Test Kennung:	1.3.6.1.4.1.25623.1.0.54252
Kategorie:	Trustix Local Security Checks
Titel:	Trustix Security Advisory TSLSA-2003-0005 (openssl)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory TSLSA-2003-0005. From the openssl advisory: OpenSSL version since 0.9.6c supposedly treat block cipher padding errors like MAC verification errors during record decryption (see http://www.openssl.org/~ bodo/tls-cbc.txt), but MAC verification was still skipped after detection of a padding error, which allowed the timing attack. (Note that it is likely that other SSL/TLS implementations will have similar problems.) OpenSSL 0.9.6i and 0.9.7a perform a MAC computation even if incorrrect block cipher padding has been found to minimize information leaked via timing. For earlier versions starting with 0.9.6e, the enclosed security patch can be used. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2003-0005 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.