English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.66762
Categoría:Mandrake Local Security Checks
Título:Mandriva Security Advisory MDVSA-2010:022 (openssl)
Resumen:NOSUMMARY
Descripción:Description:
The remote host is missing an update to openssl
announced via advisory MDVSA-2010:022.

Some vulnerabilities were discovered and corrected in openssl:

Memory leak in the zlib_stateful_finish function in
crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta
through Beta 4 allows remote attackers to cause a denial of service
(memory consumption) via vectors that trigger incorrect calls to the
CRYPTO_free_all_ex_data function, as demonstrated by use of SSLv3
and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678
(CVE-2009-4355).

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.

The updated packages have been patched to correct thies issue.

Affected: 2008.0, 2009.0, 2009.1, 2010.0, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:022

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-1678
31026
http://secunia.com/advisories/31026
31416
http://secunia.com/advisories/31416
31681
http://www.securityfocus.com/bid/31681
31692
http://www.securityfocus.com/bid/31692
32222
http://secunia.com/advisories/32222
34219
http://secunia.com/advisories/34219
35264
http://secunia.com/advisories/35264
38761
http://secunia.com/advisories/38761
3981
http://securityreason.com/securityalert/3981
42724
http://secunia.com/advisories/42724
42733
http://secunia.com/advisories/42733
44183
http://secunia.com/advisories/44183
ADV-2008-2780
http://www.vupen.com/english/advisories/2008/2780
APPLE-SA-2008-10-09
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
FEDORA-2008-6393
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html
GLSA-200807-06
http://security.gentoo.org/glsa/glsa-200807-06.xml
MDVSA-2009:124
http://www.mandriva.com/security/advisories?name=MDVSA-2009:124
RHSA-2009:1075
http://www.redhat.com/support/errata/RHSA-2009-1075.html
SSA:2010-060-02
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049
SUSE-SR:2008:024
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
USN-731-1
http://www.ubuntu.com/usn/USN-731-1
[openssl-dev] 20080512 possible memory leak in zlib compression
http://marc.info/?l=openssl-dev&m=121060672602371&w=2
http://bugs.gentoo.org/show_bug.cgi?id=222643
http://support.apple.com/kb/HT3216
http://svn.apache.org/viewvc?view=rev&revision=654119
https://bugs.edge.launchpad.net/bugs/186339
https://bugs.edge.launchpad.net/bugs/224945
https://bugzilla.redhat.com/show_bug.cgi?id=447268
https://issues.apache.org/bugzilla/show_bug.cgi?id=44975
https://kb.bluecoat.com/index?page=content&id=SA50
openssl-libssl-dos(43948)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43948
oval:org.mitre.oval:def:9754
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9754
Common Vulnerability Exposure (CVE) ID: CVE-2009-4355
Debian Security Information: DSA-1970 (Google Search)
http://www.debian.org/security/2010/dsa-1970
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html
HPdes Security Advisory: HPSBUX02517
http://marc.info/?l=bugtraq&m=127128920008563&w=2
HPdes Security Advisory: SSRT100058
http://www.mandriva.com/security/advisories?name=MDVSA-2010:022
http://www.openwall.com/lists/oss-security/2010/01/13/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11260
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12168
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6678
RedHat Security Advisories: RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://secunia.com/advisories/38175
http://secunia.com/advisories/38181
http://secunia.com/advisories/38200
http://secunia.com/advisories/39461
SuSE Security Announcement: SUSE-SA:2010:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
http://www.ubuntu.com/usn/USN-884-1
http://www.vupen.com/english/advisories/2010/0124
http://www.vupen.com/english/advisories/2010/0839
http://www.vupen.com/english/advisories/2010/0916
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.