Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2017:0585-1)
Summary:The remote host is missing an update for the 'openssl' package(s) announced via the SUSE-SU-2017:0585-1 advisory.
The remote host is missing an update for the 'openssl' package(s) announced via the SUSE-SU-2017:0585-1 advisory.

Vulnerability Insight:
This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)
Security issues fixed:
- CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed
key recovery was fixed (bsc#1019334)
- CVE-2016-8610: A remote denial of service in SSL alert handling was
fixed (bsc#1005878)
- degrade 3DES to MEDIUM in SSL2 (bsc#1001912)
- CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the
negative zero handling in the ASN.1 decoder (bsc#1004499)
Bugs fixed:
- fix crash in openssl speed (bsc#1000677)
- don't attempt session resumption if no ticket is present and session ID
length is zero (bsc#984663)

Affected Software/OS:
'openssl' package(s) on SUSE Studio Onsite 1.3, SUSE OpenStack Cloud 5, SUSE Manager Proxy 2.1, SUSE Manager 2.1, SUSE Linux Enterprise Software Development Kit 11-SP4, SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP3

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-2108
BugTraq ID: 89752
BugTraq ID: 91787
Cisco Security Advisory: 20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016
Debian Security Information: DSA-3566 (Google Search)
RedHat Security Advisories: RHSA-2016:0722
RedHat Security Advisories: RHSA-2016:0996
RedHat Security Advisories: RHSA-2016:1137
RedHat Security Advisories: RHSA-2016:2056
RedHat Security Advisories: RHSA-2016:2073
RedHat Security Advisories: RHSA-2016:2957
RedHat Security Advisories: RHSA-2017:0193
RedHat Security Advisories: RHSA-2017:0194
SuSE Security Announcement: SUSE-SU-2016:1206 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1228 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1231 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1233 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1267 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1290 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1360 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1237 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1238 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1239 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1240 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1241 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1242 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1243 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1273 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2016-7056
BugTraq ID: 95375
Debian Security Information: DSA-3773 (Google Search)
RedHat Security Advisories: RHSA-2017:1413
RedHat Security Advisories: RHSA-2017:1414
RedHat Security Advisories: RHSA-2017:1415
RedHat Security Advisories: RHSA-2017:1801
RedHat Security Advisories: RHSA-2017:1802
Common Vulnerability Exposure (CVE) ID: CVE-2016-8610
BugTraq ID: 93841;a=commit;h=af58be768ebb690f78530f796e92b8ae5c9a4401
FreeBSD Security Advisory: FreeBSD-SA-16:35
RedHat Security Advisories: RHSA-2017:0286
RedHat Security Advisories: RHSA-2017:0574
RedHat Security Advisories: RHSA-2017:1658
RedHat Security Advisories: RHSA-2017:1659
RedHat Security Advisories: RHSA-2017:2493
RedHat Security Advisories: RHSA-2017:2494
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.