CISCO : Cisco NX-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products (cisco-sa-20150612-openssl)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.105692

Categoría: CISCO

Título: Cisco NX-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products (cisco-sa-20150612-openssl)

Resumen: On June 11, 2015, the OpenSSL Project released a security; advisory detailing six distinct vulnerabilities, and another fix that provides hardening; protections against exploits as described in the Logjam research.

Descripción: Summary:
On June 11, 2015, the OpenSSL Project released a security
advisory detailing six distinct vulnerabilities, and another fix that provides hardening
protections against exploits as described in the Logjam research.

Vulnerability Insight:
Multiple Cisco products incorporate a version of the OpenSSL
package affected by one or more vulnerabilities that could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process
memory.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-1791
1032479
http://www.securitytracker.com/id/1032479
20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl
75161
http://www.securityfocus.com/bid/75161
91787
http://www.securityfocus.com/bid/91787
APPLE-SA-2015-08-13-2
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
DSA-3287
http://www.debian.org/security/2015/dsa-3287
FEDORA-2015-10047
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html
FEDORA-2015-10108
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html
GLSA-201506-02
https://security.gentoo.org/glsa/201506-02
HPSBMU03409
http://marc.info/?l=bugtraq&m=144050155601375&w=2
HPSBUX03388
http://marc.info/?l=bugtraq&m=143880121627664&w=2
NetBSD-SA2015-008
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
RHSA-2015:1115
http://rhn.redhat.com/errata/RHSA-2015-1115.html
SSRT102180
SUSE-SU-2015:1143
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
SUSE-SU-2015:1150
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
SUSE-SU-2015:1182
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
SUSE-SU-2015:1184
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
SUSE-SU-2015:1185
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
USN-2639-1
http://www.ubuntu.com/usn/USN-2639-1
http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733
http://www-304.ibm.com/support/docview.wss?uid=swg21960041
http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015
http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
https://bto.bluecoat.com/security-advisory/sa98
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
https://openssl.org/news/secadv/20150611.txt
https://support.apple.com/kb/HT205031
https://support.citrix.com/article/CTX216642
https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11
https://www.openssl.org/news/secadv_20150611.txt
openSUSE-SU-2015:1139
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
openSUSE-SU-2016:0640
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-1788
1032564
http://www.securitytracker.com/id/1032564
75158
http://www.securityfocus.com/bid/75158
SUSE-SU-2015:1181
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932
openSUSE-SU-2015:1277
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-1789
75156
http://www.securityfocus.com/bid/75156
HPSBGN03371
http://marc.info/?l=bugtraq&m=143654156615516&w=2
RHSA-2015:1197
http://rhn.redhat.com/errata/RHSA-2015-1197.html
SUSE-SU-2015:1183
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11
Common Vulnerability Exposure (CVE) ID: CVE-2015-1790
75157
http://www.securityfocus.com/bid/75157
https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686
Common Vulnerability Exposure (CVE) ID: CVE-2015-1792
75154
http://www.securityfocus.com/bid/75154
https://github.com/openssl/openssl/commit/cd30f03ac5bf2962f44bd02ae8d88245dff2f12c
Common Vulnerability Exposure (CVE) ID: CVE-2014-8176
75159
http://www.securityfocus.com/bid/75159
RHSA-2016:2957
http://rhn.redhat.com/errata/RHSA-2016-2957.html
https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7
https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guest

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.105692
Categoría:	CISCO
Título:	Cisco NX-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products (cisco-sa-20150612-openssl)
Resumen:	On June 11, 2015, the OpenSSL Project released a security; advisory detailing six distinct vulnerabilities, and another fix that provides hardening; protections against exploits as described in the Logjam research.
Descripción:	Summary: On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct vulnerabilities, and another fix that provides hardening protections against exploits as described in the Logjam research. Vulnerability Insight: Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1791 1032479 http://www.securitytracker.com/id/1032479 20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl 75161 http://www.securityfocus.com/bid/75161 91787 http://www.securityfocus.com/bid/91787 APPLE-SA-2015-08-13-2 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html DSA-3287 http://www.debian.org/security/2015/dsa-3287 FEDORA-2015-10047 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html FEDORA-2015-10108 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html GLSA-201506-02 https://security.gentoo.org/glsa/201506-02 HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 HPSBUX03388 http://marc.info/?l=bugtraq&m=143880121627664&w=2 NetBSD-SA2015-008 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc RHSA-2015:1115 http://rhn.redhat.com/errata/RHSA-2015-1115.html SSRT102180 SUSE-SU-2015:1143 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html SUSE-SU-2015:1150 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html SUSE-SU-2015:1182 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html SUSE-SU-2015:1184 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html SUSE-SU-2015:1185 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html USN-2639-1 http://www.ubuntu.com/usn/USN-2639-1 http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733 http://www-304.ibm.com/support/docview.wss?uid=swg21960041 http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015 http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html https://bto.bluecoat.com/security-advisory/sa98 https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965 https://kc.mcafee.com/corporate/index?page=content&id=SB10122 https://openssl.org/news/secadv/20150611.txt https://support.apple.com/kb/HT205031 https://support.citrix.com/article/CTX216642 https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11 https://www.openssl.org/news/secadv_20150611.txt openSUSE-SU-2015:1139 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html openSUSE-SU-2016:0640 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1788 1032564 http://www.securitytracker.com/id/1032564 75158 http://www.securityfocus.com/bid/75158 SUSE-SU-2015:1181 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932 openSUSE-SU-2015:1277 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1789 75156 http://www.securityfocus.com/bid/75156 HPSBGN03371 http://marc.info/?l=bugtraq&m=143654156615516&w=2 RHSA-2015:1197 http://rhn.redhat.com/errata/RHSA-2015-1197.html SUSE-SU-2015:1183 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11 Common Vulnerability Exposure (CVE) ID: CVE-2015-1790 75157 http://www.securityfocus.com/bid/75157 https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686 Common Vulnerability Exposure (CVE) ID: CVE-2015-1792 75154 http://www.securityfocus.com/bid/75154 https://github.com/openssl/openssl/commit/cd30f03ac5bf2962f44bd02ae8d88245dff2f12c Common Vulnerability Exposure (CVE) ID: CVE-2014-8176 75159 http://www.securityfocus.com/bid/75159 RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html https://github.com/openssl/openssl/commit/470990fee0182566d439ef7e82d1abf18b7085d7 https://rt.openssl.org/Ticket/Display.html?id=3286&user=guest&pass=guest
Copyright	Copyright (C) 2016 Greenbone Networks GmbH