Test Kennung:	1.3.6.1.4.1.25623.1.0.884211
Kategorie:	CentOS Local Security Checks
Titel:	CentOS: Security Advisory for openssl (CESA-2022:1066)
Zusammenfassung:	The remote host is missing an update for the 'openssl'; package(s) announced via the CESA-2022:1066 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the CESA-2022:1066 advisory. Vulnerability Insight: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'openssl' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2022-0778 https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002 https://security.netapp.com/advisory/ntap-20220321-0002/ https://security.netapp.com/advisory/ntap-20220429-0005/ https://support.apple.com/kb/HT213255 https://support.apple.com/kb/HT213256 https://support.apple.com/kb/HT213257 https://www.openssl.org/news/secadv/20220315.txt https://www.tenable.com/security/tns-2022-06 https://www.tenable.com/security/tns-2022-07 https://www.tenable.com/security/tns-2022-08 https://www.tenable.com/security/tns-2022-09 Debian Security Information: DSA-5103 (Google Search) https://www.debian.org/security/2022/dsa-5103 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/ http://seclists.org/fulldisclosure/2022/May/38 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/33 https://security.gentoo.org/glsa/202210-02 http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.