ID de Prueba:	1.3.6.1.4.1.25623.1.0.112976
Categoría:	Denial of Service
Título:	OpenSSL: Multiple DoS Vulnerabilities (CVE-2013-4353, CVE-2013-6449) - Linux
Resumen:	OpenSSL is prone to multiple denial of service (DoS) vulnerabilities.
Descripción:	Summary: OpenSSL is prone to multiple denial of service (DoS) vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. (CVE-2013-4353) - A flaw in OpenSSL can cause an application using OpenSSL to crash when using TLS version 1.2. (CVE-2013-6449) Affected Software/OS: OpenSSL 1.0.1 through 1.0.1e. Solution: Update to version 1.0.1f or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4353 Debian Security Information: DSA-2837 (Google Search) http://www.debian.org/security/2014/dsa-2837 http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html RedHat Security Advisories: RHSA-2014:0015 http://rhn.redhat.com/errata/RHSA-2014-0015.html RedHat Security Advisories: RHSA-2014:0041 http://rhn.redhat.com/errata/RHSA-2014-0041.html SuSE Security Announcement: openSUSE-SU-2014:0094 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00065.html SuSE Security Announcement: openSUSE-SU-2014:0096 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00067.html SuSE Security Announcement: openSUSE-SU-2014:0099 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00070.html http://www.ubuntu.com/usn/USN-2079-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-6449 BugTraq ID: 64530 http://www.securityfocus.com/bid/64530 Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Debian Security Information: DSA-2833 (Google Search) http://www.debian.org/security/2014/dsa-2833 http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124833.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124854.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124858.html http://seclists.org/fulldisclosure/2014/Dec/23 http://security.gentoo.org/glsa/glsa-201412-39.xml http://www.securitytracker.com/id/1029548 SuSE Security Announcement: openSUSE-SU-2014:0012 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00006.html SuSE Security Announcement: openSUSE-SU-2014:0015 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00009.html SuSE Security Announcement: openSUSE-SU-2014:0018 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00012.html SuSE Security Announcement: openSUSE-SU-2014:0048 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00031.html
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.