Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0059)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.122006
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2012-0059)
Summary:	The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2012-0059 advisory.
Description:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the ELSA-2012-0059 advisory. Vulnerability Insight: [1.0.0-20.1] - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) Affected Software/OS: 'openssl' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4108 48528 http://secunia.com/advisories/48528 57260 http://secunia.com/advisories/57260 57353 http://secunia.com/advisories/57353 APPLE-SA-2013-06-04-1 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html DSA-2390 http://www.debian.org/security/2012/dsa-2390 FEDORA-2012-18035 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html HPSBMU02776 http://marc.info/?l=bugtraq&m=133951357207000&w=2 HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPSBOV02793 http://marc.info/?l=bugtraq&m=134039053214295&w=2 HPSBUX02734 http://marc.info/?l=bugtraq&m=132750648501816&w=2 MDVSA-2012:006 http://www.mandriva.com/security/advisories?name=MDVSA-2012:006 MDVSA-2012:007 http://www.mandriva.com/security/advisories?name=MDVSA-2012:007 RHSA-2012:1306 http://rhn.redhat.com/errata/RHSA-2012-1306.html RHSA-2012:1307 http://rhn.redhat.com/errata/RHSA-2012-1307.html RHSA-2012:1308 http://rhn.redhat.com/errata/RHSA-2012-1308.html SSRT100729 SSRT100852 SSRT100877 SSRT100891 SUSE-SU-2012:0084 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html SUSE-SU-2014:0320 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html VU#737740 http://www.kb.cert.org/vuls/id/737740 http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc http://support.apple.com/kb/HT5784 http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564 http://www.isg.rhul.ac.uk/~kp/dtls.pdf http://www.openssl.org/news/secadv_20120104.txt https://security.paloaltonetworks.com/CVE-2011-4108 openSUSE-SU-2012:0083 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html Common Vulnerability Exposure (CVE) ID: CVE-2011-4576 55069 http://secunia.com/advisories/55069 Common Vulnerability Exposure (CVE) ID: CVE-2011-4577 Common Vulnerability Exposure (CVE) ID: CVE-2011-4619 HPSBUX02782 http://marc.info/?l=bugtraq&m=133728068926468&w=2 SSRT100844
Copyright	Copyright (C) 2015 Greenbone AG