Debian Local Security Checks : Debian: Security Advisory (DLA-0003-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.1.2.2014.0003
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-0003-1)
Summary:	The remote host is missing an update for the Debian 'openssl' package(s) announced via the DLA-0003-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'openssl' package(s) announced via the DLA-0003-1 advisory. Vulnerability Insight: CVE-2014-0195 Jueri Aedla discovered that a buffer overflow in processing DTLS fragments could lead to the execution of arbitrary code or denial of service. CVE-2014-0221 Imre Rad discovered the processing of DTLS hello packets is susceptible to denial of service. CVE-2014-0224 KIKUCHI Masashi discovered that carefully crafted handshakes can force the use of weak keys, resulting in potential man-in-the-middle attacks. CVE-2014-3470 Felix Groebert and Ivan Fratric discovered that the implementation of anonymous ECDH ciphersuites is suspectible to denial of service. CVE-2014-0076 Fix for the attack described in the paper 'Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack' Reported by Yuval Yarom and Naomi Benger. Additional information can be found at [link moved to references] All applications linked to openssl need to be restarted. You can use the tool checkrestart from the package debian-goodies to detect affected programs or reboot your system. It's important that you upgrade the libssl0.9.8 package and not just the openssl package. For Debian 6 Squeeze, these issues have been fixed in openssl version 0.9.8o-4squeeze15 Affected Software/OS: 'openssl' package(s) on Debian 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0076 20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl 58492 http://secunia.com/advisories/58492 58727 http://secunia.com/advisories/58727 58939 http://secunia.com/advisories/58939 59040 http://secunia.com/advisories/59040 59162 http://secunia.com/advisories/59162 59175 http://secunia.com/advisories/59175 59264 http://secunia.com/advisories/59264 59300 http://secunia.com/advisories/59300 59364 http://secunia.com/advisories/59364 59374 http://secunia.com/advisories/59374 59413 http://secunia.com/advisories/59413 59438 http://secunia.com/advisories/59438 59445 http://secunia.com/advisories/59445 59450 http://secunia.com/advisories/59450 59454 http://secunia.com/advisories/59454 59490 http://secunia.com/advisories/59490 59495 http://secunia.com/advisories/59495 59514 http://secunia.com/advisories/59514 59655 http://secunia.com/advisories/59655 59721 http://secunia.com/advisories/59721 60571 http://secunia.com/advisories/60571 66363 http://www.securityfocus.com/bid/66363 HPSBGN03050 http://marc.info/?l=bugtraq&m=140482916501310&w=2 HPSBMU03051 http://marc.info/?l=bugtraq&m=140448122410568&w=2 HPSBMU03056 http://marc.info/?l=bugtraq&m=140389355508263&w=2 HPSBMU03057 http://marc.info/?l=bugtraq&m=140389274407904&w=2 HPSBMU03062 http://marc.info/?l=bugtraq&m=140752315422991&w=2 HPSBMU03074 http://marc.info/?l=bugtraq&m=140621259019789&w=2 HPSBMU03076 http://marc.info/?l=bugtraq&m=140904544427729&w=2 HPSBOV03047 http://marc.info/?l=bugtraq&m=140317760000786&w=2 HPSBUX03046 http://marc.info/?l=bugtraq&m=140266410314613&w=2 MDVSA-2014:067 http://www.mandriva.com/security/advisories?name=MDVSA-2014:067 MDVSA-2015:062 http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 SSRT101590 USN-2165-1 http://www.ubuntu.com/usn/USN-2165-1 http://advisories.mageia.org/MGASA-2014-0165.html http://eprint.iacr.org/2014/140 http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 http://support.apple.com/kb/HT6443 