Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.11875
Kategorie:Gain a shell remotely
Titel:OpenSSL overflow via invalid certificate passing
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host seem to be running a version of OpenSSL which is older than 0.9.6k or 0.9.7c.

There is a heap corruption bug in this version which might be exploited by an
attacker to gain a shell on this host.

Solution : If you are running OpenSSL, Upgrade to version 0.9.6k or 0.9.7c or newer
Risk factor : High

Querverweis: BugTraq ID: 8732
Common Vulnerability Exposure (CVE) ID: CVE-2003-0543
http://www.securityfocus.com/bid/8732
http://www.cert.org/advisories/CA-2003-26.html
CERT/CC vulnerability note: VU#255484
http://www.kb.cert.org/vuls/id/255484
Debian Security Information: DSA-393 (Google Search)
http://www.debian.org/security/2003/dsa-393
Debian Security Information: DSA-394 (Google Search)
http://www.debian.org/security/2003/dsa-394
En Garde Linux Advisory: ESA-20030930-027
http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html
http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4254
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5292
http://www.redhat.com/support/errata/RHSA-2003-291.html
http://www.redhat.com/support/errata/RHSA-2003-292.html
http://secunia.com/advisories/22249
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1
http://www.vupen.com/english/advisories/2006/3900
Common Vulnerability Exposure (CVE) ID: CVE-2003-0544
CERT/CC vulnerability note: VU#380864
http://www.kb.cert.org/vuls/id/380864
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4574
XForce ISS Database: openssl-asn1-sslclient-dos(43041)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43041
Common Vulnerability Exposure (CVE) ID: CVE-2003-0545
CERT/CC vulnerability note: VU#935264
http://www.kb.cert.org/vuls/id/935264
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2590
CopyrightThis script is Copyright (C) 2003 Tenable Network Security

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.