Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2021-1506)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.2.2021.1506
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2021-1506)
Summary:	The remote host is missing an update for the Huawei EulerOS 'openssl098e' package(s) announced via the EulerOS-SA-2021-1506 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'openssl098e' package(s) announced via the EulerOS-SA-2021-1506 advisory. Vulnerability Insight: While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.(CVE-2017-3735) Affected Software/OS: 'openssl098e' package(s) on Huawei EulerOS Virtualization 3.0.6.6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3735 BugTraq ID: 100515 http://www.securityfocus.com/bid/100515 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://security.netapp.com/advisory/ntap-20170927-0001/ https://security.netapp.com/advisory/ntap-20171107-0002/ https://support.apple.com/HT208331 https://www.openssl.org/news/secadv/20170828.txt https://www.openssl.org/news/secadv/20171102.txt https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.tenable.com/security/tns-2017-14 https://www.tenable.com/security/tns-2017-15 Debian Security Information: DSA-4017 (Google Search) https://www.debian.org/security/2017/dsa-4017 Debian Security Information: DSA-4018 (Google Search) https://www.debian.org/security/2017/dsa-4018 FreeBSD Security Advisory: FreeBSD-SA-17:11 https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc https://security.gentoo.org/glsa/201712-03 https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html RedHat Security Advisories: RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3221 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 http://www.securitytracker.com/id/1039726 https://usn.ubuntu.com/3611-2/
Copyright	Copyright (C) 2021 Greenbone AG