Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200902-02 (openssl)

Vulnerability Search		Search 219043 CVE descriptions and 99761 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.63349
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200902-02 (openssl)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory GLSA 200902-02. An error in the OpenSSL certificate chain validation might allow for spoofing attacks. Solution: All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-libs/openssl-0.9.8j' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200902-02 http://bugs.gentoo.org/show_bug.cgi?id=251346 CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5077 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html BugTraq ID: 33150 http://www.securityfocus.com/bid/33150 Bugtraq: 20090107 [oCERT-2008-016] Multiple OpenSSL signature verification API misuses (Google Search) http://www.securityfocus.com/archive/1/499827/100/0/threaded Bugtraq: 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim (Google Search) http://www.securityfocus.com/archive/1/502322/100/0/threaded Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html http://security.gentoo.org/glsa/glsa-200902-02.xml HPdes Security Advisory: HPSBMA02426 http://marc.info/?l=bugtraq&m=124277349419254&w=2 HPdes Security Advisory: HPSBOV02540 http://marc.info/?l=bugtraq&m=127678688104458&w=2 HPdes Security Advisory: HPSBUX02418 http://marc.info/?l=bugtraq&m=123859864430555&w=2 HPdes Security Advisory: SSRT090002 HPdes Security Advisory: SSRT090053 http://www.ocert.org/advisories/ocert-2008-016.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6380 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9155 http://www.redhat.com/support/errata/RHSA-2009-0004.html http://www.securitytracker.com/id?1021523 http://secunia.com/advisories/33338 http://secunia.com/advisories/33394 http://secunia.com/advisories/33436 http://secunia.com/advisories/33557 http://secunia.com/advisories/33673 http://secunia.com/advisories/33765 http://secunia.com/advisories/34211 http://secunia.com/advisories/35074 http://secunia.com/advisories/35108 http://secunia.com/advisories/39005 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.544796 http://sunsolve.sun.com/search/document.do?assetkey=1-66-250826-1 SuSE Security Announcement: SUSE-SU-2011:0847 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html SuSE Security Announcement: openSUSE-SU-2011:0845 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html https://usn.ubuntu.com/704-1/ http://www.vupen.com/english/advisories/2009/0040 http://www.vupen.com/english/advisories/2009/0289 http://www.vupen.com/english/advisories/2009/0362 http://www.vupen.com/english/advisories/2009/0558 http://www.vupen.com/english/advisories/2009/0904 http://www.vupen.com/english/advisories/2009/0913 http://www.vupen.com/english/advisories/2009/1297 http://www.vupen.com/english/advisories/2009/1338
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com