http://www-01.ibm.com/support/docview.wss?uid=isg400001841 http://www-01.ibm.com/support/docview.wss?uid=isg400001843 http://www-01.ibm.com/support/docview.wss?uid=swg21673137 http://www-01.ibm.com/support/docview.wss?uid=swg21676035 http://www-01.ibm.com/support/docview.wss?uid=swg21676062 http://www-01.ibm.com/support/docview.wss?uid=swg21676092 http://www-01.ibm.com/support/docview.wss?uid=swg21676419 http://www-01.ibm.com/support/docview.wss?uid=swg21676424 http://www-01.ibm.com/support/docview.wss?uid=swg21676501 http://www-01.ibm.com/support/docview.wss?uid=swg21676655 http://www-01.ibm.com/support/docview.wss?uid=swg21677695 http://www-01.ibm.com/support/docview.wss?uid=swg21677828 http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm http://www.novell.com/support/kb/doc.php?id=7015264 http://www.novell.com/support/kb/doc.php?id=7015300 http://www.openssl.org/news/secadv_20140605.txt http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html https://bugs.gentoo.org/show_bug.cgi?id=505278 https://bugzilla.novell.com/show_bug.cgi?id=869945 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 https://kc.mcafee.com/corporate/index?page=content&id=SB10075 openSUSE-SU-2014:0480 http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html openSUSE-SU-2016:0640 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0195 BugTraq ID: 67900 http://www.securityfocus.com/bid/67900 Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/534161/100/0/threaded Cisco Security Advisory: 20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html http://seclists.org/fulldisclosure/2014/Dec/23 http://security.gentoo.org/glsa/glsa-201407-05.xml HPdes Security Advisory: HPSBGN03050 HPdes Security Advisory: HPSBHF03293 http://marc.info/?l=bugtraq&m=142660345230545&w=2 HPdes Security Advisory: HPSBMU03051 HPdes Security Advisory: HPSBMU03055 http://marc.info/?l=bugtraq&m=140431828824371&w=2 HPdes Security Advisory: HPSBMU03056 HPdes Security Advisory: HPSBMU03057 HPdes Security Advisory: HPSBMU03062 HPdes Security Advisory: HPSBMU03065 http://marc.info/?l=bugtraq&m=140491231331543&w=2 HPdes Security Advisory: HPSBMU03069 http://marc.info/?l=bugtraq&m=140499827729550&w=2 HPdes Security Advisory: HPSBMU03074 HPdes Security Advisory: HPSBMU03076 HPdes Security Advisory: HPSBOV03047 HPdes Security Advisory: HPSBUX03046 HPdes Security Advisory: SSRT101590 HPdes Security Advisory: SSRT101846 http://www.mandriva.com/security/advisories?name=MDVSA-2014:106 http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Once-Bled-Twice-Shy-OpenSSL-CVE-2014-0195/ba-p/6501048 http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002 http://www.securitytracker.com/id/1030337 http://secunia.com/advisories/58337 http://secunia.com/advisories/58615 http://secunia.com/advisories/58660 http://secunia.com/advisories/58713 http://secunia.com/advisories/58714 http://secunia.com/advisories/58743 http://secunia.com/advisories/58883 http://secunia.com/advisories/58945 http://secunia.com/advisories/58977 http://secunia.com/advisories/59126 http://secunia.com/advisories/59188 http://secunia.com/advisories/59189 http://secunia.com/advisories/59192 http://secunia.com/advisories/59223 http://secunia.com/advisories/59287 http://secunia.com/advisories/59301 http://secunia.com/advisories/59305 http://secunia.com/advisories/59306 http://secunia.com/advisories/59310 http://secunia.com/advisories/59342 http://secunia.com/advisories/59365 http://secunia.com/advisories/59429 http://secunia.com/advisories/59437 http://secunia.com/advisories/59441 http://secunia.com/advisories/59449 http://secunia.com/advisories/59451 http://secunia.com/advisories/59491 http://secunia.com/advisories/59518 http://secunia.com/advisories/59528 http://secunia.com/advisories/59530 http://secunia.com/advisories/59587 http://secunia.com/advisories/59659 http://secunia.com/advisories/59666 http://secunia.com/advisories/59669 http://secunia.com/advisories/59784 http://secunia.com/advisories/59895 http://secunia.com/advisories/59990 http://secunia.com/advisories/61254 SuSE Security Announcement: SUSE-SU-2015:0743 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2014-0221 BugTraq ID: 67901 http://www.securityfocus.com/bid/67901 http://www.mandriva.com/security/advisories?name=MDVSA-2014:105 RedHat Security Advisories: RHSA-2014:1021 http://rhn.redhat.com/errata/RHSA-2014-1021.html http://secunia.com/advisories/59027 http://secunia.com/advisories/59120 http://secunia.com/advisories/59167 http://secunia.com/advisories/59221 http://secunia.com/advisories/59284 http://secunia.com/advisories/59460 http://secunia.com/advisories/60687 Common Vulnerability Exposure (CVE) ID: CVE-2014-0224 AIX APAR: IT02314 http://www.ibm.com/support/docview.wss?uid=swg1IT02314 AIX APAR: IV61506 http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506 CERT/CC vulnerability note: VU#978508 http://www.kb.cert.org/vuls/id/978508 http://seclists.org/fulldisclosure/2014/Jun/38 HPdes Security Advisory: HPSBGN03068 http://marc.info/?l=bugtraq&m=140544599631400&w=2 HPdes Security Advisory: HPSBHF03052 http://marc.info/?l=bugtraq&m=141658880509699&w=2 HPdes Security Advisory: HPSBHF03088 http://marc.info/?l=bugtraq&m=140794476212181&w=2 HPdes Security Advisory: HPSBHF03145 http://marc.info/?l=bugtraq&m=141383465822787&w=2 HPdes Security Advisory: HPSBMU03053 http://marc.info/?l=bugtraq&m=140369637402535&w=2 HPdes Security Advisory: HPSBMU03058 http://marc.info/?l=bugtraq&m=140386311427810&w=2 HPdes Security Advisory: HPSBMU03070 http://marc.info/?l=bugtraq&m=140499864129699&w=2 HPdes Security Advisory: HPSBMU03071 http://marc.info/?l=bugtraq&m=140604261522465&w=2 HPdes Security Advisory: HPSBMU03078 http://marc.info/?l=bugtraq&m=140672208601650&w=2 HPdes Security Advisory: HPSBMU03083 http://marc.info/?l=bugtraq&m=140983229106599&w=2 HPdes Security Advisory: HPSBMU03089 http://marc.info/?l=bugtraq&m=140784085708882&w=2 HPdes Security Advisory: HPSBMU03094 http://marc.info/?l=bugtraq&m=140852757108392&w=2 HPdes Security Advisory: HPSBMU03101 http://marc.info/?l=bugtraq&m=140852826008699&w=2 HPdes Security Advisory: HPSBMU03216 http://marc.info/?l=bugtraq&m=142350350616251&w=2 HPdes Security Advisory: HPSBPI03107 http://marc.info/?l=bugtraq&m=141147110427269&w=2 HPdes Security Advisory: HPSBST03097 http://marc.info/?l=bugtraq&m=141383410222440&w=2 HPdes Security Advisory: HPSBST03098 http://marc.info/?l=bugtraq&m=140870499402361&w=2 HPdes Security Advisory: HPSBST03103 http://marc.info/?l=bugtraq&m=141164638606214&w=2 HPdes Security Advisory: HPSBST03106 http://marc.info/?l=bugtraq&m=141025641601169&w=2 HPdes Security Advisory: HPSBST03195 http://marc.info/?l=bugtraq&m=142805027510172&w=2 HPdes Security Advisory: HPSBST03265 http://marc.info/?l=bugtraq&m=142546741516006&w=2 HPdes Security Advisory: SSRT101818 http://ccsinjection.lepidum.co.jp https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005 https://www.imperialviolet.org/2014/06/05/earlyccs.html RedHat Security Advisories: RHSA-2014:0624 http://rhn.redhat.com/errata/RHSA-2014-0624.html RedHat Security Advisories: RHSA-2014:0626 http://rhn.redhat.com/errata/RHSA-2014-0626.html RedHat Security Advisories: RHSA-2014:0627 http://rhn.redhat.com/errata/RHSA-2014-0627.html