Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2012:073 (openssl)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72049

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2012:073 (openssl)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to openssl
announced via advisory MDVSA-2012:073.

A vulnerability has been found and corrected in openssl:

A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can
be exploited in a denial of service attack on both clients and servers
(CVE-2012-2333).

The updated packages have been patched to correct this issue.

Affected: 2010.1, 2011., Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:073
http://www.openssl.org/news/secadv_20120510.txt

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2333
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
BugTraq ID: 53476
http://www.securityfocus.com/bid/53476
CERT/CC vulnerability note: VU#737740
http://www.kb.cert.org/vuls/id/737740
Debian Security Information: DSA-2475 (Google Search)
http://www.debian.org/security/2012/dsa-2475
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081460.html
HPdes Security Advisory: HPSBOV02852
http://marc.info/?l=bugtraq&m=136432043316835&w=2
HPdes Security Advisory: HPSBUX02814
http://marc.info/?l=bugtraq&m=134919053717161&w=2
HPdes Security Advisory: SSRT100930
HPdes Security Advisory: SSRT101108
http://www.mandriva.com/security/advisories?name=MDVSA-2012:073
http://www.cert.fi/en/reports/2012/vulnerability641549.html
RedHat Security Advisories: RHSA-2012:0699
http://rhn.redhat.com/errata/RHSA-2012-0699.html
RedHat Security Advisories: RHSA-2012:1306
http://rhn.redhat.com/errata/RHSA-2012-1306.html
RedHat Security Advisories: RHSA-2012:1307
http://rhn.redhat.com/errata/RHSA-2012-1307.html
RedHat Security Advisories: RHSA-2012:1308
http://rhn.redhat.com/errata/RHSA-2012-1308.html
http://www.securitytracker.com/id?1027057
http://secunia.com/advisories/49116
http://secunia.com/advisories/49208
http://secunia.com/advisories/49324
http://secunia.com/advisories/50768
http://secunia.com/advisories/51312
SuSE Security Announcement: SUSE-SU-2012:0678 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00019.html
SuSE Security Announcement: SUSE-SU-2012:0679 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00020.html
XForce ISS Database: openssl-tls-record-dos(75525)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75525

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72049
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:073 (openssl)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to openssl announced via advisory MDVSA-2012:073. A vulnerability has been found and corrected in openssl: A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers (CVE-2012-2333). The updated packages have been patched to correct this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:073 http://www.openssl.org/news/secadv_20120510.txt Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2333 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html BugTraq ID: 53476 http://www.securityfocus.com/bid/53476 CERT/CC vulnerability note: VU#737740 http://www.kb.cert.org/vuls/id/737740 Debian Security Information: DSA-2475 (Google Search) http://www.debian.org/security/2012/dsa-2475 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081460.html HPdes Security Advisory: HPSBOV02852 http://marc.info/?l=bugtraq&m=136432043316835&w=2 HPdes Security Advisory: HPSBUX02814 http://marc.info/?l=bugtraq&m=134919053717161&w=2 HPdes Security Advisory: SSRT100930 HPdes Security Advisory: SSRT101108 http://www.mandriva.com/security/advisories?name=MDVSA-2012:073 http://www.cert.fi/en/reports/2012/vulnerability641549.html RedHat Security Advisories: RHSA-2012:0699 http://rhn.redhat.com/errata/RHSA-2012-0699.html RedHat Security Advisories: RHSA-2012:1306 http://rhn.redhat.com/errata/RHSA-2012-1306.html RedHat Security Advisories: RHSA-2012:1307 http://rhn.redhat.com/errata/RHSA-2012-1307.html RedHat Security Advisories: RHSA-2012:1308 http://rhn.redhat.com/errata/RHSA-2012-1308.html http://www.securitytracker.com/id?1027057 http://secunia.com/advisories/49116 http://secunia.com/advisories/49208 http://secunia.com/advisories/49324 http://secunia.com/advisories/50768 http://secunia.com/advisories/51312 SuSE Security Announcement: SUSE-SU-2012:0678 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00019.html SuSE Security Announcement: SUSE-SU-2012:0679 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00020.html XForce ISS Database: openssl-tls-record-dos(75525) https://exchange.xforce.ibmcloud.com/vulnerabilities/75525
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com