OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, 1.0.2c or MySQL Server through 5.6.25 and is prone to a certification authority spoofing vulnerability. A flaw is present in the application, which does not properly process X.509 Basic Constraints cA values during identification of alternat ... oval:org.secpod.oval:def:31677 The host is installed with OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, or 1.0.2 before 1.0.2d and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted ServerKeyExchange message. Successful exploitation allows remote attac ... oval:org.secpod.oval:def:33161 The host is installed with OpenSSL 1.0.2, 1.0.1 before 1.0.1m, 1.0.0 before 1.0.0r or 0.9.8ze and earlier versions and is prone to a divide-and-conquer key recovery attack vulnerability. A flaw is present in the application, which fails to handle s2_srvr.c which do not enforce that clear-key-length ... oval:org.secpod.oval:def:33162 The host is installed with OpenSSL 1.0.2, 1.0.1 before 1.0.1m, 1.0.0 before 1.0.0r or 0.9.8ze and earlier versions and is prone to a DROWN attack vulnerability. A flaw is present in the application, which fails to handle s2_srvr.c overwriting the wrong bytes in the master-key when applying Bleichenb ... oval:org.secpod.oval:def:20026 The host is installed with OpenSSL before 0.9.8k and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. Successful exploitation could ... oval:org.secpod.oval:def:846 The host is installed with OpenSSL and is prone to remote code execution vulnerability. A flaw is present in ssl3_get_key_exchange function, which fails to correctly implement ECDH algorithm. Successful exploitation allow remote attackers to execute arbitrary code and cause denial of service via a ... oval:org.secpod.oval:def:20046 The host is installed with OpenSSL before 0.9.8m and is prone to unspecified vulnerability. A flaw is present in the application, which does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/ ... oval:org.secpod.oval:def:845 The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in EVP_PKEY_verify_recover function, which returns uninitialized buffer instead of an error code when the verification recovery process fails. Successful exploitation allow remote attackers to bypass ... oval:org.secpod.oval:def:842 The host is installed with OpenSSL and is prone to denial of service vulnerability. A flaw is present in ssl3_get_record function, which fails to handle malformed records in a TLS connections causing a NULL pointer dereference. Successful exploitation allow remote attackers to cause denial of servic ... oval:org.secpod.oval:def:844 The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in Cryptographic Message Syntax (CMS) implementation, which does not properly handle structures that contain OriginatorInfo. Successful exploitation allow remote attackers to bypass security restricti ... oval:org.secpod.oval:def:20023 The host is installed with OpenSSL 0.9.8i and earlier and is prone to signature verification vulnerability. A flaw is present in the application, which does not properly check the return value from the EVP_VerifyFinal function. Successful exploitation could allow remote attackers to bypass validatio ... oval:org.secpod.oval:def:20021 The host is installed with OpenSSL 0.9.8f or 0.9.8g and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dere ... oval:org.secpod.oval:def:17390 The host is installed with OpenSSL 1.0.1 before 1.0.1g and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle Heartbeart Extension packets. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:16607 The host is installed with OpenSSL 1.0.1 before 1.0.1f and is prone to denial of service vulnerability. The flaw is present in the ssl3_take_mac function in ssl/s3_both.c in OpenSSL, which fails to properly handle a crafted Next Protocol Negotiation record in a TLS handshake. Successful exploitation ... oval:org.secpod.oval:def:16823 The host is installed with OpenSSL 1.0.0 before 1.0.0l or 1.0.1 before 1.0.1f and is prone to denial of service vulnerability. The flaw is present in the DTLS retransmission implementation, which fails to handle the data structures for digest and encryption contexts. Successful exploitation could al ... oval:org.secpod.oval:def:16808 The host is installed with OpenSSL 1.0.1 before 1.0.1f and is prone to denial of service vulnerability. The flaw is present in the ssl_get_algorithm2 function in ssl/s3_lib.c, which fails to handle crafted traffic. Successful exploitation allows attackers to cause a denial of service (daemon crash). oval:org.secpod.oval:def:92943 The host is installed with OpenSSL 1.1.1 through 1.1.1v, 3.0.0 through 3.0.10 or 3.1.0 through 3.1.