Test ID:	1.3.6.1.4.1.25623.1.0.122898
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2016-0372)
Summary:	The remote host is missing an update for the 'openssl098e' package(s) announced via the ELSA-2016-0372 advisory.
Description:	Summary: The remote host is missing an update for the 'openssl098e' package(s) announced via the ELSA-2016-0372 advisory. Vulnerability Insight: [0.9.8e-20.0.1.1] - Updated the description [0.9.8e-20.1] - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method [0.9.8e-20] - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability Affected Software/OS: 'openssl098e' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0293 http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html BugTraq ID: 73232 http://www.securityfocus.com/bid/73232 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html FreeBSD Security Advisory: FreeBSD-SA-16:12 https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.asc https://security.gentoo.org/glsa/201503-11 HPdes Security Advisory: HPSBMU03380 http://marc.info/?l=bugtraq&m=143748090628601&w=2 HPdes Security Advisory: HPSBMU03397 http://marc.info/?l=bugtraq&m=144050297101809&w=2 HPdes Security Advisory: HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 HPdes Security Advisory: HPSBUX03334 http://marc.info/?l=bugtraq&m=143213830203296&w=2 HPdes Security Advisory: SSRT102000 http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 http://www.mandriva.com/security/advisories?name=MDVSA-2015:063 RedHat Security Advisories: RHSA-2015:0715 http://rhn.redhat.com/errata/RHSA-2015-0715.html RedHat Security Advisories: RHSA-2015:0716 http://rhn.redhat.com/errata/RHSA-2015-0716.html RedHat Security Advisories: RHSA-2015:0752 http://rhn.redhat.com/errata/RHSA-2015-0752.html RedHat Security Advisories: RHSA-2015:0800 http://rhn.redhat.com/errata/RHSA-2015-0800.html http://www.securitytracker.com/id/1031929 SuSE Security Announcement: SUSE-SU-2015:0541 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html SuSE Security Announcement: SUSE-SU-2015:0578 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html SuSE Security Announcement: SUSE-SU-2016:0617 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html SuSE Security Announcement: SUSE-SU-2016:0620 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html SuSE Security Announcement: SUSE-SU-2016:0621 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html SuSE Security Announcement: SUSE-SU-2016:0624 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html SuSE Security Announcement: SUSE-SU-2016:0631 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html SuSE Security Announcement: SUSE-SU-2016:0641 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html SuSE Security Announcement: SUSE-SU-2016:1057 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html SuSE Security Announcement: openSUSE-SU-2015:0554 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html SuSE Security Announcement: openSUSE-SU-2016:0628 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html SuSE Security Announcement: openSUSE-SU-2016:0637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html SuSE Security Announcement: openSUSE-SU-2016:0638 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html SuSE Security Announcement: openSUSE-SU-2016:0720 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html http://www.ubuntu.com/usn/USN-2537-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-3197 BugTraq ID: 82237 http://www.securityfocus.com/bid/82237 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 CERT/CC vulnerability note: VU#257823 https://www.kb.cert.org/vuls/id/257823 http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html https://security.FreeBSD.org/advisories/FreeBSD-SA-16:11.openssl.asc https://security.gentoo.org/glsa/201601-05 http://www.securitytracker.com/id/1034849 SuSE Security Announcement: SUSE-SU-2016:0678 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html SuSE Security Announcement: openSUSE-SU-2016:1239 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html SuSE Security Announcement: openSUSE-SU-2016:1241 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html Common Vulnerability Exposure (CVE) ID: CVE-2016-0703 BugTraq ID: 83743 http://www.securityfocus.com/bid/83743 Cisco Security Advisory: 20160302 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc https://security.gentoo.org/glsa/201603-15 https://drownattack.com https://www.arista.com/en/support/advisories-notices/security-advisories/1260-security-advisory-18 http://www.securitytracker.com/id/1035133 Common Vulnerability Exposure (CVE) ID: CVE-2016-0704 BugTraq ID: 83764 http://www.securityfocus.com/bid/83764 Common Vulnerability Exposure (CVE) ID: CVE-2016-0800 BugTraq ID: 83733 http://www.securityfocus.com/bid/83733 CERT/CC vulnerability note: VU#583776 https://www.kb.cert.org/vuls/id/583776 HPdes Security Advisory: HPSBGN03569 http://marc.info/?l=bugtraq&m=145983526810210&w=2 HPdes Security Advisory: HPSBMU03573 http://marc.info/?l=bugtraq&m=146133665209436&w=2 HPdes Security Advisory: HPSBMU03575 http://marc.info/?l=bugtraq&m=146108058503441&w=2 https://ics-cert.us-cert.gov/advisories/ICSA-16-103-03 RedHat Security Advisories: RHSA-2016:1519 http://rhn.redhat.com/errata/RHSA-2016-1519.html SuSE Security Announcement: openSUSE-SU-2016:0627 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.