English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.105605
Category:General
Title:Multiple Security issues with ScreenOS (JSA10732/JSA10733)
Summary:ScreenOS: Multiple Vulnerabilities in OpenSSL / Malformed SSL/TLS packet causes Denial of Service
Description:Summary:
ScreenOS: Multiple Vulnerabilities in OpenSSL / Malformed SSL/TLS packet causes Denial of Service

Vulnerability Insight:
A specially crafted malformed packet received on any interface targeted to the device's administrative web services interface may cause loss of administrative access to the system and can reboot the system causing a complete denial of service.

Affected Software/OS:
These issues can affect any product or platform running ScreenOS prior to 6.3.0r22

Solution:
Update to ScreenOS 6.3.0r22 or newer

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-1789
1032564
http://www.securitytracker.com/id/1032564
20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl
75156
http://www.securityfocus.com/bid/75156
91787
http://www.securityfocus.com/bid/91787
APPLE-SA-2015-08-13-2
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
DSA-3287
http://www.debian.org/security/2015/dsa-3287
FEDORA-2015-10047
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html
FEDORA-2015-10108
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html
GLSA-201506-02
https://security.gentoo.org/glsa/201506-02
HPSBGN03371
http://marc.info/?l=bugtraq&m=143654156615516&w=2
HPSBMU03409
http://marc.info/?l=bugtraq&m=144050155601375&w=2
HPSBUX03388
http://marc.info/?l=bugtraq&m=143880121627664&w=2
NetBSD-SA2015-008
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
RHSA-2015:1115
http://rhn.redhat.com/errata/RHSA-2015-1115.html
RHSA-2015:1197
http://rhn.redhat.com/errata/RHSA-2015-1197.html
SSRT102180
SUSE-SU-2015:1143
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
SUSE-SU-2015:1150
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
SUSE-SU-2015:1181
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
SUSE-SU-2015:1182
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
SUSE-SU-2015:1183
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
SUSE-SU-2015:1184
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
SUSE-SU-2015:1185
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
USN-2639-1
http://www.ubuntu.com/usn/USN-2639-1
http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733
http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015
http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
https://bto.bluecoat.com/security-advisory/sa98
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
https://openssl.org/news/secadv/20150611.txt
https://support.apple.com/kb/HT205031
https://support.citrix.com/article/CTX216642
https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11
https://www.openssl.org/news/secadv_20150611.txt
openSUSE-SU-2015:1139
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
openSUSE-SU-2015:1277
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
openSUSE-SU-2016:0640
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-1790
75157
http://www.securityfocus.com/bid/75157
https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686
Common Vulnerability Exposure (CVE) ID: CVE-2015-1791
1032479
http://www.securitytracker.com/id/1032479
75161
http://www.securityfocus.com/bid/75161
http://www-304.ibm.com/support/docview.wss?uid=swg21960041
https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc
Common Vulnerability Exposure (CVE) ID: CVE-2015-3195
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
BugTraq ID: 78626
http://www.securityfocus.com/bid/78626
BugTraq ID: 91787
Cisco Security Advisory: 20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl
Debian Security Information: DSA-3413 (Google Search)
http://www.debian.org/security/2015/dsa-3413
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html
HPdes Security Advisory: HPSBGN03536
http://marc.info/?l=bugtraq&m=145382583417444&w=2
RedHat Security Advisories: RHSA-2015:2616
http://rhn.redhat.com/errata/RHSA-2015-2616.html
RedHat Security Advisories: RHSA-2015:2617
http://rhn.redhat.com/errata/RHSA-2015-2617.html
RedHat Security Advisories: RHSA-2016:2056
http://rhn.redhat.com/errata/RHSA-2016-2056.html
RedHat Security Advisories: RHSA-2016:2957
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://www.securitytracker.com/id/1034294
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583
SuSE Security Announcement: SUSE-SU-2016:0678 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html
SuSE Security Announcement: openSUSE-SU-2015:2288 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html
SuSE Security Announcement: openSUSE-SU-2015:2289 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html
SuSE Security Announcement: openSUSE-SU-2015:2318 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html
SuSE Security Announcement: openSUSE-SU-2015:2349 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00103.html
SuSE Security Announcement: openSUSE-SU-2016:0637 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html
SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search)
http://www.ubuntu.com/usn/USN-2830-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1268
http://www.securitytracker.com/id/1035666
CopyrightCopyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.