RedHat Security Advisories: RHSA-2014:0630 http://rhn.redhat.com/errata/RHSA-2014-0630.html RedHat Security Advisories: RHSA-2014:0631 http://rhn.redhat.com/errata/RHSA-2014-0631.html RedHat Security Advisories: RHSA-2014:0632 http://rhn.redhat.com/errata/RHSA-2014-0632.html RedHat Security Advisories: RHSA-2014:0633 http://rhn.redhat.com/errata/RHSA-2014-0633.html RedHat Security Advisories: RHSA-2014:0680 http://rhn.redhat.com/errata/RHSA-2014-0680.html http://www.securitytracker.com/id/1031032 http://www.securitytracker.com/id/1031594 http://secunia.com/advisories/58128 http://secunia.com/advisories/58385 http://secunia.com/advisories/58433 http://secunia.com/advisories/58579 http://secunia.com/advisories/58639 http://secunia.com/advisories/58667 http://secunia.com/advisories/58716 http://secunia.com/advisories/58719 http://secunia.com/advisories/58742 http://secunia.com/advisories/58745 http://secunia.com/advisories/58759 http://secunia.com/advisories/58930 http://secunia.com/advisories/59004 http://secunia.com/advisories/59012 http://secunia.com/advisories/59043 http://secunia.com/advisories/59055 http://secunia.com/advisories/59063 http://secunia.com/advisories/59093 http://secunia.com/advisories/59101 http://secunia.com/advisories/59132 http://secunia.com/advisories/59135 http://secunia.com/advisories/59142 http://secunia.com/advisories/59163 http://secunia.com/advisories/59186 http://secunia.com/advisories/59190 http://secunia.com/advisories/59191 http://secunia.com/advisories/59202 http://secunia.com/advisories/59211 http://secunia.com/advisories/59214 http://secunia.com/advisories/59215 http://secunia.com/advisories/59231 http://secunia.com/advisories/59282 http://secunia.com/advisories/59325 http://secunia.com/advisories/59338 http://secunia.com/advisories/59347 http://secunia.com/advisories/59354 http://secunia.com/advisories/59362 http://secunia.com/advisories/59368 http://secunia.com/advisories/59370 http://secunia.com/advisories/59375 http://secunia.com/advisories/59380 http://secunia.com/advisories/59383 http://secunia.com/advisories/59389 http://secunia.com/advisories/59435 http://secunia.com/advisories/59440 http://secunia.com/advisories/59442 http://secunia.com/advisories/59444 http://secunia.com/advisories/59446 http://secunia.com/advisories/59447 http://secunia.com/advisories/59448 http://secunia.com/advisories/59459 http://secunia.com/advisories/59483 http://secunia.com/advisories/59502 http://secunia.com/advisories/59506 http://secunia.com/advisories/59525 http://secunia.com/advisories/59529 http://secunia.com/advisories/59589 http://secunia.com/advisories/59602 http://secunia.com/advisories/59661 http://secunia.com/advisories/59677 http://secunia.com/advisories/59824 http://secunia.com/advisories/59827 http://secunia.com/advisories/59878 http://secunia.com/advisories/59885 http://secunia.com/advisories/59894 http://secunia.com/advisories/59916 http://secunia.com/advisories/60049 http://secunia.com/advisories/60066 http://secunia.com/advisories/60176 http://secunia.com/advisories/60522 http://secunia.com/advisories/60567 http://secunia.com/advisories/60577 http://secunia.com/advisories/60819 http://secunia.com/advisories/61815 SuSE Security Announcement: SUSE-SU-2015:0578 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html SuSE Security Announcement: openSUSE-SU-2015:0229 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3470 BugTraq ID: 67898 http://www.securityfocus.com/bid/67898 http://secunia.com/advisories/58797 http://secunia.com/advisories/59340 http://secunia.com/advisories/59431
Copyright	Copyright (C) 2023 Greenbone AG