Test Kennung:	1.3.6.1.4.1.25623.1.0.809778
Kategorie:	Denial of Service
Titel:	OpenSSL Death Alert Denial of Service Vulnerability - Linux
Zusammenfassung:	OpenSSL is prone to a Denial of Service (DoS) vulnerability.
Beschreibung:	Summary: OpenSSL is prone to a Denial of Service (DoS) vulnerability. Vulnerability Insight: The flaw is due to an error in function 'ssl3_read_bytes' in ssl/s3_pkt.c script which might lead to higher CPU usage due to improper handling of warning packets. Vulnerability Impact: Successful exploitation will allow a remote attacker to conduct a denial of service condition. Affected Software/OS: OpenSSL versions 1.1.0, 1.0.2 through 1.0.2h, all 1.0.1 and all 0.9.8. Solution: Upgrade to OpenSSL version 1.0.2j or 1.1.0b or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8610 1037084 http://www.securitytracker.com/id/1037084 93841 http://www.securityfocus.com/bid/93841 DSA-3773 https://www.debian.org/security/2017/dsa-3773 FreeBSD-SA-16:35 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:35.openssl.asc RHSA-2017:0286 http://rhn.redhat.com/errata/RHSA-2017-0286.html RHSA-2017:0574 http://rhn.redhat.com/errata/RHSA-2017-0574.html RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1413 RHSA-2017:1414 https://access.redhat.com/errata/RHSA-2017:1414 RHSA-2017:1415 http://rhn.redhat.com/errata/RHSA-2017-1415.html RHSA-2017:1658 https://access.redhat.com/errata/RHSA-2017:1658 RHSA-2017:1659 http://rhn.redhat.com/errata/RHSA-2017-1659.html RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1801 RHSA-2017:1802 https://access.redhat.com/errata/RHSA-2017:1802 RHSA-2017:2493 https://access.redhat.com/errata/RHSA-2017:2493 RHSA-2017:2494 https://access.redhat.com/errata/RHSA-2017:2494 [oss-security] 20161024 CVE-2016-8610: SSL Death Alert: OpenSSL SSL/TLS SSL3_AL_WARNING undefined alert Remote DoS http://seclists.org/oss-sec/2016/q4/224 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8610 https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=af58be768ebb690f78530f796e92b8ae5c9a4401 https://security.360.cn/cve/CVE-2016-8610/ https://security.netapp.com/advisory/ntap-20171130-0001/ https://security.paloaltonetworks.com/CVE-2016-8610 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03897en_us https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.