Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.142889
Category:General
Title:OpenSSL 1.1.1 Fork Protection Vulnerability - Linux
Summary:OpenSSL is prone to a vulnerability in the fork protection.
Description:Summary:
OpenSSL is prone to a vulnerability in the fork protection.

Vulnerability Insight:
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was
intended to include protection in the event of a fork() system call in order to ensure that the parent and child
processes did not share the same RNG state. However this protection was not being used in the default case.

Affected Software/OS:
OpenSSL versions 1.1.1 - 1.1.1c.

Solution:
Update to version 1.1.1d or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-1549
Bugtraq: 20191001 [SECURITY] [DSA 4539-1] openssl security update (Google Search)
https://seclists.org/bugtraq/2019/Oct/1
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be
https://security.netapp.com/advisory/ntap-20190919-0002/
https://support.f5.com/csp/article/K44070243
https://support.f5.com/csp/article/K44070243?utm_source=f5support&utm_medium=RSS
https://www.openssl.org/news/secadv/20190910.txt
Debian Security Information: DSA-4539 (Google Search)
https://www.debian.org/security/2019/dsa-4539
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://usn.ubuntu.com/4376-1/
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.