Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2018:2545-1)
Summary:The remote host is missing an update for the 'openssl1' package(s) announced via the SUSE-SU-2018:2545-1 advisory.
The remote host is missing an update for the 'openssl1' package(s) announced via the SUSE-SU-2018:2545-1 advisory.

Vulnerability Insight:
This update for openssl1 fixes the following security issues:
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
vulnerable to a cache timing side channel attack. An attacker with
sufficient access to mount cache timing attacks during the RSA key
generation process could have recovered the private key (bsc#1089039)
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E)
based ciphersuite a malicious server could have sent a very large prime
value to the client. This caused the client to spend an unreasonably
long period of time generating a key for this prime resulting in a hang
until the client has finished. This could be exploited in a Denial Of
Service attack (bsc#1097158)
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)

Affected Software/OS:
'openssl1' package(s) on SUSE Linux Enterprise Server 11

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-0732
BugTraq ID: 104442;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4
Debian Security Information: DSA-4348 (Google Search)
Debian Security Information: DSA-4355 (Google Search)
RedHat Security Advisories: RHSA-2018:2552
RedHat Security Advisories: RHSA-2018:2553
RedHat Security Advisories: RHSA-2018:3221
RedHat Security Advisories: RHSA-2018:3505
RedHat Security Advisories: RHSA-2019:1296
RedHat Security Advisories: RHSA-2019:1297
RedHat Security Advisories: RHSA-2019:1543
Common Vulnerability Exposure (CVE) ID: CVE-2018-0737
BugTraq ID: 103766
RedHat Security Advisories: RHSA-2019:3932
RedHat Security Advisories: RHSA-2019:3933
RedHat Security Advisories: RHSA-2019:3935
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.