English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.122445
Kategorie:Oracle Linux Local Security Checks
Titel:Oracle: Security Advisory (ELSA-2009-1335)
Zusammenfassung:The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2009-1335 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2009-1335 advisory.

Vulnerability Insight:
[0.9.8e-12]
- abort if selftests failed and random number generator is polled
- mention EVP_aes and EVP_sha2xx routines in the manpages
- add README.FIPS

[0.9.8e-10]
- fix CVE-2009-1386 CVE-2009-1387 (DTLS DoS problems)
(#503685, #503688)

[0.9.8e-9]
- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379
(DTLS DoS problems) (#501253, #501254, #501572)

[0.9.8e-8]
- support multiple CRLs with same subject in a store (#457134)
- fix CVE-2009-0590 - reject incorrectly encoded ASN.1 strings (#492304)
- seed FIPS rng directly from kernel random device
- do not require fipscheck to build the package (#475798)
- call pairwise key tests in FIPS mode only (#479817)
- do not crash when parsing bad mime data (#472440)

Affected Software/OS:
'openssl' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-7250
BugTraq ID: 52181
http://www.securityfocus.com/bid/52181
HPdes Security Advisory: HPSBUX02782
http://marc.info/?l=bugtraq&m=133728068926468&w=2
HPdes Security Advisory: SSRT100844
http://marc.info/?l=openssl-dev&m=115685408414194&w=2
http://www.mail-archive.com/openssl-dev@openssl.org/msg30305.html
http://www.openwall.com/lists/oss-security/2012/02/27/10
http://www.openwall.com/lists/oss-security/2012/02/28/14
http://www.redhat.com/support/errata/RHSA-2009-1335.html
http://secunia.com/advisories/36533
http://secunia.com/advisories/48153
http://secunia.com/advisories/48516
http://secunia.com/advisories/48899
http://www.ubuntu.com/usn/USN-1424-1
Common Vulnerability Exposure (CVE) ID: CVE-2009-0590
1021905
http://securitytracker.com/id?1021905
20090403 rPSA-2009-0057-1 m2crypto openssl openssl-scripts
http://www.securityfocus.com/archive/1/502429/100/0/threaded
20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console
http://www.securityfocus.com/archive/1/515055/100/0/threaded
258048
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258048-1
34256
http://www.securityfocus.com/bid/34256
34411
http://secunia.com/advisories/34411
34460
http://secunia.com/advisories/34460
34509
http://secunia.com/advisories/34509
34561
http://secunia.com/advisories/34561
34666
http://secunia.com/advisories/34666
34896
http://secunia.com/advisories/34896
34960
http://secunia.com/advisories/34960
35065
http://secunia.com/advisories/35065
35181
http://secunia.com/advisories/35181
35380
http://secunia.com/advisories/35380
35729
http://secunia.com/advisories/35729
36533
36701
http://secunia.com/advisories/36701
38794
http://secunia.com/advisories/38794
38834
http://secunia.com/advisories/38834
42467
http://secunia.com/advisories/42467
42724
http://secunia.com/advisories/42724
42733
http://secunia.com/advisories/42733
52864
http://www.osvdb.org/52864
ADV-2009-0850
http://www.vupen.com/english/advisories/2009/0850
ADV-2009-1020
http://www.vupen.com/english/advisories/2009/1020
ADV-2009-1175
http://www.vupen.com/english/advisories/2009/1175
ADV-2009-1220
http://www.vupen.com/english/advisories/2009/1220
ADV-2009-1548
http://www.vupen.com/english/advisories/2009/1548
ADV-2010-0528
http://www.vupen.com/english/advisories/2010/0528
ADV-2010-3126
http://www.vupen.com/english/advisories/2010/3126
APPLE-SA-2009-09-10-2
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
DSA-1763
http://www.debian.org/security/2009/dsa-1763
FreeBSD-SA-09:08
http://security.FreeBSD.org/advisories/FreeBSD-SA-09:08.openssl.asc
HPSBMA02447
http://marc.info/?l=bugtraq&m=125017764422557&w=2
HPSBOV02540
http://marc.info/?l=bugtraq&m=127678688104458&w=2
HPSBUX02435
http://marc.info/?l=bugtraq&m=124464882609472&w=2
MDVSA-2009:087
http://www.mandriva.com/security/advisories?name=MDVSA-2009:087
NetBSD-SA2009-008
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.asc
RHSA-2009:1335
SSRT090059
SSRT090062
SUSE-SR:2009:010
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
SUSE-SU-2011:0847
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
USN-750-1
http://www.ubuntu.com/usn/usn-750-1
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
http://sourceforge.net/project/shownotes.php?release_id=671059&group_id=116847
http://support.apple.com/kb/HT3865
http://support.avaya.com/elmodocs2/security/ASA-2009-172.htm
http://voodoo-circle.sourceforge.net/sa/sa-20090326-01.html
http://wiki.rpath.com/Advisories:rPSA-2009-0057
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0057
