 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.4.2014.0335.1 |
| Categoría: | SuSE Local Security Checks |
| Título: | SUSE: Security Advisory (SUSE-SU-2014:0335-1) |
| Resumen: | The remote host is missing an update for the 'openssl-certs' package(s) announced via the SUSE-SU-2014:0335-1 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'openssl-certs' package(s) announced via the SUSE-SU-2014:0335-1 advisory. Vulnerability Insight: The openssl-certs package was updated to match the certificates contained in the Mozilla NSS 3.15.4 release. The following changes were done to the list of root CAs: Distrust a sub-ca that issued google.com certificates. 'Distrusted AC DG Tresor SSL' (bnc#854367) Lots of CA updates from Mozilla: Changes done in 1.96: * new: ACCVRAIZ1.pem (Spain) (all trusts) * new: SG_TRUST_SERVICES_RACINE.pem (Singapore) (email signing only) * new: TWCA_Global_Root_CA.pem (Taiwanese) (all trusts) * removed: Wells_Fargo_Root_CA.pem Changes done in 1.95: * new: CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt server auth, code signing, email signing * new: CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.crt server auth, code signing, email signing * new: China_Internet_Network_Information_Center_EV_Certificates_Ro ot:2.4.72.159.0.1.crt server auth * changed: Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.150.cr t removed code signing and server auth abilities * changed: Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.206.c rt removed code signing and server auth abilities * new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt server auth * new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt server auth * removed: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.185.102. crt * new: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.222.248. crt I think the missing flags were adjusted. * removed: Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt * new: PSCProcert:2.1.11.crt server auth, code signing, email signing * new: Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195.124 .74.30.90.24.103.182.crt server auth, code signing, email signing * new: Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.141. 253.16.29.4.31.118.202.88.crt server auth, code signing * changed: TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.141.51 .21.2.228.108.244.crt removed all abilities * new: TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.crt server auth, code signing * changed: TWCA_Root_Certification_Authority:2.1.1.crt added code signing ability * new 'EE Certification Centre Root CA' * new 'T-TeleSec GlobalRoot Class 3' * revoke mis-issued intermediate CAs from TURKTRUST Affected Software/OS: 'openssl-certs' package(s) on SUSE Linux Enterprise Server 10 SP3. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |