English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 73247 CVE descriptions
and 39212 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.54238
Category:Trustix Local Security Checks
Title:Trustix Security Advisory TSLSA-2002-0063 (openssl)
Summary:Trustix Security Advisory TSLSA-2002-0063 (openssl)
Description:
The remote host is missing updates announced in
advisory TSLSA-2002-0063.

Several severe security problems have been found in the openssl source
code which upon the TSL openssl packages are based. Most of these
vulnerabilities have a potential for remote expoitation, even though no
exploits are currently released.
The upstream development group have provided us with patches that fixes
the problems.

These issues have been asigned the following CVE names:
CVE-2002-0655, CVE-2002-0656, and CVE-2002-0659.

More information:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0655>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0656>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0659>

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2002-0063

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2002-0655
Bugtraq: 20020730 OpenSSL Security Altert - Remote Buffer Overflows (Google Search)
RedHat Security Advisories: RHSA-2002:155
Debian Security Information: DSA-136 (Google Search)
Bugtraq: 20020730 [OpenPKG-SA-2002.008] OpenPKG Security Advisory (openssl) (Google Search)
Bugtraq: 20020730 TSLSA-2002-0063 - openssl (Google Search)
Bugtraq: 20020730 OpenSSL patches for other versions (Google Search)
En Garde Linux Advisory: ESA-20020730-019
Bugtraq: 20020730 GLSA: OpenSSL (Google Search)
SuSE Security Announcement: SuSE-SA:2002:027 (Google Search)
http://www.cert.org/advisories/CA-2002-23.html
CERT/CC vulnerability note: VU#308891
http://www.kb.cert.org/vuls/id/308891
Caldera Security Advisory: CSSA-2002-033.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt
Caldera Security Advisory: CSSA-2002-033.1
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt
FreeBSD Security Advisory: FreeBSD-SA-02:33
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-046.php
Conectiva Linux advisory: CLA-2002:513
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513
BugTraq ID: 5364
http://www.securityfocus.com/bid/5364
Common Vulnerability Exposure (CVE) ID: CVE-2002-0656
CERT/CC vulnerability note: VU#102795
http://www.kb.cert.org/vuls/id/102795
CERT/CC vulnerability note: VU#258555
http://www.kb.cert.org/vuls/id/258555
http://www.iss.net/security_center/static/9714.php
BugTraq ID: 5362
http://www.securityfocus.com/bid/5362
BugTraq ID: 5363
http://www.securityfocus.com/bid/5363
http://www.iss.net/security_center/static/9716.php
Common Vulnerability Exposure (CVE) ID: CVE-2002-0659
CERT/CC vulnerability note: VU#748355
http://www.kb.cert.org/vuls/id/748355
RedHat Security Advisories: RHSA-2002:164
http://rhn.redhat.com/errata/RHSA-2002-164.html
RedHat Security Advisories: RHSA-2002:161
http://rhn.redhat.com/errata/RHSA-2002-161.html
RedHat Security Advisories: RHSA-2002:160
http://rhn.redhat.com/errata/RHSA-2002-160.html
Conectiva Linux advisory: CLA-2002:516
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516
BugTraq ID: 5366
http://www.securityfocus.com/bid/5366
http://www.iss.net/security_center/static/9718.php
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.