Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2007:237 (openssl)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.59936
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2007:237 (openssl)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to openssl announced via advisory MDKSA-2007:237. A buffer overflow in the DTLS implementation of OpenSSL 0.9.8 could be exploited by attackers to potentially execute arbitrary code. It is questionable as to whether the DTLS support even worked or is used in any applications as a result this flaw most likely does not affect most Mandriva users. The updated packages have been patched to correct these issue. Affected: 2007.0, 2007.1, 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:237 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4995 1018810 http://securitytracker.com/id?1018810 20071012 OpenSSL Security Advisory http://www.securityfocus.com/archive/1/482167/100/0/threaded 25878 http://secunia.com/advisories/25878 26055 http://www.securityfocus.com/bid/26055 27205 http://secunia.com/advisories/27205 27217 http://secunia.com/advisories/27217 27271 http://secunia.com/advisories/27271 27363 http://secunia.com/advisories/27363 27434 http://secunia.com/advisories/27434 27933 http://secunia.com/advisories/27933 28084 http://secunia.com/advisories/28084 30161 http://secunia.com/advisories/30161 30220 http://secunia.com/advisories/30220 30852 http://secunia.com/advisories/30852 ADV-2007-3487 http://www.vupen.com/english/advisories/2007/3487 ADV-2007-4219 http://www.vupen.com/english/advisories/2007/4219 ADV-2008-1937 http://www.vupen.com/english/advisories/2008/1937/references DSA-1571 http://www.debian.org/security/2008/dsa-1571 FEDORA-2007-725 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html GLSA-200710-30 http://security.gentoo.org/glsa/glsa-200710-30.xml GLSA-200805-07 http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml HPSBUX02296 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01299773 MDKSA-2007:237 http://www.mandriva.com/security/advisories?name=MDKSA-2007:237 RHSA-2007:0964 http://www.redhat.com/support/errata/RHSA-2007-0964.html SSRT071504 SUSE-SR:2007:021 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html USN-534-1 https://usn.ubuntu.com/534-1/ http://bugs.gentoo.org/show_bug.cgi?id=195634 http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=738962 http://www.openssl.org/news/secadv_20071012.txt openssl-dtls-code-execution(37185) https://exchange.xforce.ibmcloud.com/vulnerabilities/37185 oval:org.mitre.oval:def:10288 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10288
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com