ID de Prueba:	1.3.6.1.4.1.25623.1.0.122890
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2016-0301)
Resumen:	The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2016-0301 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2016-0301 advisory. Vulnerability Insight: [1.0.1e-42.4] - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn [1.0.1e-42.3] - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method Affected Software/OS: 'openssl' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3197 BugTraq ID: 82237 http://www.securityfocus.com/bid/82237 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 CERT/CC vulnerability note: VU#257823 https://www.kb.cert.org/vuls/id/257823 http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html FreeBSD Security Advisory: FreeBSD-SA-16:12 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:11.openssl.asc https://security.gentoo.org/glsa/201601-05 http://www.securitytracker.com/id/1034849 SuSE Security Announcement: SUSE-SU-2016:0617 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html SuSE Security Announcement: SUSE-SU-2016:0620 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html SuSE Security Announcement: SUSE-SU-2016:0621 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html SuSE Security Announcement: SUSE-SU-2016:0624 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html SuSE Security Announcement: SUSE-SU-2016:0631 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html SuSE Security Announcement: SUSE-SU-2016:0641 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html SuSE Security Announcement: SUSE-SU-2016:0678 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html SuSE Security Announcement: SUSE-SU-2016:1057 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html SuSE Security Announcement: openSUSE-SU-2016:0628 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html SuSE Security Announcement: openSUSE-SU-2016:0637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html SuSE Security Announcement: openSUSE-SU-2016:0638 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html SuSE Security Announcement: openSUSE-SU-2016:0720 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html SuSE Security Announcement: openSUSE-SU-2016:1239 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html SuSE Security Announcement: openSUSE-SU-2016:1241 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html Common Vulnerability Exposure (CVE) ID: CVE-2016-0702 Cisco Security Advisory: 20160302 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl Debian Security Information: DSA-3500 (Google Search) http://www.debian.org/security/2016/dsa-3500 http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178358.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178817.html https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc https://security.gentoo.org/glsa/201603-15 HPdes Security Advisory: HPSBGN03563 http://marc.info/?l=bugtraq&m=145889460330120&w=2 http://cachebleed.info RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://www.securitytracker.com/id/1035133 SuSE Security Announcement: SUSE-SU-2016:1267 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html SuSE Security Announcement: SUSE-SU-2016:1290 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html SuSE Security Announcement: SUSE-SU-2016:1360 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html SuSE Security Announcement: openSUSE-SU-2016:0627 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html SuSE Security Announcement: openSUSE-SU-2016:1242 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html SuSE Security Announcement: openSUSE-SU-2016:1273 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html SuSE Security Announcement: openSUSE-SU-2016:1566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html http://www.ubuntu.com/usn/USN-2914-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-0705 BugTraq ID: 83754 http://www.securityfocus.com/bid/83754 HPdes Security Advisory: HPSBGN03569 http://marc.info/?l=bugtraq&m=145983526810210&w=2 HPdes Security Advisory: HPSBMU03575 http://marc.info/?l=bugtraq&m=146108058503441&w=2 RedHat Security Advisories: RHSA-2018:2568 https://access.redhat.com/errata/RHSA-2018:2568 RedHat Security Advisories: RHSA-2018:2575 https://access.redhat.com/errata/RHSA-2018:2575 RedHat Security Advisories: RHSA-2018:2713 https://access.redhat.com/errata/RHSA-2018:2713 SuSE Security Announcement: openSUSE-SU-2016:1332 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html Common Vulnerability Exposure (CVE) ID: CVE-2016-0797 BugTraq ID: 83763 http://www.securityfocus.com/bid/83763 Common Vulnerability Exposure (CVE) ID: CVE-2016-0800 BugTraq ID: 83733 http://www.securityfocus.com/bid/83733 CERT/CC vulnerability note: VU#583776 https://www.kb.cert.org/vuls/id/583776 HPdes Security Advisory: HPSBMU03573 http://marc.info/?l=bugtraq&m=146133665209436&w=2 https://drownattack.com https://ics-cert.us-cert.gov/advisories/ICSA-16-103-03 https://www.arista.com/en/support/advisories-notices/security-advisories/1260-security-advisory-18 RedHat Security Advisories: RHSA-2016:1519 http://rhn.redhat.com/errata/RHSA-2016-1519.html
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.