English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2009-13
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 12 May 2009
 Last revised: 12 May 2009

 Package: openssl

 Summary: openssl denial of service

 More information:
    The OpenSSL Project is a collaborative effort to develop a robust,
    commercial-grade, full-featured Open Source toolkit implementing the
    Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
    protocols as well as a full-strength general purpose cryptography library.

    The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to
    cause a denial of service (invalid memory access and application crash) via vectors that
    trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. (CVE-2009-0590)

 Affected Products:
    - Turbolinux Client 2008
    - Turbolinux Appliance Server 3.0 x64 Edition
    - Turbolinux Appliance Server 3.0
    - Turbolinux 11 Server x64 Edition
    - Turbolinux 11 Server
    - wizpy
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server


 <Turbolinux Client 2008>

   Source Packages
   Size: MD5

   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/turbolinux-source/openssl-0.9.8h-3.src.rpm
      3531695 da152cf28e40951dd0e013751524948c

   Binary Packages
   Size: MD5

   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/turbolinux-updates/openssl-0.9.8h-3.i586.rpm
      1642157 f2225abdb9a12a05a043db174abc2e76
   http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/turbolinux-updates/openssl-devel-0.9.8h-3.i586.rpm
      1521915 572faa9d058dd6ef7cf1ad6a24e62103

 <Turbolinux Appliance Server 3.0 x64 Edition>

   Source Packages
   Size: MD5

   openssl-0.9.8e-6.src.rpm
      3463701 873896005663aeda70447f6a09b8b84b

   Binary Packages
   Size: MD5

   openssl-0.9.8e-6.x86_64.rpm
      1775134 7bee5915c7bed64e22d908aab358ec6d
   openssl-devel-0.9.8e-6.x86_64.rpm
      1966178 a8888f04d8e51478fe55196b0dd48f12

 <Turbolinux Appliance Server 3.0>

   Source Packages
   Size: MD5

   openssl-0.9.8e-6.src.rpm
      3463701 873896005663aeda70447f6a09b8b84b

   Binary Packages
   Size: MD5

   openssl-0.9.8e-6.i686.rpm
      1700346 b0dd19b3234b3a71899d39b1afda5f27
   openssl-devel-0.9.8e-6.i686.rpm
      1907242 4767f7f665f602ee55aeabd0e6bc38e1

 <Turbolinux 11 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/11/updates/SRPMS/openssl-0.9.8e-6.src.rpm
      3463701 873896005663aeda70447f6a09b8b84b

   Binary Packages
   Size: MD5

   openssl-0.9.8e-6.x86_64.rpm
      1775134 7bee5915c7bed64e22d908aab358ec6d
   openssl-devel-0.9.8e-6.x86_64.rpm
      1966178 a8888f04d8e51478fe55196b0dd48f12

 <Turbolinux 11 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/11/updates/SRPMS/openssl-0.9.8e-6.src.rpm
      3463701 873896005663aeda70447f6a09b8b84b

   Binary Packages
   Size: MD5

   openssl-0.9.8e-6.i686.rpm
      1700346 1e57bc12ccf3258491cd979c1de3d666
   openssl-devel-0.9.8e-6.i686.rpm
      1907242 42b9ae73b6529768eafad667996c5f7a

 <wizpy>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/wizpy/updates/SRPMS/openssl-0.9.8-14.src.rpm
      3383819 842a8aba1ffb621b420b5fb77ed96ecb

   Binary Packages
   Size: MD5

   openssl-0.9.8-14.i386.rpm
      1658755 6189e141d1b7b4e67ab971e5c06230b3

 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   openssl-0.9.7d-16.src.rpm
      2938988 90ced6d54531d6815b9c56535f6871f5

   Binary Packages
   Size: MD5

   openssl-0.9.7d-16.i586.rpm
      1302921 4a69f79a27c81a0f0a4a414344f56e86
   openssl-devel-0.9.7d-16.i586.rpm
      1484806 c3c0110b31c26446dbabb06916fc2a53

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/11/updates/SRPMS/openssl-0.9.8-14.src.rpm
      3383445 2bb083d786b1f03d5ec214606c845b75
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/11/updates/SRPMS/openssl-compat-0.9.7d-16.src.rpm
      2917943 c0ec45b2a1ec7358ed8af202d6bea987

   Binary Packages
   Size: MD5

   openssl-0.9.8-14.i686.rpm
      1744589 6e0ff5aa2106b7b672a0363a670675fd
   openssl-compat-0.9.7d-16.i686.rpm
      1058699 fc4a536debb2565cea6956d85f6d1169
   openssl-devel-0.9.8-14.i686.rpm
      1929896 83f2958ace915e8b3bf360347b2adc79

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/openssl-0.9.7d-16.src.rpm
      2908239 4658395ce7116d97b11f2b33fa782862

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssl-0.9.7d-16.x86_64.rpm
      1413095 e74d8e2d839f4db74c5ad947bbd6a169
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssl-devel-0.9.7d-16.x86_64.rpm
      1547770 6d3b87a57c25c6e30ecfc46f867a994b

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/openssl-0.9.7d-16.src.rpm
      2938988 90ced6d54531d6815b9c56535f6871f5

   Binary Packages
   Size: MD5

   openssl-0.9.7d-16.i586.rpm
      1302921 4a69f79a27c81a0f0a4a414344f56e86
   openssl-devel-0.9.7d-16.i586.rpm
      1484806 c3c0110b31c26446dbabb06916fc2a53


 References:

 CVE
   [CVE-2009-0590]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590

 --------------------------------------------------------------------------
 Revision History
    12 May 2009 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2009 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)

iEYEARECAAYFAkoJR1AACgkQK0LzjOqIJMzlEgCgp2w6LF0MRiSC9tLGKo3jFrPT
GgYAn0rkNDASZb+BJRWTAjUiUVrWDE7L
=itxY
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.