Test Kennung:	1.3.6.1.4.1.25623.1.0.806816
Kategorie:	Denial of Service
Titel:	OpenSSL DoS Vulnerability (20151203) - Linux
Zusammenfassung:	OpenSSL is prone to a Denial of Service (DoS) vulnerability.
Beschreibung:	Summary: OpenSSL is prone to a Denial of Service (DoS) vulnerability. Vulnerability Insight: A race condition flaw exists in OpenSSL leading to a double free error due to improper handling of pre-shared key (PSK) identify hints. Vulnerability Impact: Successful exploitation will allow a remote attacker to cause a DoS via a crafted ServerKeyExchange message. Affected Software/OS: OpenSSL version 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d. Solution: Update to OpenSSL 1.0.0t, 1.0.1p, 1.0.2d or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3196 BugTraq ID: 78622 http://www.securityfocus.com/bid/78622 Cisco Security Advisory: 20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl Debian Security Information: DSA-3413 (Google Search) http://www.debian.org/security/2015/dsa-3413 http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html HPdes Security Advisory: HPSBGN03536 http://marc.info/?l=bugtraq&m=145382583417444&w=2 RedHat Security Advisories: RHSA-2015:2617 http://rhn.redhat.com/errata/RHSA-2015-2617.html RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.securitytracker.com/id/1034294 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583 SuSE Security Announcement: openSUSE-SU-2015:2288 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html SuSE Security Announcement: openSUSE-SU-2015:2289 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html http://www.ubuntu.com/usn/USN-2830-1
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.