Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2013:0554-1)
Summary:The remote host is missing an update for the 'OpenSSL' package(s) announced via the SUSE-SU-2013:0554-1 advisory.
The remote host is missing an update for the 'OpenSSL' package(s) announced via the SUSE-SU-2013:0554-1 advisory.

Vulnerability Insight:
OpenSSL has been updated to fix several security issues:


CVE-2012-4929: Avoid the openssl CRIME attack by disabling SSL compression by default. Setting the environment variable 'OPENSSL_NO_DEFAULT_ZLIB' to 'no'
enables compression again.

Please note that openssl on SUSE Linux Enterprise 10 is not built with compression support.


CVE-2013-0169: Timing attacks against TLS could be used by physically local attackers to gain access to transmitted plain text or private keymaterial. This issue is also known as the 'Lucky-13' issue.


CVE-2013-0166: A OCSP invalid key denial of service issue was fixed.

Security Issue references:

* CVE-2013-0169
* CVE-2013-0166

Affected Software/OS:
'OpenSSL' package(s) on SUSE Linux Enterprise Server 10 SP4, SUSE Linux Enterprise Desktop 10 SP4, SLE SDK 10 SP4

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-4929
BugTraq ID: 55704
Debian Security Information: DSA-2579 (Google Search)
Debian Security Information: DSA-2627 (Google Search)
Debian Security Information: DSA-3253 (Google Search)
HPdes Security Advisory: HPSBUX02866
HPdes Security Advisory: SSRT101139
RedHat Security Advisories: RHSA-2013:0587
SuSE Security Announcement: openSUSE-SU-2012:1420 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0143 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0157 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-0166
CERT/CC vulnerability note: VU#737740
Debian Security Information: DSA-2621 (Google Search)
HPdes Security Advisory: HPSBOV02852
HPdes Security Advisory: HPSBUX02856
HPdes Security Advisory: HPSBUX02909
HPdes Security Advisory: SSRT101104
HPdes Security Advisory: SSRT101108
HPdes Security Advisory: SSRT101289
RedHat Security Advisories: RHSA-2013:0782
RedHat Security Advisories: RHSA-2013:0783
RedHat Security Advisories: RHSA-2013:0833
SuSE Security Announcement: SUSE-SU-2015:0578 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-0169
BugTraq ID: 57778
Cert/CC Advisory: TA13-051A
Debian Security Information: DSA-2622 (Google Search)
HPdes Security Advisory: HPSBMU02874
HPdes Security Advisory: HPSBUX02857
HPdes Security Advisory: SSRT101103
HPdes Security Advisory: SSRT101184
RedHat Security Advisories: RHSA-2013:1455
RedHat Security Advisories: RHSA-2013:1456
SuSE Security Announcement: SUSE-SU-2013:0328 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:0701 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0375 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0378 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.