Test ID:	1.3.6.1.4.1.25623.1.0.704875
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-4875-1)
Summary:	The remote host is missing an update for the Debian 'openssl' package(s) announced via the DSA-4875-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'openssl' package(s) announced via the DSA-4875-1 advisory. Vulnerability Insight: A NULL pointer dereference was found in the signature_algorithms processing in OpenSSL, a Secure Sockets Layer toolkit, which could result in denial of service. Additional details can be found in the upstream advisory: [link moved to references] For the stable distribution (buster), this problem has been fixed in version 1.1.1d-0+deb10u6. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: [link moved to references] Affected Software/OS: 'openssl' package(s) on Debian 10. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3449 Cisco Security Advisory: 20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.netapp.com/advisory/ntap-20210326-0006/ https://security.netapp.com/advisory/ntap-20210513-0002/ https://www.openssl.org/news/secadv/20210325.txt https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-06 https://www.tenable.com/security/tns-2021-09 https://www.tenable.com/security/tns-2021-10 Debian Security Information: DSA-4875 (Google Search) https://www.debian.org/security/2021/dsa-4875 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://security.gentoo.org/glsa/202103-03 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.