English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.122652
Kategorie:Oracle Linux Local Security Checks
Titel:Oracle: Security Advisory (ELSA-2007-0964)
Zusammenfassung:The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2007-0964 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2007-0964 advisory.

Vulnerability Insight:
[0.9.8b-8.3.2]
- more DTLS fixes (#321211)

[0.9.8b-8.3.1]
- fix CVE-2007-3108 - side channel attack on private keys (#322891)
- fix CVE-2007-5135 - off-by-one in SSL_get_shared_ciphers (#309871)
- fix CVE-2007-4995 - out of order DTLS fragments buffer overflow (#321211)

Affected Software/OS:
'openssl' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-3108
20070813 FLEA-2007-0043-1 openssl
http://www.securityfocus.com/archive/1/476341/100/0/threaded
20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://www.securityfocus.com/archive/1/485936/100/0/threaded
20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://www.securityfocus.com/archive/1/486859/100/0/threaded
25163
http://www.securityfocus.com/bid/25163
26411
http://secunia.com/advisories/26411
26893
http://secunia.com/advisories/26893
27021
http://secunia.com/advisories/27021
27078
http://secunia.com/advisories/27078
27097
http://secunia.com/advisories/27097
27205
http://secunia.com/advisories/27205
27330
http://secunia.com/advisories/27330
27770
http://secunia.com/advisories/27770
27870
http://secunia.com/advisories/27870
28368
http://secunia.com/advisories/28368
30161
http://secunia.com/advisories/30161
30220
http://secunia.com/advisories/30220
31467
http://secunia.com/advisories/31467
31489
http://secunia.com/advisories/31489
31531
http://secunia.com/advisories/31531
ADV-2007-2759
http://www.vupen.com/english/advisories/2007/2759
ADV-2007-4010
http://www.vupen.com/english/advisories/2007/4010
ADV-2008-0064
http://www.vupen.com/english/advisories/2008/0064
ADV-2008-2361
http://www.vupen.com/english/advisories/2008/2361
ADV-2008-2362
http://www.vupen.com/english/advisories/2008/2362
ADV-2008-2396
http://www.vupen.com/english/advisories/2008/2396
DSA-1571
http://www.debian.org/security/2008/dsa-1571
GLSA-200710-06
http://security.gentoo.org/glsa/glsa-200710-06.xml
GLSA-200805-07
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
MDKSA-2007:193
http://www.mandriva.com/security/advisories?name=MDKSA-2007:193
RHSA-2007:0813
http://www.redhat.com/support/errata/RHSA-2007-0813.html
RHSA-2007:0964
http://www.redhat.com/support/errata/RHSA-2007-0964.html
RHSA-2007:1003
http://www.redhat.com/support/errata/RHSA-2007-1003.html
USN-522-1
https://usn.ubuntu.com/522-1/
VU#724968
http://www.kb.cert.org/vuls/id/724968
[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
http://lists.vmware.com/pipermail/security-announce/2008/000002.html
http://cvs.openssl.org/chngview?cn=16275
http://openssl.org/news/patch-CVE-2007-3108.txt
http://support.attachmate.com/techdocs/2374.html
http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm
http://www.bluecoat.com/support/securityadvisories/advisory_openssl_rsa_key_reconstruction_vulnerability
http://www.kb.cert.org/vuls/id/RGII-74KLP3
http://www.vmware.com/security/advisories/VMSA-2008-0001.html
http://www.vmware.com/security/advisories/VMSA-2008-0013.html
https://issues.rpath.com/browse/RPL-1613
https://issues.rpath.com/browse/RPL-1633
oval:org.mitre.oval:def:9984
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9984
Common Vulnerability Exposure (CVE) ID: CVE-2007-4995
1018810
http://securitytracker.com/id?1018810
20071012 OpenSSL Security Advisory
http://www.securityfocus.com/archive/1/482167/100/0/threaded
25878
http://secunia.com/advisories/25878
26055
http://www.securityfocus.com/bid/26055
27217
http://secunia.com/advisories/27217
27271
http://secunia.com/advisories/27271
27363
http://secunia.com/advisories/27363
27434
http://secunia.com/advisories/27434
27933
http://secunia.com/advisories/27933
28084
http://secunia.com/advisories/28084
30852
http://secunia.com/advisories/30852
ADV-2007-3487
http://www.vupen.com/english/advisories/2007/3487
ADV-2007-4219
http://www.vupen.com/english/advisories/2007/4219
ADV-2008-1937
http://www.vupen.com/english/advisories/2008/1937/references
FEDORA-2007-725
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html
GLSA-200710-30
http://security.gentoo.org/glsa/glsa-200710-30.xml
HPSBUX02296
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01299773
MDKSA-2007:237
http://www.mandriva.com/security/advisories?name=MDKSA-2007:237
SSRT071504
SUSE-SR:2007:021
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
USN-534-1
https://usn.ubuntu.com/534-1/
http://bugs.gentoo.org/show_bug.cgi?id=195634
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=738962
http://www.openssl.org/news/secadv_20071012.txt
openssl-dtls-code-execution(37185)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37185
oval:org.mitre.oval:def:10288
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10288
Common Vulnerability Exposure (CVE) ID: CVE-2007-5135
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
BugTraq ID: 25831
http://www.securityfocus.com/bid/25831
Bugtraq: 20070927 OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow (Google Search)
http://www.securityfocus.com/archive/1/480855/100/0/threaded
Bugtraq: 20071004 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow (Google Search)
http://www.securityfocus.com/archive/1/481217/100/0/threaded
Bugtraq: 20071003 FLEA-2007-0058-1 openssl openssl-scripts (Google Search)
http://www.securityfocus.com/archive/1/481488/100/0/threaded
http://www.securityfocus.com/archive/1/481506/100/0/threaded
Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search)
Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search)
Debian Security Information: DSA-1379 (Google Search)
http://www.debian.org/security/2007/dsa-1379
FreeBSD Security Advisory: FreeBSD-SA-07:08
http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc
HPdes Security Advisory: HPSBUX02292
http://www.securityfocus.com/archive/1/484353/100/0/threaded
HPdes Security Advisory: SSRT071499
https://bugs.gentoo.org/show_bug.cgi?id=194039
NETBSD Security Advisory: NetBSD-SA2008-007
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
OpenBSD Security Advisory: [4.0] 017: SECURITY FIX: October 10, 2007
http://www.openbsd.org/errata40.html
OpenBSD Security Advisory: [4.1] 011: SECURITY FIX: October 10, 2007
http://www.openbsd.org/errata41.html
OpenBSD Security Advisory: [4.2] 002: SECURITY FIX: October 10, 2007
http://www.openbsd.org/errata42.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10904
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5337
http://www.securitytracker.com/id?1018755
http://secunia.com/advisories/22130
http://secunia.com/advisories/27012
http://secunia.com/advisories/27031
http://secunia.com/advisories/27051
http://secunia.com/advisories/27186
http://secunia.com/advisories/27229
http://secunia.com/advisories/27394
http://secunia.com/advisories/27851
http://secunia.com/advisories/27961
http://secunia.com/advisories/29242
http://secunia.com/advisories/30124
http://secunia.com/advisories/31308
http://secunia.com/advisories/31326
http://securityreason.com/securityalert/3179
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103130-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200858-1
SuSE Security Announcement: SUSE-SR:2007:020 (Google Search)
http://www.novell.com/linux/security/advisories/2007_20_sr.html
SuSE Security Announcement: SUSE-SR:2008:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://www.vupen.com/english/advisories/2007/3325
http://www.vupen.com/english/advisories/2007/3625
http://www.vupen.com/english/advisories/2007/4042
http://www.vupen.com/english/advisories/2007/4144
http://www.vupen.com/english/advisories/2008/2268
XForce ISS Database: openssl-sslgetshared-bo(36837)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36837
CopyrightCopyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.