Test ID:	1.3.6.1.4.1.25623.1.0.54238
Category:	Trustix Local Security Checks
Title:	Trustix Security Advisory TSLSA-2002-0063 (openssl)
Summary:	Trustix Security Advisory TSLSA-2002-0063 (openssl)
Description:	The remote host is missing updates announced in advisory TSLSA-2002-0063. Several severe security problems have been found in the openssl source code which upon the TSL openssl packages are based. Most of these vulnerabilities have a potential for remote expoitation, even though no exploits are currently released. The upstream development group have provided us with patches that fixes the problems. These issues have been asigned the following CVE names: CVE-2002-0655, CVE-2002-0656, and CVE-2002-0659. More information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0655> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0656> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0659> Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2002-0063 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0655 Bugtraq: 20020730 OpenSSL Security Altert - Remote Buffer Overflows (Google Search) RedHat Security Advisories: RHSA-2002:155 Debian Security Information: DSA-136 (Google Search) Bugtraq: 20020730 [OpenPKG-SA-2002.008] OpenPKG Security Advisory (openssl) (Google Search) Bugtraq: 20020730 TSLSA-2002-0063 - openssl (Google Search) Bugtraq: 20020730 OpenSSL patches for other versions (Google Search) En Garde Linux Advisory: ESA-20020730-019 Bugtraq: 20020730 GLSA: OpenSSL (Google Search) SuSE Security Announcement: SuSE-SA:2002:027 (Google Search) http://www.cert.org/advisories/CA-2002-23.html CERT/CC vulnerability note: VU#308891 http://www.kb.cert.org/vuls/id/308891 Caldera Security Advisory: CSSA-2002-033.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt Caldera Security Advisory: CSSA-2002-033.1 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt FreeBSD Security Advisory: FreeBSD-SA-02:33 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-046.php Conectiva Linux advisory: CLA-2002:513 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513 BugTraq ID: 5364 http://www.securityfocus.com/bid/5364 Common Vulnerability Exposure (CVE) ID: CVE-2002-0656 CERT/CC vulnerability note: VU#102795 http://www.kb.cert.org/vuls/id/102795 CERT/CC vulnerability note: VU#258555 http://www.kb.cert.org/vuls/id/258555 http://www.iss.net/security_center/static/9714.php BugTraq ID: 5362 http://www.securityfocus.com/bid/5362 BugTraq ID: 5363 http://www.securityfocus.com/bid/5363 http://www.iss.net/security_center/static/9716.php Common Vulnerability Exposure (CVE) ID: CVE-2002-0659 CERT/CC vulnerability note: VU#748355 http://www.kb.cert.org/vuls/id/748355 RedHat Security Advisories: RHSA-2002:164 http://rhn.redhat.com/errata/RHSA-2002-164.html RedHat Security Advisories: RHSA-2002:161 http://rhn.redhat.com/errata/RHSA-2002-161.html RedHat Security Advisories: RHSA-2002:160 http://rhn.redhat.com/errata/RHSA-2002-160.html Conectiva Linux advisory: CLA-2002:516 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516 BugTraq ID: 5366 http://www.securityfocus.com/bid/5366 http://www.iss.net/security_center/static/9718.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: