Test ID:	1.3.6.1.4.1.25623.1.0.72096
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2012:011 (openssl)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to openssl announced via advisory MDVSA-2012:011. A vulnerability has been found and corrected in openssl: OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108 (CVE-2012-0050). The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t version which is not vulnerable to this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:011 http://www.openssl.org/news/secadv_20120118.txt Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4108 48528 http://secunia.com/advisories/48528 57260 http://secunia.com/advisories/57260 57353 http://secunia.com/advisories/57353 APPLE-SA-2013-06-04-1 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html DSA-2390 http://www.debian.org/security/2012/dsa-2390 FEDORA-2012-18035 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html HPSBMU02776 http://marc.info/?l=bugtraq&m=133951357207000&w=2 HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPSBOV02793 http://marc.info/?l=bugtraq&m=134039053214295&w=2 HPSBUX02734 http://marc.info/?l=bugtraq&m=132750648501816&w=2 MDVSA-2012:006 http://www.mandriva.com/security/advisories?name=MDVSA-2012:006 MDVSA-2012:007 http://www.mandriva.com/security/advisories?name=MDVSA-2012:007 RHSA-2012:1306 http://rhn.redhat.com/errata/RHSA-2012-1306.html RHSA-2012:1307 http://rhn.redhat.com/errata/RHSA-2012-1307.html RHSA-2012:1308 http://rhn.redhat.com/errata/RHSA-2012-1308.html SSRT100729 SSRT100852 SSRT100877 SSRT100891 SUSE-SU-2012:0084 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html SUSE-SU-2014:0320 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html VU#737740 http://www.kb.cert.org/vuls/id/737740 http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc http://support.apple.com/kb/HT5784 http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564 http://www.isg.rhul.ac.uk/~kp/dtls.pdf http://www.openssl.org/news/secadv_20120104.txt https://security.paloaltonetworks.com/CVE-2011-4108 openSUSE-SU-2012:0083 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html Common Vulnerability Exposure (CVE) ID: CVE-2012-0050 1026548 http://www.securitytracker.com/id?1026548 47631 http://secunia.com/advisories/47631 47677 http://secunia.com/advisories/47677 47755 http://secunia.com/advisories/47755 51563 http://www.securityfocus.com/bid/51563 78320 http://osvdb.org/78320 DSA-2392 http://www.debian.org/security/2012/dsa-2392 HPSBUX02737 http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03169289 MDVSA-2012:011 http://www.mandriva.com/security/advisories?name=MDVSA-2012:011 SSRT100747 http://www.openssl.org/news/secadv_20120118.txt
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.