ID de Prueba:	1.3.6.1.4.1.25623.1.0.117590
Categoría:	Denial of Service
Título:	OpenSSL DoS Vulnerability (20180327) - Windows
Resumen:	OpenSSL is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: OpenSSL is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Reported by OSS-fuzz. Affected Software/OS: OpenSSL version 1.0.2b through 1.0.2n and 1.1.0 through 1.1.0g. Solution: Update to version 1.0.2o, 1.1.0h or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-0739 BugTraq ID: 103518 http://www.securityfocus.com/bid/103518 BugTraq ID: 105609 http://www.securityfocus.com/bid/105609 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ https://security.netapp.com/advisory/ntap-20180330-0002/ https://security.netapp.com/advisory/ntap-20180726-0002/ https://securityadvisories.paloaltonetworks.com/Home/Detail/133 https://www.openssl.org/news/secadv/20180327.txt https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.tenable.com/security/tns-2018-04 https://www.tenable.com/security/tns-2018-06 https://www.tenable.com/security/tns-2018-07 Debian Security Information: DSA-4157 (Google Search) https://www.debian.org/security/2018/dsa-4157 Debian Security Information: DSA-4158 (Google Search) https://www.debian.org/security/2018/dsa-4158 https://security.gentoo.org/glsa/201811-21 https://security.gentoo.org/glsa/202007-53 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html RedHat Security Advisories: RHSA-2018:3090 https://access.redhat.com/errata/RHSA-2018:3090 RedHat Security Advisories: RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3221 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 RedHat Security Advisories: RHSA-2019:0366 https://access.redhat.com/errata/RHSA-2019:0366 RedHat Security Advisories: RHSA-2019:0367 https://access.redhat.com/errata/RHSA-2019:0367 RedHat Security Advisories: RHSA-2019:1711 https://access.redhat.com/errata/RHSA-2019:1711 RedHat Security Advisories: RHSA-2019:1712 https://access.redhat.com/errata/RHSA-2019:1712 http://www.securitytracker.com/id/1040576 https://usn.ubuntu.com/3611-1/ https://usn.ubuntu.com/3611-2/
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.