ID de Prueba:	1.3.6.1.4.1.25623.1.0.122804
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-2616)
Resumen:	The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2015-2616 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2015-2616 advisory. Vulnerability Insight: [0.9.8e-37.0.1] - To disable SSLv2 client connections create the file /etc/sysconfig/openssl-ssl-client-kill-sslv2 (John Haxby) [orabug 21673934] - Backport openssl 08-Jan-2015 security fixes (John Haxby) [orabug 20409893] - fix CVE-2014-3570 - Bignum squaring may produce incorrect results - fix CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record - fix CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client] [0.9.8e-37] - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak Affected Software/OS: 'openssl' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3195 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html BugTraq ID: 78626 http://www.securityfocus.com/bid/78626 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 Cisco Security Advisory: 20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl Debian Security Information: DSA-3413 (Google Search) http://www.debian.org/security/2015/dsa-3413 http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html HPdes Security Advisory: HPSBGN03536 http://marc.info/?l=bugtraq&m=145382583417444&w=2 RedHat Security Advisories: RHSA-2015:2616 http://rhn.redhat.com/errata/RHSA-2015-2616.html RedHat Security Advisories: RHSA-2015:2617 http://rhn.redhat.com/errata/RHSA-2015-2617.html RedHat Security Advisories: RHSA-2016:2056 http://rhn.redhat.com/errata/RHSA-2016-2056.html RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.securitytracker.com/id/1034294 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583 SuSE Security Announcement: SUSE-SU-2016:0678 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html SuSE Security Announcement: openSUSE-SU-2015:2288 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html SuSE Security Announcement: openSUSE-SU-2015:2289 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html SuSE Security Announcement: openSUSE-SU-2015:2318 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html SuSE Security Announcement: openSUSE-SU-2015:2349 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00103.html SuSE Security Announcement: openSUSE-SU-2016:0637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html http://www.ubuntu.com/usn/USN-2830-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.