Test ID:	1.3.6.1.4.1.25623.1.0.884281
Category:	CentOS Local Security Checks
Title:	CentOS: Security Advisory for openssl (CESA-2023:1335)
Summary:	The remote host is missing an update for the 'openssl'; package(s) announced via the CESA-2023:1335 advisory.
Description:	Summary: The remote host is missing an update for the 'openssl' package(s) announced via the CESA-2023:1335 advisory. Vulnerability Insight: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'openssl' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-0286 https://security.gentoo.org/glsa/202402-08 1.0.2zg patch (premium) https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d 1.1.1t git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9 3.0.8 git commit https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658 OpenSSL Advisory https://www.openssl.org/news/secadv/20230207.txt https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.