ID de Prueba:	1.3.6.1.4.1.25623.1.0.123203
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-0066)
Resumen:	The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2015-0066 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2015-0066 advisory. Vulnerability Insight: [1.0.1e-34.7] - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records Affected Software/OS: 'openssl' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3570 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html BugTraq ID: 71939 http://www.securityfocus.com/bid/71939 Cisco Security Advisory: 20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl Debian Security Information: DSA-3125 (Google Search) http://www.debian.org/security/2015/dsa-3125 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147938.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148363.html HPdes Security Advisory: HPSBGN03299 http://marc.info/?l=bugtraq&m=142720981827617&w=2 HPdes Security Advisory: HPSBHF03289 http://marc.info/?l=bugtraq&m=142721102728110&w=2 HPdes Security Advisory: HPSBMU03380 http://marc.info/?l=bugtraq&m=143748090628601&w=2 HPdes Security Advisory: HPSBMU03396 http://marc.info/?l=bugtraq&m=144050205101530&w=2 HPdes Security Advisory: HPSBMU03397 http://marc.info/?l=bugtraq&m=144050297101809&w=2 HPdes Security Advisory: HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 HPdes Security Advisory: HPSBMU03413 http://marc.info/?l=bugtraq&m=144050254401665&w=2 HPdes Security Advisory: HPSBOV03318 http://marc.info/?l=bugtraq&m=142895206924048&w=2 HPdes Security Advisory: HPSBUX03162 http://marc.info/?l=bugtraq&m=142496179803395&w=2 HPdes Security Advisory: HPSBUX03244 http://marc.info/?l=bugtraq&m=142496289803847&w=2 HPdes Security Advisory: SSRT101885 HPdes Security Advisory: SSRT101987 http://www.mandriva.com/security/advisories?name=MDVSA-2015:019 http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 RedHat Security Advisories: RHSA-2015:0066 http://rhn.redhat.com/errata/RHSA-2015-0066.html RedHat Security Advisories: RHSA-2015:0849 http://rhn.redhat.com/errata/RHSA-2015-0849.html RedHat Security Advisories: RHSA-2016:1650 http://rhn.redhat.com/errata/RHSA-2016-1650.html http://www.securitytracker.com/id/1033378 SuSE Security Announcement: SUSE-SU-2015:0578 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html SuSE Security Announcement: SUSE-SU-2015:0946 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html SuSE Security Announcement: openSUSE-SU-2015:0130 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html SuSE Security Announcement: openSUSE-SU-2015:1277 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3571 BugTraq ID: 71937 http://www.securityfocus.com/bid/71937 Common Vulnerability Exposure (CVE) ID: CVE-2014-3572 BugTraq ID: 71942 http://www.securityfocus.com/bid/71942 Common Vulnerability Exposure (CVE) ID: CVE-2014-8275 BugTraq ID: 71935 http://www.securityfocus.com/bid/71935 RedHat Security Advisories: RHSA-2015:0800 http://rhn.redhat.com/errata/RHSA-2015-0800.html Common Vulnerability Exposure (CVE) ID: CVE-2015-0204 BugTraq ID: 71936 http://www.securityfocus.com/bid/71936 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 https://security.gentoo.org/glsa/201503-11 HPdes Security Advisory: HPSBMU03345 http://marc.info/?l=bugtraq&m=144043644216842&w=2 HPdes Security Advisory: HPSBUX03334 http://marc.info/?l=bugtraq&m=143213830203296&w=2 HPdes Security Advisory: SSRT102000 http://www.mandriva.com/security/advisories?name=MDVSA-2015:063 https://freakattack.com/ SuSE Security Announcement: SUSE-SU-2015:1085 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html SuSE Security Announcement: SUSE-SU-2015:1086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html SuSE Security Announcement: SUSE-SU-2015:1138 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html SuSE Security Announcement: SUSE-SU-2015:1161 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html SuSE Security Announcement: SUSE-SU-2015:2166 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html SuSE Security Announcement: SUSE-SU-2015:2168 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html SuSE Security Announcement: SUSE-SU-2015:2182 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html SuSE Security Announcement: SUSE-SU-2015:2192 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html SuSE Security Announcement: SUSE-SU-2015:2216 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html SuSE Security Announcement: SUSE-SU-2016:0113 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html XForce ISS Database: openssl-cve20150204-weak-security(99707) https://exchange.xforce.ibmcloud.com/vulnerabilities/99707 Common Vulnerability Exposure (CVE) ID: CVE-2015-0205 BugTraq ID: 71941 http://www.securityfocus.com/bid/71941 XForce ISS Database: openssl-cve20150205-sec-bypass(99708) https://exchange.xforce.ibmcloud.com/vulnerabilities/99708 Common Vulnerability Exposure (CVE) ID: CVE-2015-0206 BugTraq ID: 71940 http://www.securityfocus.com/bid/71940 XForce ISS Database: openssl-cve20150206-dos(99704) https://exchange.xforce.ibmcloud.com/vulnerabilities/99704
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.