Test Kennung:	1.3.6.1.4.1.25623.1.0.68566
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Security Advisory MDVSA-2010:238 (openssl)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to openssl announced via advisory MDVSA-2010:238. A vulnerability was discovered in openssl that causes a race condition within the TLS extension parsing code and which can be exploited to cause a heap-based buffer overflow (CVE-2010-3864). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:238 http://openssl.org/news/secadv_20101116.txt Risk factor : High CVSS Score: 7.6
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3864 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search) http://www.securityfocus.com/archive/1/516397/100/0/threaded CERT/CC vulnerability note: VU#737740 http://www.kb.cert.org/vuls/id/737740 Debian Security Information: DSA-2125 (Google Search) http://www.debian.org/security/2010/dsa-2125 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html FreeBSD Security Advisory: FreeBSD-SA-10:10 http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc HPdes Security Advisory: HPSBGN02740 http://marc.info/?l=bugtraq&m=132828103218869&w=2 HPdes Security Advisory: HPSBMA02658 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777 HPdes Security Advisory: HPSBOV02670 http://marc.info/?l=bugtraq&m=130497251507577&w=2 HPdes Security Advisory: HPSBUX02638 http://marc.info/?l=bugtraq&m=129916880600544&w=2 HPdes Security Advisory: SSRT100339 HPdes Security Advisory: SSRT100413 HPdes Security Advisory: SSRT100475 HPdes Security Advisory: SSRT100741 https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html RedHat Security Advisories: RHSA-2010:0888 https://rhn.redhat.com/errata/RHSA-2010-0888.html http://securitytracker.com/id?1024743 http://secunia.com/advisories/42241 http://secunia.com/advisories/42243 http://secunia.com/advisories/42309 http://secunia.com/advisories/42336 http://secunia.com/advisories/42352 http://secunia.com/advisories/42397 http://secunia.com/advisories/42413 http://secunia.com/advisories/43312 http://secunia.com/advisories/44269 http://secunia.com/advisories/57353 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793 SuSE Security Announcement: SUSE-SR:2010:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html http://www.vupen.com/english/advisories/2010/3041 http://www.vupen.com/english/advisories/2010/3077 http://www.vupen.com/english/advisories/2010/3097 http://www.vupen.com/english/advisories/2010/3121
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.