Test Kennung:	1.3.6.1.4.1.25623.1.0.58634
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Security Advisory (FreeBSD-SA-07:08.openssl.asc)
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-07:08.openssl.asc
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:08.openssl.asc Vulnerability Insight: FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. A buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found to be incorrectly fixed. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5135 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html BugTraq ID: 25831 http://www.securityfocus.com/bid/25831 Bugtraq: 20070927 OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow (Google Search) http://www.securityfocus.com/archive/1/480855/100/0/threaded Bugtraq: 20071004 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow (Google Search) http://www.securityfocus.com/archive/1/481217/100/0/threaded Bugtraq: 20071003 FLEA-2007-0058-1 openssl openssl-scripts (Google Search) http://www.securityfocus.com/archive/1/481488/100/0/threaded http://www.securityfocus.com/archive/1/481506/100/0/threaded Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/485936/100/0/threaded Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/486859/100/0/threaded Debian Security Information: DSA-1379 (Google Search) http://www.debian.org/security/2007/dsa-1379 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html FreeBSD Security Advisory: FreeBSD-SA-07:08 http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc http://security.gentoo.org/glsa/glsa-200710-06.xml http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml HPdes Security Advisory: HPSBUX02292 http://www.securityfocus.com/archive/1/484353/100/0/threaded HPdes Security Advisory: SSRT071499 http://www.mandriva.com/security/advisories?name=MDKSA-2007:193 https://bugs.gentoo.org/show_bug.cgi?id=194039 http://lists.vmware.com/pipermail/security-announce/2008/000002.html NETBSD Security Advisory: NetBSD-SA2008-007 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc OpenBSD Security Advisory: [4.0] 017: SECURITY FIX: October 10, 2007 http://www.openbsd.org/errata40.html OpenBSD Security Advisory: [4.1] 011: SECURITY FIX: October 10, 2007 http://www.openbsd.org/errata41.html OpenBSD Security Advisory: [4.2] 002: SECURITY FIX: October 10, 2007 http://www.openbsd.org/errata42.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10904 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5337 http://www.redhat.com/support/errata/RHSA-2007-0813.html http://www.redhat.com/support/errata/RHSA-2007-0964.html http://www.redhat.com/support/errata/RHSA-2007-1003.html http://www.securitytracker.com/id?1018755 http://secunia.com/advisories/22130 http://secunia.com/advisories/27012 http://secunia.com/advisories/27021 http://secunia.com/advisories/27031 http://secunia.com/advisories/27051 http://secunia.com/advisories/27078 http://secunia.com/advisories/27097 http://secunia.com/advisories/27186 http://secunia.com/advisories/27205 http://secunia.com/advisories/27217 http://secunia.com/advisories/27229 http://secunia.com/advisories/27330 http://secunia.com/advisories/27394 http://secunia.com/advisories/27851 http://secunia.com/advisories/27870 http://secunia.com/advisories/27961 http://secunia.com/advisories/28368 http://secunia.com/advisories/29242 http://secunia.com/advisories/30124 http://secunia.com/advisories/30161 http://secunia.com/advisories/31308 http://secunia.com/advisories/31326 http://secunia.com/advisories/31467 http://secunia.com/advisories/31489 http://securityreason.com/securityalert/3179 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103130-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200858-1 SuSE Security Announcement: SUSE-SR:2007:020 (Google Search) http://www.novell.com/linux/security/advisories/2007_20_sr.html SuSE Security Announcement: SUSE-SR:2008:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html https://usn.ubuntu.com/522-1/ http://www.vupen.com/english/advisories/2007/3325 http://www.vupen.com/english/advisories/2007/3625 http://www.vupen.com/english/advisories/2007/4042 http://www.vupen.com/english/advisories/2007/4144 http://www.vupen.com/english/advisories/2008/0064 http://www.vupen.com/english/advisories/2008/2268 http://www.vupen.com/english/advisories/2008/2361 http://www.vupen.com/english/advisories/2008/2362 XForce ISS Database: openssl-sslgetshared-bo(36837) https://exchange.xforce.ibmcloud.com/vulnerabilities/36837
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.