Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2012.0623.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2012:0623-1)
Summary:The remote host is missing an update for the 'openssl' package(s) announced via the SUSE-SU-2012:0623-1 advisory.
Description:Summary:
The remote host is missing an update for the 'openssl' package(s) announced via the SUSE-SU-2012:0623-1 advisory.

Vulnerability Insight:
This update of openssl fixes an integer conversation issue which could cause a heap-based memory corruption
(CVE-2012-2110
> ).

Additionally, a check for negative buffer length values was added ( CVE-2012-2131
> ) and the stack made non-executable by marking the enhanced Intel SSSE3 assembler code as not needing executable stack.

Affected Software/OS:
'openssl' package(s) on SUSE Linux Enterprise Desktop 11 SP1, SUSE Linux Enterprise Desktop 11 SP2, SUSE Linux Enterprise Server 11 SP1, SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Software Development Kit 11 SP1, SUSE Linux Enterprise Software Development Kit 11 SP2.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-2110
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
BugTraq ID: 53158
http://www.securityfocus.com/bid/53158
Debian Security Information: DSA-2454 (Google Search)
http://www.debian.org/security/2012/dsa-2454
http://www.exploit-db.com/exploits/18756
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html
http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html
HPdes Security Advisory: HPSBMU02776
http://marc.info/?l=bugtraq&m=133951357207000&w=2
HPdes Security Advisory: HPSBMU02900
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
HPdes Security Advisory: HPSBOV02793
http://marc.info/?l=bugtraq&m=134039053214295&w=2
HPdes Security Advisory: HPSBUX02782
http://marc.info/?l=bugtraq&m=133728068926468&w=2
HPdes Security Advisory: SSRT100844
HPdes Security Advisory: SSRT100852
HPdes Security Advisory: SSRT100891
HPdes Security Advisory: SSRT101210
http://www.mandriva.com/security/advisories?name=MDVSA-2012:060
http://osvdb.org/81223
RedHat Security Advisories: RHSA-2012:0518
http://rhn.redhat.com/errata/RHSA-2012-0518.html
RedHat Security Advisories: RHSA-2012:0522
http://rhn.redhat.com/errata/RHSA-2012-0522.html
RedHat Security Advisories: RHSA-2012:1306
http://rhn.redhat.com/errata/RHSA-2012-1306.html
RedHat Security Advisories: RHSA-2012:1307
http://rhn.redhat.com/errata/RHSA-2012-1307.html
RedHat Security Advisories: RHSA-2012:1308
http://rhn.redhat.com/errata/RHSA-2012-1308.html
http://www.securitytracker.com/id?1026957
http://secunia.com/advisories/48847
http://secunia.com/advisories/48895
http://secunia.com/advisories/48899
http://secunia.com/advisories/48942
http://secunia.com/advisories/48999
http://secunia.com/advisories/57353
SuSE Security Announcement: SUSE-SU-2012:0623 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html
SuSE Security Announcement: SUSE-SU-2012:0637 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html
SuSE Security Announcement: SUSE-SU-2012:1149 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
http://www.ubuntu.com/usn/USN-1424-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-2131
BugTraq ID: 53212
http://www.securityfocus.com/bid/53212
http://www.mandriva.com/security/advisories?name=MDVSA-2012:064
http://www.openwall.com/lists/oss-security/2012/04/24/1
http://secunia.com/advisories/48956
http://www.ubuntu.com/usn/USN-1428-1
XForce ISS Database: openssl-asn1-code-execution(75099)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75099
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.