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in POLY1305 MAC (message authentication code). On successful exploitatio ... oval:org.secpod.oval:def:23962 The host is installed with OpenSSL 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly handle a ClientKeyExchange message with a length of zero when client authentication and an ephemeral Diffie-Hellman ciphersuite are ... oval:org.secpod.oval:def:23961 The host is installed with OpenSSL 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly handle an invalid signature_algorithms extension in the ClientHello message during a renegotiation. Successful exploitation allows r ... oval:org.secpod.oval:def:23960 The host is installed with OpenSSL 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly handle certain non-blocking I/O cases. Successful exploitation allows remote attacker to cause a denial of service (pointer corrupti ... oval:org.secpod.oval:def:23963 The host is installed with OpenSSL 1.0.2 before 1.0.2a and is prone to a security bypass vulnerability. A flaw is present in the application, which does not ensure that the PRNG is seeded before proceeding with a handshake. Successful exploitation allows remote attacker to defeat cryptographic prote ... oval:org.secpod.oval:def:23959 The host is installed with OpenSSL 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:23958 The host is installed with OpenSSL 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly isolate the state information of independent data streams. Successful exploitation allows remote attacker to cause a denial of servi ... oval:org.secpod.oval:def:20016 The host is installed with OpenSSL 0.9.8f or 0.9.8g and is prone to double free vulnerability. A flaw is present in the application, which fails to properly handle a malformed Client Hello packet. Successful exploitation could allow remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:51005 The host is installed with OpenSSL 1.1.0 through 1.1.0j or through 1.1.1b or Oracle VM VirtualBox 5.2.x before 5.2.32 or 6.0.10 and is prone to an information disclosure vulnerability. A flaw is present in the way the ChaCha20-Poly1305 cipher uses reused nonce values. On successful exploitation, an ... oval:org.secpod.oval:def:20038 The host is installed with OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i or 1.0.1 before 1.0.1a and is prone to buffer overflow vulnerability. A flaw is present in asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL, which does not properly interpret integer data. Successful exploitation al ... oval:org.secpod.oval:def:20039 The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to denial of service vulnerability. A flaw is present in the Server Gated Cryptography (SGC) implementation, which does not properly handle handshake restarts. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:20036 The host is installed with OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k or 1.0.1 before 1.0.1d and is prone to denial of service vulnerability. A flaw is in the application, which does not properly handle an invalid key. Successful exploitation allows remote OCSP servers to cause a denial of service. oval:org.secpod.oval:def:20037 The host is installed with OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j or 1.0.1 before 1.0.1c and is prone to buffer overflow vulnerability. A flaw is present in asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL, which does not properly interpret integer data. Successful exploitation al ... oval:org.secpod.oval:def:20045 The host is installed with OpenSSL 0.9.8 through 0.9.8r or 1.0.x before 1.0.0e and is prone to denial of service vulnerability. A flaw is present in ephemeral ECDH ciphersuite functionality, which does not ensure thread safety during processing of handshake messages from clients. Successful exploita ... oval:org.secpod.oval:def:20043 The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomo ... oval:org.secpod.oval:def:20044 The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to information disclosure vulnerability. A flaw is present in SSL 3.0 implementation in OpenSSL, which does not properly initialize data structures for block cipher padding. Successful exploitation might allow remote ... oval:org.secpod.oval:def:20041 The host is installed with OpenSSL 1.0.1 before 1.0.1d and is prone to a denial of service vulnerability. A flaw is present in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL, which does not properly handle a crafted CBC data. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:20042 The host is installed with OpenSSL before 0.9.8u or 1.x before 1.0.0h and is prone to a denial of service vulnerability. A flaw is present in the mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL, which does not properly handle a crafted S/MIME message. Successful exploitation allows remo ... oval:org.secpod.oval:def:20040 The host is installed with OpenSSL before 0.9.8u or 1.x before 1.0.0h and is prone to a security bypass vulnerability. A flaw is present in the Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL, which does not properly handle Million Message Attack (MMA) adaptive chosen ciphertext attack. Su ... oval:org.secpod.oval:def:20034 The host is installed with OpenSSL before 0.9.8s or 1.x before 1.0.0f and is prone to denial of service vulnerability. A flaw is present in DTLS implementation in OpenSSL, which performs a MAC check only if certain padding is valid. Successful exploitation makes it easier for remote attackers to rec ... oval:org.secpod.oval:def:20035 The host is installed with OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k or 1.0.1 before 1.0.1d and is prone to denial of service vulnerability. A flaw is in the application, which does not properly handle an invalid key. Successful exploitation allows remote OCSP servers to cause a denial of service. oval:org.secpod.oval:def:20033 The host is installed with OpenSSL before 0.9.8s and is prone to double free vulnerability. A flaw is present in the application, which fails when X509_V_FLAG_POLICY_CHECK is enabled. Successful exploitation allows remote attackers to have an unspecified impact by triggering failure of a policy chec ... oval:org.secpod.oval:def:20019 The host is installed with OpenSSL 0.9.8s or 1.0.0f and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly support DTLS applications. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:20024 The host is installed with OpenSSL 1.0.x before 1.0.0e and is prone to denial of service vulnerability. A flaw is present in the application, which does not initialize certain structure members. Successful exploitation makes it easier for remote attackers to bypass CRL validation by using a nextUpda ... oval:org.secpod.oval:def:20020 The host is installed with OpenSSL 0.9.8v and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted DER data. Successful exploitation allow remote attackers to conduct buffer overflow attacks, and cause a denial of service. oval:org.secpod.oval:def:20878 The host is installed with OpenSSL 1.0.1 before 1.0.1i and is prone to denial of service vulnerability. The flaw is present in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL, which fails to properly handle an invalid SRP (1) g, (2) A, or (3) B parameter. Successful exploitation allows rem ... oval:org.secpod.oval:def:20879 The host is installed with OpenSSL 1.0.1 before 1.0.1i and is prone to man-in-the-middle vulnerability. The flaw is present in ssl23_get_client_hello function in s23_srvr.c in OpenSSL, which fails to properly handle message fragmentation in communication between a client and server. Successful explo ... oval:org.secpod.oval:def:20877 The host is installed with OpenSSL 1.0.1 before 1.0.1i and is prone to denial of service vulnerability. The flaw is present in t1_lib.c in OpenSSL, which fails to properly handle a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the clie ... oval:org.secpod.oval:def:20881 The host is installed with OpenSSL before 0.9.8zb, 1.0.0 before 1.0.0n or 1.0.1 before 1.0.1i and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersu ... oval:org.secpod.oval:def:20882 The host is installed with OpenSSL before 0.9.8zb, 1.0.0 before 1.0.0n or 1.0.1 before 1.0.1i and is prone to information disclosure vulnerability. A flaw is present in the application, which does not ensure the presence of '\0' characters. Successful exploitation allows context-dependent attackers ... oval:org.secpod.oval:def:20880 The host is installed with OpenSSL 1.0.0 before 1.0.0n or 1.0.1 before 1.0.1i and is prone to denial of service vulnerability. The flaw is present in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL, which fails to handle race condition in the ssl_parse_serverhello_tlsext function. S ... oval:org.secpod.oval:def:19654 The host is installed with OpenSSL 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1h and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly manage a buffer pointer during certain recursive calls. Successful exploitation allows attackers to cause an ap ... oval:org.secpod.oval:def:19930 The host is installed with OpenSSL 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1h and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an SSL connection in a multithreaded environment. Successful exploitation allows remote attackers to i ... oval:org.secpod.oval:def:19652 The host is installed with OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1h and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle when an anonymous ECDH cipher suite is used. Successful exploitation allows attackers to cause an ... oval:org.secpod.oval:def:20060 The host is installed with OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1h and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle an invalid DTLS handshake. