ID de Prueba:	1.3.6.1.4.1.25623.1.0.68673
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2010-326-01)
Resumen:	The remote host is missing an update for the 'openssl' package(s) announced via the SSA:2010-326-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the SSA:2010-326-01 advisory. Vulnerability Insight: New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/openssl-0.9.8p-i486-1_slack13.1.txz: Rebuilt. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: [links moved to references] (* Security fix *) patches/packages/openssl-solibs-0.9.8p-i486-1_slack13.1.txz: Rebuilt. (* Security fix *) +--------------------------+ Affected Software/OS: 'openssl' package(s) on Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2939 1024296 http://securitytracker.com/id?1024296 20100807 openssl-1.0.0a http://seclists.org/fulldisclosure/2010/Aug/84 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 40906 http://secunia.com/advisories/40906 41105 http://secunia.com/advisories/41105 42309 http://secunia.com/advisories/42309 42413 http://secunia.com/advisories/42413 43312 http://secunia.com/advisories/43312 ADV-2010-2038 http://www.vupen.com/english/advisories/2010/2038 ADV-2010-2229 http://www.vupen.com/english/advisories/2010/2229 ADV-2010-3077 http://www.vupen.com/english/advisories/2010/3077 DSA-2100 http://www.debian.org/security/2010/dsa-2100 FreeBSD-SA-10:10 http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 SSA:2010-326-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793 SSRT100409 SUSE-SR:2010:021 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html USN-1003-1 http://www.ubuntu.com/usn/USN-1003-1 [openssl-dev] 20100807 Re: openssl-1.0.0a and glibc detected sthg ;) http://www.mail-archive.com/openssl-dev%40openssl.org/msg28045.html [openssl-dev] 20100807 openssl-1.0.0a and glibc detected sthg ;) http://www.mail-archive.com/openssl-dev%40openssl.org/msg28043.html [openssl-dev] 20100808 Re: openssl-1.0.0a and glibc detected sthg ;) http://www.mail-archive.com/openssl-dev%40openssl.org/msg28049.html [oss-security] 20100812 Re: CVE Request: openssl double free http://www.openwall.com/lists/oss-security/2010/08/11/6 http://www.vmware.com/security/advisories/VMSA-2011-0003.html Common Vulnerability Exposure (CVE) ID: CVE-2010-3864 1024743 http://securitytracker.com/id?1024743 42241 http://secunia.com/advisories/42241 42243 http://secunia.com/advisories/42243 42336 http://secunia.com/advisories/42336 42352 http://secunia.com/advisories/42352 42397 http://secunia.com/advisories/42397 44269 http://secunia.com/advisories/44269 57353 http://secunia.com/advisories/57353 ADV-2010-3041 http://www.vupen.com/english/advisories/2010/3041 ADV-2010-3097 http://www.vupen.com/english/advisories/2010/3097 ADV-2010-3121 http://www.vupen.com/english/advisories/2010/3121 APPLE-SA-2011-06-23-1 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html DSA-2125 http://www.debian.org/security/2010/dsa-2125 FEDORA-2010-17826 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html FEDORA-2010-17827 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html FEDORA-2010-17847 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html HPSBGN02740 http://marc.info/?l=bugtraq&m=132828103218869&w=2 HPSBMA02658 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777 HPSBOV02670 http://marc.info/?l=bugtraq&m=130497251507577&w=2 HPSBUX02638 http://marc.info/?l=bugtraq&m=129916880600544&w=2 RHSA-2010:0888 https://rhn.redhat.com/errata/RHSA-2010-0888.html SSRT100339 SSRT100413 SSRT100475 SSRT100741 SUSE-SR:2010:022 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html VU#737740 http://www.kb.cert.org/vuls/id/737740 [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html http://blogs.sun.com/security/entry/cve_2010_3864_race_condition http://openssl.org/news/secadv_20101116.txt http://support.apple.com/kb/HT4723 http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564 http://www.adobe.com/support/security/bulletins/apsb11-11.html https://bugzilla.redhat.com/show_bug.cgi?id=649304
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.