English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66370
Category:Mandrake Local Security Checks
Title:Mandriva Security Advisory MDVSA-2009:310 (openssl)
Summary:The remote host is missing an update to openssl;announced via advisory MDVSA-2009:310.
Description:Summary:
The remote host is missing an update to openssl
announced via advisory MDVSA-2009:310.

Vulnerability Insight:
For details on the issues addressed with this update, please
visit the referenced security advisories.

Packages for 2008.0 are being provided due to extended support for
Corporate products.

The updated packages have been patched to prevent this.

Affected: 2008.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-1377
1022241
http://www.securitytracker.com/id?1022241
35001
http://www.securityfocus.com/bid/35001
35128
http://secunia.com/advisories/35128
35416
http://secunia.com/advisories/35416
35461
http://secunia.com/advisories/35461
35571
http://secunia.com/advisories/35571
35729
http://secunia.com/advisories/35729
36533
http://secunia.com/advisories/36533
37003
http://secunia.com/advisories/37003
38761
http://secunia.com/advisories/38761
38794
http://secunia.com/advisories/38794
38834
http://secunia.com/advisories/38834
42724
http://secunia.com/advisories/42724
42733
http://secunia.com/advisories/42733
ADV-2009-1377
http://www.vupen.com/english/advisories/2009/1377
ADV-2010-0528
http://www.vupen.com/english/advisories/2010/0528
GLSA-200912-01
http://security.gentoo.org/glsa/glsa-200912-01.xml
HPSBMA02492
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444
MDVSA-2009:120
http://www.mandriva.com/security/advisories?name=MDVSA-2009:120
NetBSD-SA2009-009
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc
RHSA-2009:1335
http://www.redhat.com/support/errata/RHSA-2009-1335.html
SSA:2010-060-02
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049
SSRT100079
SUSE-SR:2009:011
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
USN-792-1
http://www.ubuntu.com/usn/USN-792-1
[openssl-dev] 20090516 [openssl.org #1930] [PATCH] DTLS record buffer limitation bug
http://marc.info/?l=openssl-dev&m=124247675613888&w=2
[oss-security] 20090518 Two OpenSSL DTLS remote DoS
http://www.openwall.com/lists/oss-security/2009/05/18/1
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://cvs.openssl.org/chngview?cn=18187
http://rt.openssl.org/Ticket/Display.html?id=1930&user=guest&pass=guest
http://sourceforge.net/mailarchive/message.php?msg_name=4AD43807.7080105%40users.sourceforge.net
http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html
https://kb.bluecoat.com/index?page=content&id=SA50
https://launchpad.net/bugs/cve/2009-1377
oval:org.mitre.oval:def:6683
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6683
oval:org.mitre.oval:def:9663
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9663
Common Vulnerability Exposure (CVE) ID: CVE-2009-1378
8720
https://www.exploit-db.com/exploits/8720
[openssl-dev] 20090516 [openssl.org #1931] [PATCH] DTLS fragment handling memory leak
http://marc.info/?l=openssl-dev&m=124247679213944&w=2
[openssl-dev] 20090518 Re: [openssl.org #1931] [PATCH] DTLS fragment handling memory leak
http://marc.info/?l=openssl-dev&m=124263491424212&w=2
http://cvs.openssl.org/chngview?cn=18188
http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest
https://launchpad.net/bugs/cve/2009-1378
oval:org.mitre.oval:def:11309
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11309
oval:org.mitre.oval:def:7229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7229
Common Vulnerability Exposure (CVE) ID: CVE-2009-1379
35138
http://www.securityfocus.com/bid/35138
[oss-security] 20090518 Re: Two OpenSSL DTLS remote DoS
http://www.openwall.com/lists/oss-security/2009/05/18/4
http://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guest
https://launchpad.net/bugs/cve/2009-1379
openssl-dtls1retrievebufferedfragment-dos(50661)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50661
oval:org.mitre.oval:def:6848
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6848
oval:org.mitre.oval:def:9744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9744
Common Vulnerability Exposure (CVE) ID: CVE-2009-1386
35174
http://www.securityfocus.com/bid/35174
35685
http://secunia.com/advisories/35685
8873
https://www.exploit-db.com/exploits/8873
SUSE-SR:2009:012
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
[oss-security] 20090602 Re: Two OpenSSL DTLS remote DoS
http://www.openwall.com/lists/oss-security/2009/06/02/1
http://cvs.openssl.org/chngview?cn=17369
http://rt.openssl.org/Ticket/Display.html?id=1679&user=guest&pass=guest
openssl-changecipherspec-dos(50963)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50963
oval:org.mitre.oval:def:11179
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11179
oval:org.mitre.oval:def:7469
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7469
Common Vulnerability Exposure (CVE) ID: CVE-2009-1387
HPdes Security Advisory: HPSBMA02492
HPdes Security Advisory: SSRT100079
NETBSD Security Advisory: NetBSD-SA2009-009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10740
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7592
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2009-2409
1022631
http://www.securitytracker.com/id?1022631
20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console
http://www.securityfocus.com/archive/1/515055/100/0/threaded
36139
http://secunia.com/advisories/36139
36157
http://secunia.com/advisories/36157
36434
http://secunia.com/advisories/36434
36669
http://secunia.com/advisories/36669
36739
http://secunia.com/advisories/36739
37386
http://secunia.com/advisories/37386
42467
http://secunia.com/advisories/42467
ADV-2009-2085
http://www.vupen.com/english/advisories/2009/2085
ADV-2009-3184
http://www.vupen.com/english/advisories/2009/3184
ADV-2010-3126
http://www.vupen.com/english/advisories/2010/3126
APPLE-SA-2009-11-09-1
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
DSA-1874
http://www.debian.org/security/2009/dsa-1874
DSA-1888
https://www.debian.org/security/2009/dsa-1888
GLSA-200911-02
http://security.gentoo.org/glsa/glsa-200911-02.xml
MDVSA-2009:197
http://www.mandriva.com/security/advisories?name=MDVSA-2009:197
MDVSA-2009:216
http://www.mandriva.com/security/advisories?name=MDVSA-2009:216
MDVSA-2009:258
http://www.mandriva.com/security/advisories?name=MDVSA-2009:258
MDVSA-2010:084
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
RHSA-2009:1207
http://www.redhat.com/support/errata/RHSA-2009-1207.html
RHSA-2009:1432
http://www.redhat.com/support/errata/RHSA-2009-1432.html
RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
USN-810-1
http://www.ubuntu.com/usn/usn-810-1
USN-810-2
https://usn.ubuntu.com/810-2/
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
http://java.sun.com/javase/6/webnotes/6u17.html
http://support.apple.com/kb/HT3937
http://www.vmware.com/security/advisories/VMSA-2010-0019.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2409
oval:org.mitre.oval:def:10763
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10763
oval:org.mitre.oval:def:6631
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6631
oval:org.mitre.oval:def:7155
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7155
oval:org.mitre.oval:def:8594
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8594
CopyrightCopyright (C) 2009 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.