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21399 The host is installed with OpenSSL 1.0.1 before 1.0.1j, 1.0.0 before 1.0.0o or 0.9.8 before 0.9.8zc and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a SSL handshake request. Successful exploitation could allow attackers to mak ... oval:org.secpod.oval:def:21396 The host is installed with OpenSSL 1.0.1 before 1.0.1j and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted handshake message. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21397 The host is installed with OpenSSL 1.0.1 before 1.0.1j, 1.0.0 before 1.0.0o or 0.9.8 before 0.9.8zc and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a large number of invalid session tickets. Successful exploitation could allow a ... oval:org.secpod.oval:def:20061 The host is installed with OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1h and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long non-initial fragment. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:20062 The host is installed with OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1g and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a FLUSH+RELOAD cache side-channel attack. Successful exploitation could allow local users ... oval:org.secpod.oval:def:20885 The host is installed with OpenSSL before 0.9.8zb, 1.0.0 before 1.0.0n or 1.0.1 before 1.0.1i and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted DTLS packets that trigger an error condition. Successful exploitation allows rem ... oval:org.secpod.oval:def:20883 The host is installed with OpenSSL before 0.9.8zb, 1.0.0 before 1.0.0n or 1.0.1 before 1.0.1i and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle zero-length DTLS fragments that trigger improper handling of the return value of a certa ... oval:org.secpod.oval:def:20884 The host is installed with OpenSSL before 0.9.8zb, 1.0.0 before 1.0.0n or 1.0.1 before 1.0.1i and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted DTLS handshake messages that trigger memory allocations corresponding to large l ... oval:org.secpod.oval:def:25118 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a NULL pointer dereference and application crash crash vulnerability. A flaw is present in the application, which fails to handle a PKCS#7 blob. Successful exploit ... oval:org.secpod.oval:def:25119 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a out-of-bounds read and application crash crash vulnerability. A flaw is present in the application, which fails to handle a crafted length field in ASN1_TIME dat ... oval:org.secpod.oval:def:23957 The host is installed with OpenSSL 0.9.8 before 0.9.8za, 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1h and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly handle a crafted base64 data that triggers a buffer overflow. Successful exploitation a ... oval:org.secpod.oval:def:37187 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a denial of service vulnerability. A flaw is present in BN_bn2dec function, which fails to properly validate division results. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:37186 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a denial of service vulnerability. A flaw is present in Anti-Replay feature in the DTLS implementation, which mishandles early use of a new epoch number in conjunction with a large sequence number. Succes ... oval:org.secpod.oval:def:37185 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a denial of service vulnerability. A flaw is present in DTLS implementation, which fails to properly restrict the lifetime of queue entries associated with unused out-of-order messages. Successful exploit ... oval:org.secpod.oval:def:36412 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a denial of service vulnerability. A flaw is present in the application, which mishandles a crafted time-stamp file through "openssl ts" command. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:37189 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to an integer overflow vulnerability. A flaw is present in MDC2_Update function, which fails through unknown vectors. Successful exploitation allows remote attackers to cause a denial of service (out-of-boun ... oval:org.secpod.oval:def:37188 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a denial of service vulnerability. A flaw is present in tls_decrypt_ticket function, which fails to consider the HMAC size during validation of the ticket length. Successful exploitation allows remote att ... oval:org.secpod.oval:def:43140 The host is installed with OpenSSL version 1.0.2b to 1.0.2m or Oracle MySQL Server through 5.6.38 or through 5.7.20 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle exceptional conditions. Successful exploitation allows remote atta ... oval:org.secpod.oval:def:58642 The host is installed with OpenSSL 1.1.0 through 1.1.0k, 1.0.2 through 1.0.2s or 1.1.1 through 1.1.1c and is prone to a padding Oracle attack vulnerability. A flaw is present in the application which fails to handle the public RSA key. Successful exploitation allows an attacker to recover a CMS/PKCS ... oval:org.secpod.oval:def:58643 The host is installed with OpenSSL 1.1.1 through 1.1.1c and is prone to a fork protection vulnerability. A flaw is present in the application which fails to handle the issue in random number generator (RNG). Successful exploitation allows an attacker to make the parent and child processes share the ... oval:org.secpod.oval:def:44771 The host is installed with OpenSSL 1.1.0 before 1.1.0h or OpenSSL 1.0.2b before 1.0.2n or MySQL Server prior to 5.6.40, 5.7.22 or 8.0.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle malicious input to a stack. Successful expl ... oval:org.secpod.oval:def:50989 The host is installed with OpenSSL 1.0.2 through 1.0.2q or Oracle MySQL Server through 5.6.43, 5.7.25 or 8.0.15 and is prone to a padding oracle attack vulnerability. The vulnerability is present in the SSL_shutdown() method used in conjunction with non-stitched ciphersuites. On successful exploitat ... oval:org.secpod.oval:def:58644 The host is installed with OpenSSL 1.1.0 through 1.1.0k, 1.0.2 through 1.0.2s or 1.1.1 through 1.1.1c, Oracle VM VirtualBox before 5.2.34, prior to 6.0.14 or Oracle MySQL Server through 5.6.46, 5.7.26 or 8.0.18and is prone to a ECDSA remote timing attack vulnerability. A flaw is present in the appli ... oval:org.secpod.oval:def:67778 The host is installed with Microsoft Visual Studio, OpenSSL 1.0.2 through 1.0.2w, 1.1.1 through 1.1.1h or Oracle MySQL Server through 5.7.32 or 8.0.22 and is prone to a NULL pointer de-reference vulnerability. A flaw is present in the application, which fails to handle an issue in the GENERAL_NAME_c ... oval:org.secpod.oval:def:96984 OpenSSL 3.2.x (32 bit) is installed oval:org.secpod.oval:def:70494 The host is installed with racle MySQL Server through 5.7.33 or 8.0.23 or OpenSSL 1.1.1 through 1.1.1j and is prone to a NULL pointer dereference vulnerability. A flaw is present in the application which fails to handle a maliciously crafted renegotiation ClientHello message from a client. Successfu ... oval:org.secpod.oval:def:70495 The host is installed with OpenSSL 1.1.1h through 1.1.1j and is prone to a security bypass vulnerability. A flaw is present in the application which fails to properly handle the check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters. Successful exploitatio ... oval:org.secpod.oval:def:33155 The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle the SSLv2 protocol which sends ServerVerify message before establishing that a client possesses certain ... oval:org.secpod.oval:def:33158 The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g and is prone to a null pointer deref/heap corruption vulnerability. A flaw is present in the application, which fails to handle user developed applications generated config file data. Successful exploitation leads to NULL ... oval:org.secpod.oval:def:33157 The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g and is prone to a memory leak vulnerability. A flaw is present in the application, which fails to handle the returned pointer which was sometimes newly allocated and sometimes owned by the callee. Successful exploitation a ... oval:org.secpod.oval:def:31678 The host is installed with OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, 1.0.2 before 1.0.2e, VM VirtualBox 4.3.x before 4.3.36 or 5.0.x before 5.0.14 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle err ... oval:org.secpod.oval:def:33160 The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g and is prone to a side-channel attack vulnerability. A flaw is present in the application, which fails to handle use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. Successful exploitation allows remot ... oval:org.secpod.oval:def:45288 The host is installed with OpenSSL 1.1.0 through 1.1.0h or OpenSSL 1.0.2b through 1.0.2n and is prone to a cache timing side channel attack vulnerability. A flaw is present in the application, which fails to properly handle malicious input to a stack. Successful exploitation can allow attackers to c ... oval:org.secpod.oval:def:38963 The host is installed with OpenSSL 1.1.0 before 1.1.0d or 1.0.2 before 1.0.2k and is prone to an unspecified vulnerability. A flaw is present in the application, which fails through unknown vectors. Successful exploitation allows remote attackers to cause unknown impact. oval:org.secpod.oval:def:38965 The host is installed with OpenSSL 1.1.0 before 1.1.0d or 1.0.2 before 1.0.2k or MySQL Server through 5.6.35 or 5.7.18 is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails through unknown vectors. