HP-UX Local Security Checks : HP-UX Update for OpenSSL HPSBUX02610

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.835245

Categoría: HP-UX Local Security Checks

Título: HP-UX Update for OpenSSL HPSBUX02610

Resumen: The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.

Vulnerability Insight:
A potential security vulnerability has been identified with HP-UX OpenSSL.
This vulnerability could be exploited remotely to execute arbitrary code or
create a Denial of Service (DoS).

Vulnerability Impact:
Remote execution of arbitrary code, Denial of Service (DoS)

Affected Software/OS:
OpenSSL on HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08o.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0742
40000
http://secunia.com/advisories/40000
40024
http://secunia.com/advisories/40024
40502
http://www.securityfocus.com/bid/40502
42457
http://secunia.com/advisories/42457
42724
http://secunia.com/advisories/42724
42733
http://secunia.com/advisories/42733
57353
http://secunia.com/advisories/57353
ADV-2010-1313
http://www.vupen.com/english/advisories/2010/1313
ADV-2010-3105
http://www.vupen.com/english/advisories/2010/3105
HPSBUX02610
http://marc.info/?l=bugtraq&m=129138643405740&w=2
SSRT100341
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
http://cvs.openssl.org/chngview?cn=19693
http://cvs.openssl.org/filediff?f=openssl/crypto/cms/cms_asn1.c&v1=1.8&v2=1.8.6.1
http://rt.openssl.org/Ticket/Display.html?id=2211&user=guest&pass=guest
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
http://www.openssl.org/news/secadv_20100601.txt
https://bugzilla.redhat.com/show_bug.cgi?id=598738
https://kb.bluecoat.com/index?page=content&id=SA50
oval:org.mitre.oval:def:12395
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12395

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.835245
Categoría:	HP-UX Local Security Checks
Título:	HP-UX Update for OpenSSL HPSBUX02610
Resumen:	The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory. Vulnerability Insight: A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS). Vulnerability Impact: Remote execution of arbitrary code, Denial of Service (DoS) Affected Software/OS: OpenSSL on HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08o. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0742 40000 http://secunia.com/advisories/40000 40024 http://secunia.com/advisories/40024 40502 http://www.securityfocus.com/bid/40502 42457 http://secunia.com/advisories/42457 42724 http://secunia.com/advisories/42724 42733 http://secunia.com/advisories/42733 57353 http://secunia.com/advisories/57353 ADV-2010-1313 http://www.vupen.com/english/advisories/2010/1313 ADV-2010-3105 http://www.vupen.com/english/advisories/2010/3105 HPSBUX02610 http://marc.info/?l=bugtraq&m=129138643405740&w=2 SSRT100341 [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html http://cvs.openssl.org/chngview?cn=19693 http://cvs.openssl.org/filediff?f=openssl/crypto/cms/cms_asn1.c&v1=1.8&v2=1.8.6.1 http://rt.openssl.org/Ticket/Display.html?id=2211&user=guest&pass=guest http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564 http://www.openssl.org/news/secadv_20100601.txt https://bugzilla.redhat.com/show_bug.cgi?id=598738 https://kb.bluecoat.com/index?page=content&id=SA50 oval:org.mitre.oval:def:12395 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12395
Copyright	Copyright (C) 2011 Greenbone AG