ID de Prueba:	1.3.6.1.4.1.25623.1.0.170675
Categoría:	Denial of Service
Título:	OpenSSL DoS Vulnerability (20231106) - Linux
Resumen:	OpenSSL is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: OpenSSL is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Vulnerability Impact: Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a denial of service. Affected Software/OS: OpenSSL versions 1.0.2, 1.1.1, 3.0 and 3.1. Solution: Update to version 1.0.2zj, 1.1.1x, 3.0.13, 3.1.5 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-5678 1.0.2zj git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055 1.1.1x git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c 3.0.13 git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 3.1.5 git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6 OpenSSL Advisory https://www.openssl.org/news/secadv/20231106.txt http://www.openwall.com/lists/oss-security/2024/03/11/1
Copyright	Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.