Test Kennung:	1.3.6.1.4.1.25623.1.0.12110
Kategorie:	Denial of Service
Titel:	OpenSSL denial of service
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is using a version of OpenSSL which is older than 0.9.6m or 0.9.7d There are several bug in this version of OpenSSL which may allow an attacker to cause a denial of service against the remote host. *** Nessus solely relied on the banner of the remote host *** to issue this warning Solution : Upgrade to version 0.9.6m (0.9.7d) or newer Risk factor : High
Querverweis:	BugTraq ID: 9899 Common Vulnerability Exposure (CVE) ID: CVE-2004-0079 http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://www.securityfocus.com/bid/9899 Bugtraq: 20040317 New OpenSSL releases fix denial of service attacks [17 March 2004] (Google Search) http://marc.info/?l=bugtraq&m=107953412903636&w=2 Cert/CC Advisory: TA04-078A http://www.us-cert.gov/cas/techalerts/TA04-078A.html CERT/CC vulnerability note: VU#288574 http://www.kb.cert.org/vuls/id/288574 Computer Incident Advisory Center Bulletin: O-101 http://www.ciac.org/ciac/bulletins/o-101.shtml Cisco Security Advisory: 20040317 Cisco OpenSSL Implementation Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml Conectiva Linux advisory: CLA-2004:834 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 Debian Security Information: DSA-465 (Google Search) http://www.debian.org/security/2004/dsa-465 En Garde Linux Advisory: ESA-20040317-003 http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html http://fedoranews.org/updates/FEDORA-2004-095.shtml http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html FreeBSD Security Advisory: FreeBSD-SA-04:05 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc http://security.gentoo.org/glsa/glsa-200403-03.xml HPdes Security Advisory: SSRT4717 http://marc.info/?l=bugtraq&m=108403806509920&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:023 http://www.uniras.gov.uk/vuls/2004/224012/index.htm NETBSD Security Advisory: NetBSD-SA2004-005 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779 http://www.redhat.com/support/errata/RHSA-2004-120.html http://www.redhat.com/support/errata/RHSA-2004-121.html http://www.redhat.com/support/errata/RHSA-2004-139.html http://www.redhat.com/support/errata/RHSA-2005-829.html http://www.redhat.com/support/errata/RHSA-2005-830.html SCO Security Bulletin: SCOSA-2004.10 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt http://secunia.com/advisories/11139 http://secunia.com/advisories/17381 http://secunia.com/advisories/17398 http://secunia.com/advisories/17401 http://secunia.com/advisories/18247 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524 SuSE Security Announcement: SuSE-SA:2004:007 (Google Search) http://www.novell.com/linux/security/advisories/2004_07_openssl.html http://www.trustix.org/errata/2004/0012 XForce ISS Database: openssl-dochangecipherspec-dos(15505) https://exchange.xforce.ibmcloud.com/vulnerabilities/15505 Common Vulnerability Exposure (CVE) ID: CVE-2004-0081 Bugtraq: 20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004] (Google Search) http://marc.info/?l=bugtraq&m=107955049331965&w=2 Bugtraq: 20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108403850228012&w=2 CERT/CC vulnerability note: VU#465542 http://www.kb.cert.org/vuls/id/465542 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902 RedHat Security Advisories: RHSA-2004:119 http://rhn.redhat.com/errata/RHSA-2004-119.html SGI Security Advisory: 20040304-01-U ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc XForce ISS Database: openssl-tls-dos(15509) https://exchange.xforce.ibmcloud.com/vulnerabilities/15509 Common Vulnerability Exposure (CVE) ID: CVE-2004-0112 CERT/CC vulnerability note: VU#484726 http://www.kb.cert.org/vuls/id/484726 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580 XForce ISS Database: openssl-kerberos-ciphersuites-dos(15508) https://exchange.xforce.ibmcloud.com/vulnerabilities/15508
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.