Test Kennung:	1.3.6.1.4.1.25623.1.0.831330
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Update for openssl MDVSA-2011:028 (openssl)
Zusammenfassung:	The remote host is missing an update for the 'openssl'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in openssl: Incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension (CVE-2011-0014). Packages for 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct this issue. Affected Software/OS: openssl on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0014 1025050 http://www.securitytracker.com/id?1025050 43227 http://secunia.com/advisories/43227 43286 http://secunia.com/advisories/43286 43301 http://secunia.com/advisories/43301 43339 http://secunia.com/advisories/43339 44269 http://secunia.com/advisories/44269 46264 http://www.securityfocus.com/bid/46264 57353 http://secunia.com/advisories/57353 70847 http://osvdb.org/70847 ADV-2011-0361 http://www.vupen.com/english/advisories/2011/0361 ADV-2011-0387 http://www.vupen.com/english/advisories/2011/0387 ADV-2011-0389 http://www.vupen.com/english/advisories/2011/0389 ADV-2011-0395 http://www.vupen.com/english/advisories/2011/0395 ADV-2011-0399 http://www.vupen.com/english/advisories/2011/0399 ADV-2011-0603 http://www.vupen.com/english/advisories/2011/0603 APPLE-SA-2011-06-23-1 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html DSA-2162 http://www.debian.org/security/2011/dsa-2162 FEDORA-2011-1273 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html HPSBMA02658 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777 HPSBOV02670 http://marc.info/?l=bugtraq&m=130497251507577&w=2 HPSBUX02689 http://marc.info/?l=bugtraq&m=131042179515633&w=2 MDVSA-2011:028 http://www.mandriva.com/security/advisories?name=MDVSA-2011:028 NetBSD-SA2011-002 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc RHSA-2011:0677 http://www.redhat.com/support/errata/RHSA-2011-0677.html SSA:2011-041-04 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823 SSRT100413 SSRT100475 SSRT100494 SUSE-SR:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html USN-1064-1 http://www.ubuntu.com/usn/USN-1064-1 http://support.apple.com/kb/HT4723 http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564 http://www.openssl.org/news/secadv_20110208.txt https://support.f5.com/csp/article/K10534046 oval:org.mitre.oval:def:18985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.