English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.68703
Kategorie:FreeBSD Local Security Checks
Titel:FreeBSD Ports: openssl
Zusammenfassung:The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: openssl

CVE-2010-3864
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through
0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching
are enabled on a TLS server, might allow remote attackers to execute
arbitrary code via client data that triggers a heap-based buffer
overflow, related to (1) the TLS server name extension and (2)
elliptic curve cryptography.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.6

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-3864
1024743
http://securitytracker.com/id?1024743
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
http://www.securityfocus.com/archive/1/516397/100/0/threaded
42241
http://secunia.com/advisories/42241
42243
http://secunia.com/advisories/42243
42309
http://secunia.com/advisories/42309
42336
http://secunia.com/advisories/42336
42352
http://secunia.com/advisories/42352
42397
http://secunia.com/advisories/42397
42413
http://secunia.com/advisories/42413
43312
http://secunia.com/advisories/43312
44269
http://secunia.com/advisories/44269
57353
http://secunia.com/advisories/57353
ADV-2010-3041
http://www.vupen.com/english/advisories/2010/3041
ADV-2010-3077
http://www.vupen.com/english/advisories/2010/3077
ADV-2010-3097
http://www.vupen.com/english/advisories/2010/3097
ADV-2010-3121
http://www.vupen.com/english/advisories/2010/3121
APPLE-SA-2011-06-23-1
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
DSA-2125
http://www.debian.org/security/2010/dsa-2125
FEDORA-2010-17826
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html
FEDORA-2010-17827
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html
FEDORA-2010-17847
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html
FreeBSD-SA-10:10
http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc
HPSBGN02740
http://marc.info/?l=bugtraq&m=132828103218869&w=2
HPSBMA02658
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
HPSBOV02670
http://marc.info/?l=bugtraq&m=130497251507577&w=2
HPSBUX02638
http://marc.info/?l=bugtraq&m=129916880600544&w=2
RHSA-2010:0888
https://rhn.redhat.com/errata/RHSA-2010-0888.html
SSA:2010-326-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793
SSRT100339
SSRT100413
SSRT100475
SSRT100741
SUSE-SR:2010:022
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
VU#737740
http://www.kb.cert.org/vuls/id/737740
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
http://blogs.sun.com/security/entry/cve_2010_3864_race_condition
http://openssl.org/news/secadv_20101116.txt
http://support.apple.com/kb/HT4723
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
http://www.adobe.com/support/security/bulletins/apsb11-11.html
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=649304
CopyrightCopyright (C) 2011 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.