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:49221 The host is installed with OpenSSL 1.1.0 through 1.1.0i, 1.0.2 through 1.0.2p or 1.1.1 and is prone to a timing side channel attack vulnerability. A flaw is present in the DSA algorithm. On successful exploitation, an attacker could use variations in the signing algorithm to recover the private key. oval:org.secpod.oval:def:38025 The host is installed with OpenSSL 1.1.0 before 1.1.0c and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle specially crafted input. Successful exploitation allows remote attackers to cause transient authentication and key negotiation fai ... oval:org.secpod.oval:def:51450 The host is installed with OpenSSL 1.1.0 through 1.1.0h or OpenSSL 1.0.2 through 1.0.2p and is prone to a microarchitecture timing side channel attack vulnerability. A flaw is present in the application, which fails to properly handle an issue in ECDSA signature generation. Successful exploitation c ... oval:org.secpod.oval:def:35814 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly use pointer arithmetic for heap-buffer boundary checks. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:47517 The host is installed with OpenSSL 1.0.1 through 1.0.1u is prone to a timing attack vulnerability. A flaw is present in the modular inversion code path of P-256 elliptic curve. Successful exploitation allows a malicious user with local access to recover ECDSA P-256 private keys. oval:org.secpod.oval:def:20047 The host is installed with OpenSSL 0.9.8l and earlier and is prone to memory leak vulnerability. A flaw is present in crypto/comp/c_zlib.c, which fails to properly handle vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the ... oval:org.secpod.oval:def:20031 The host is installed with OpenSSL 0.9.8i and is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle a DTLS ChangeCipherSpec packet that occurs before ClientHello. Successful exploitation could allow remote attackers to cause a denial of service ( ... oval:org.secpod.oval:def:20029 The host is installed with OpenSSL 0.9.8k or earlier is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug. Successful exploitation ... oval:org.secpod.oval:def:20030 The host is installed with OpenSSL 0.9.8k or earlier is prone to unspecified vulnerability. A flaw is present in the application, which does not properly handle DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling m ... oval:org.secpod.oval:def:33156 The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g, Oracle MySQL 5.6.x through 5.6.29 or 5.7.x through 5.7.11 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle malformed DSA private key. Successful exploitatio ... oval:org.secpod.oval:def:34271 The host is installed with OpenSSL 1.0.1 before 1.0.1t or 1.0.2 before 1.0.2h or Oracle MySQL 5.6.x through 5.6.30 or 5.7.x through 5.7.12 and is prone to a heap overflow vulnerability. A flaw is present in the application, which fails to handle very large amounts of input data. Successful exploitat ... oval:org.secpod.oval:def:34272 The host is installed with OpenSSL 1.0.1 before 1.0.1t or 1.0.2 before 1.0.2h and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows MITM attackers to use a padding oracle attack to decrypt ... oval:org.secpod.oval:def:33182 The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to verify successful allocation of certain memory. Successful exploitation allows remote attackers to cause a denial of s ... oval:org.secpod.oval:def:34270 The host is installed with OpenSSL 1.0.1 before 1.0.1t or 1.0.2 before 1.0.2h and is prone to a heap overflow vulnerability. A flaw is present in the application, which fails to handle very large amounts of input data. Successful exploitation allows remote attackers to supply very large amounts of i ... oval:org.secpod.oval:def:34273 The host is installed with OpenSSL 1.0.1 before 1.0.1o or 1.0.2 before 1.0.2c and is prone to a memory corruption vulnerability. A flaw is present in the ASN.1 parser, which does not normally create "negative zeroes". Successful exploitation allows remote attackers to can cause a buffer underflow wi ... oval:org.secpod.oval:def:34269 The host is installed with OpenSSL 1.0.1 before 1.0.1t or 1.0.2 before 1.0.2h and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted ASN.1 data. Successful exploitation allows remote attackers to cause allocation of large amounts of mem ... oval:org.secpod.oval:def:33159 The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g and is prone to a data overflow vulnerability. A flaw is present in the application, which fails to handle both |fmtstr| function and |doapr_outch| function which attempts to write to an OOB memory location. Successful exp ... oval:org.secpod.oval:def:23956 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly handle a crafted CLIENT-MASTER-KEY message. Successful exploitatio ... oval:org.secpod.oval:def:23955 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly handle a lack of outer ContentInfo. Successful exploitation allows ... oval:org.secpod.oval:def:23954 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle an invalid certificate key. Successful exploitation allows remote at ... oval:org.secpod.oval:def:23953 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not reinitialize CHOICE and ADB data structures. Successful exploitation allows ... oval:org.secpod.oval:def:23952 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly perform boolean-type comparisons. Successful exploitation allows r ... oval:org.secpod.oval:def:23949 The host is installed with OpenSSL 0.9.8 before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m or 1.0.2 before 1.0.2a and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a malformed Elliptic Curve (EC) private-key file during import. Succes ... oval:org.secpod.oval:def:20022 The host is installed with OpenSSL 0.9.8f through 0.9.8h and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression ... oval:org.secpod.oval:def:94348 The host is installed with OpenSSL 1.0.2 before 1.0.2zj, 1.1.1 before 1.1.1x, 3.0.0 before 3.0.13 or 3.1.0 before 3.1.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the functions DH_generate_key(), DH_check_pub_key(), DH_chec ... oval:org.secpod.oval:def:97278 The host is installed with OpenSSL 1.0.2 before 1.0.2zj, 1.1.1 before 1.1.1x, 3.0.0 before 3.0.13, 3.1.0 before 3.1.5 or 3.2.0 before 3.2.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle maliciously formatted PKCS12. Successful ... oval:org.secpod.oval:def:21398 The host is installed with OpenSSL 1.0.1 before 1.0.1j, 1.0.0 before 1.0.0o or 0.9.8 before 0.9.8zc or Oracle Java SE 5.0u75 and earlier, 6u85 and earlier, 7u72 and earlier or 8u25 and earlier and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the applications, which fail ... oval:org.secpod.oval:def:78324 The host is installed with OpenSSL 1.0.2 through 1.0.2zc, 1.1.1 through 1.1.1m or 3.0.0 through 3.0.1 and is prone to an infinite loop vulnerability. A flaw is present in the BN_mod_sqrt() function, which computes a modular square root. Successful exploitation could allow attackers to trigger the in ... oval:org.secpod.oval:def:19653 The host is installed with OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m or 1.0.1 before 1.0.1h or Oracle Virtualization VirtualBox prior to 3.2.24, 4.0.x before 4.0.26, 4.1.x before 4.1.34, 4.2.x before 4.2.26 or 4.3.x before 4.3.14 and is prone to information disclosure vulnerability. A flaw is pres ... oval:org.secpod.oval:def:35813 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly ensure the use of constant-time operations. Successful exploitation allows local users to easily discover a D ... oval:org.secpod.oval:def:37398 The host is installed with OpenSSL 1.0.2i and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle CRLs. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) ... oval:org.secpod.oval:def:46150 The host is installed with OpenSSL 1.1.0 through 1.1.0h or OpenSSL 1.0.2 through 1.0.2o or Oracle VM VirtualBox before 5.2.20 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a key agreement issue in a TLS handshake using a DH(E) ... oval:org.secpod.oval:def:31680 The host is installed with OpenSSL 1.0.2 before 1.0.2e and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite. Successful exploi ... oval:org.secpod.oval:def:31679 The host is installed with OpenSSL 1.0.1 before 1.0.1q or 1.0.2 before 1.0.2e, Oracle MySQL 5.6.x through 5.6.28 or 5.7.x through 5.7.10 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle an RSA PSS ASN.1 signature that lack ... oval:org.secpod.oval:def:36843 The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a sweet32 birthday attack vulnerability. A flaw is present in Triple-DES, which fails to handle a crafted Javascript. Successful exploitation allows remote attackers to send enough traffic to cause a coll ... oval:org.secpod.oval:def:10000532 The host is installed with 1.1.1 before 1.1.1y, 3.0.0 before 3.0.14, 3.1.0 before 3.1.6, 3.2.0 before 3.2.2 or 3.3.0 before 3.3.1 and is prone to a use aftre free vulnerability. A flaw is present in the application, which fails to properly handle issues in SSL_free_buffers function. Successful explo ... oval:org.secpod.oval:def:10000530 OpenSSL 3.3.x (32 bit) is installed oval:org.secpod.oval:def:55066 The host is installed with Apache HTTP Server version 2.4.37 with OpenSSL version 1.1.1 or later and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the client negotiations by mod_ssl. Successful exploitation could allow attackers t ... |