http://www.openssl.org/news/secadv_20090325.txt
http://www.php.net/archive/2009.php#id2009-04-08-1
http://www.vmware.com/security/advisories/VMSA-2010-0019.html
https://kb.bluecoat.com/index?page=content&id=SA50
openSUSE-SU-2011:0845
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
openssl-asn1-stringprintex-dos(49431)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49431
oval:org.mitre.oval:def:10198
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10198
oval:org.mitre.oval:def:6996
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6996
Common Vulnerability Exposure (CVE) ID: CVE-2009-1377
1022241
http://www.securitytracker.com/id?1022241
35001
http://www.securityfocus.com/bid/35001
35128
http://secunia.com/advisories/35128
35416
http://secunia.com/advisories/35416
35461
http://secunia.com/advisories/35461
35571
http://secunia.com/advisories/35571
37003
http://secunia.com/advisories/37003
38761
http://secunia.com/advisories/38761
ADV-2009-1377
http://www.vupen.com/english/advisories/2009/1377
GLSA-200912-01
http://security.gentoo.org/glsa/glsa-200912-01.xml
HPSBMA02492
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444
MDVSA-2009:120
http://www.mandriva.com/security/advisories?name=MDVSA-2009:120
NetBSD-SA2009-009
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc
SSA:2010-060-02
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049
SSRT100079
SUSE-SR:2009:011
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
USN-792-1
http://www.ubuntu.com/usn/USN-792-1
[openssl-dev] 20090516 [openssl.org #1930] [PATCH] DTLS record buffer limitation bug
http://marc.info/?l=openssl-dev&m=124247675613888&w=2
[oss-security] 20090518 Two OpenSSL DTLS remote DoS
http://www.openwall.com/lists/oss-security/2009/05/18/1
http://cvs.openssl.org/chngview?cn=18187
http://rt.openssl.org/Ticket/Display.html?id=1930&user=guest&pass=guest
http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net
http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html
https://launchpad.net/bugs/cve/2009-1377
oval:org.mitre.oval:def:6683
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6683
oval:org.mitre.oval:def:9663
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9663
Common Vulnerability Exposure (CVE) ID: CVE-2009-1378
8720
https://www.exploit-db.com/exploits/8720
[openssl-dev] 20090516 [openssl.org #1931] [PATCH] DTLS fragment handling memory leak
http://marc.info/?l=openssl-dev&m=124247679213944&w=2
[openssl-dev] 20090518 Re: [openssl.org #1931] [PATCH] DTLS fragment handling memory leak
http://marc.info/?l=openssl-dev&m=124263491424212&w=2
http://cvs.openssl.org/chngview?cn=18188
http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest
https://launchpad.net/bugs/cve/2009-1378
oval:org.mitre.oval:def:11309
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309
oval:org.mitre.oval:def:7229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7229
Common Vulnerability Exposure (CVE) ID: CVE-2009-1379
35138
http://www.securityfocus.com/bid/35138
[oss-security] 20090518 Re: Two OpenSSL DTLS remote DoS
http://www.openwall.com/lists/oss-security/2009/05/18/4
http://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guest
https://launchpad.net/bugs/cve/2009-1379
openssl-dtls1retrievebufferedfragment-dos(50661)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50661
oval:org.mitre.oval:def:6848
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6848
oval:org.mitre.oval:def:9744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9744
Common Vulnerability Exposure (CVE) ID: CVE-2009-1386
35174
http://www.securityfocus.com/bid/35174
35685
http://secunia.com/advisories/35685
8873
https://www.exploit-db.com/exploits/8873
SUSE-SR:2009:012
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
[oss-security] 20090602 Re: Two OpenSSL DTLS remote DoS
http://www.openwall.com/lists/oss-security/2009/06/02/1
http://cvs.openssl.org/chngview?cn=17369
http://rt.openssl.org/Ticket/Display.html?id=1679&user=guest&pass=guest
openssl-changecipherspec-dos(50963)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50963
oval:org.mitre.oval:def:11179
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11179
oval:org.mitre.oval:def:7469
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7469
Common Vulnerability Exposure (CVE) ID: CVE-2009-1387
HPdes Security Advisory: HPSBMA02492
HPdes Security Advisory: SSRT100079
NETBSD Security Advisory: NetBSD-SA2009-009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10740
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7592
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
CopyrightCopyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.