ID de Prueba:	1.3.6.1.4.1.25623.1.0.835251
Categoría:	HP-UX Local Security Checks
Título:	HP-UX Update for OpenSSL HPSBUX02638
Resumen:	The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the OpenSSL package(s) announced via the referenced advisory. Vulnerability Insight: A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS) or an authentication bypass. Vulnerability Impact: Remote execution of arbitrary code Denial of Service (DoS) authentication bypass Affected Software/OS: OpenSSL on HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08q. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3864 1024743 http://securitytracker.com/id?1024743 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 42241 http://secunia.com/advisories/42241 42243 http://secunia.com/advisories/42243 42309 http://secunia.com/advisories/42309 42336 http://secunia.com/advisories/42336 42352 http://secunia.com/advisories/42352 42397 http://secunia.com/advisories/42397 42413 http://secunia.com/advisories/42413 43312 http://secunia.com/advisories/43312 44269 http://secunia.com/advisories/44269 57353 http://secunia.com/advisories/57353 ADV-2010-3041 http://www.vupen.com/english/advisories/2010/3041 ADV-2010-3077 http://www.vupen.com/english/advisories/2010/3077 ADV-2010-3097 http://www.vupen.com/english/advisories/2010/3097 ADV-2010-3121 http://www.vupen.com/english/advisories/2010/3121 APPLE-SA-2011-06-23-1 http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html DSA-2125 http://www.debian.org/security/2010/dsa-2125 FEDORA-2010-17826 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html FEDORA-2010-17827 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html FEDORA-2010-17847 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html FreeBSD-SA-10:10 http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc HPSBGN02740 http://marc.info/?l=bugtraq&m=132828103218869&w=2 HPSBMA02658 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777 HPSBOV02670 http://marc.info/?l=bugtraq&m=130497251507577&w=2 HPSBUX02638 http://marc.info/?l=bugtraq&m=129916880600544&w=2 RHSA-2010:0888 https://rhn.redhat.com/errata/RHSA-2010-0888.html SSA:2010-326-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793 SSRT100339 SSRT100413 SSRT100475 SSRT100741 SUSE-SR:2010:022 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html VU#737740 http://www.kb.cert.org/vuls/id/737740 [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html [syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html http://blogs.sun.com/security/entry/cve_2010_3864_race_condition http://openssl.org/news/secadv_20101116.txt http://support.apple.com/kb/HT4723 http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564 http://www.adobe.com/support/security/bulletins/apsb11-11.html http://www.vmware.com/security/advisories/VMSA-2011-0003.html https://bugzilla.redhat.com/show_bug.cgi?id=649304 Common Vulnerability Exposure (CVE) ID: CVE-2010-4180 1024822 http://www.securitytracker.com/id?1024822 42469 http://secunia.com/advisories/42469 42473 http://secunia.com/advisories/42473 42493 http://secunia.com/advisories/42493 42571 http://secunia.com/advisories/42571 42620 http://secunia.com/advisories/42620 42811 http://secunia.com/advisories/42811 42877 http://secunia.com/advisories/42877 43169 http://secunia.com/advisories/43169 43170 http://secunia.com/advisories/43170 43171 http://secunia.com/advisories/43171 43172 http://secunia.com/advisories/43172 43173 http://secunia.com/advisories/43173 45164 http://www.securityfocus.com/bid/45164 69565 http://osvdb.org/69565 ADV-2010-3120 http://www.vupen.com/english/advisories/2010/3120 ADV-2010-3122 http://www.vupen.com/english/advisories/2010/3122 ADV-2010-3134 http://www.vupen.com/english/advisories/2010/3134 ADV-2010-3188 http://www.vupen.com/english/advisories/2010/3188 ADV-2011-0032 http://www.vupen.com/english/advisories/2011/0032 ADV-2011-0076 http://www.vupen.com/english/advisories/2011/0076 ADV-2011-0268 http://www.vupen.com/english/advisories/2011/0268 DSA-2141 http://www.debian.org/security/2011/dsa-2141 FEDORA-2010-18736 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html FEDORA-2010-18765 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html HPSBHF02706 http://marc.info/?l=bugtraq&m=132077688910227&w=2 HPSBMU02759 http://www.securityfocus.com/archive/1/522176 MDVSA-2010:248 http://www.mandriva.com/security/advisories?name=MDVSA-2010:248 RHSA-2010:0977 http://www.redhat.com/support/errata/RHSA-2010-0977.html RHSA-2010:0978 http://www.redhat.com/support/errata/RHSA-2010-0978.html RHSA-2010:0979 http://www.redhat.com/support/errata/RHSA-2010-0979.html RHSA-2011:0896 http://www.redhat.com/support/errata/RHSA-2011-0896.html SSA:2010-340-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471 SSRT100613 SSRT100817 SUSE-SR:2011:001 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SUSE-SR:2011:009 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html SUSE-SU-2011:0847 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html USN-1029-1 http://ubuntu.com/usn/usn-1029-1 http://cvs.openssl.org/chngview?cn=20131 http://openssl.org/news/secadv_20101202.txt https://bugzilla.redhat.com/show_bug.cgi?id=659462 https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST openSUSE-SU-2011:0845 http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html oval:org.mitre.oval:def:18910 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910 Common Vulnerability Exposure (CVE) ID: CVE-2010-4252 1024823 http://securitytracker.com/id?1024823 45163 http://www.securityfocus.com/bid/45163 http://cvs.openssl.org/chngview?cn=20098 http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf https://bugzilla.redhat.com/show_bug.cgi?id=659297 https://github.com/seb-m/jpake oval:org.mitre.oval:def:19039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19039
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.