Network Security Audits / Vulnerability Assessments by SecuritySpace

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2006-33
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 17 Oct 2006
Last revised: 17 Oct 2006

Package: openssl

Summary: openssl denial of service attack

More information:
    The OpenSSL Project is a collaborative effort to develop a robust,
    commercial-grade, full-featured Open Source toolkit implementing the
    Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
    protocols as well as a full-strength general purpose cryptography library.

    Multiple vulnerabilities exist in openssl.

Impact:
    The openssl allows remote attackers to cause a denial of service.

Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal
    - Turbolinux 8 Server
    - Turbolinux 7 Server

<Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   openssl-0.9.7d-11.src.rpm
      2926960 3f8f7b9d4f10f492576f747f87b18033
   openssl-compat-0.9.6m-10.src.rpm
      2276785 b90b875574073874c36f2c2316522e98

   Binary Packages
   Size: MD5

   openssl-0.9.7d-11.i586.rpm
      1300984 3a7bf462baf0bd40f5974ec170d770a4
   openssl-compat-0.9.6m-10.i586.rpm
       756508 59bcfb072097bfc58d37b25cbd19201b
   openssl-devel-0.9.7d-11.i586.rpm
      1481928 44fb529e65f0a664b67b37c870a96f05

<Turbolinux FUJI>

   Source Packages
   Size: MD5

   openssl-0.9.8-9.src.rpm
      3381797 8742749032b03f2ab5627d39f110ead9
   openssl-compat-0.9.7d-11.src.rpm
      2926690 e27a2616177df598ce3e33cf3c261979
   openssl096-0.9.6m-3.src.rpm
      2300785 551247578ee79fbbb2b095f02f4c5603

   Binary Packages
   Size: MD5

   openssl-0.9.8-9.i686.rpm
      1740042 271ea210dd158a36d29d03ebeb717906
   openssl-compat-0.9.7d-11.i686.rpm
      1057219 f6788d3ef570b21df188c1fa9ac5dbe7
   openssl-devel-0.9.8-9.i686.rpm
      1925706 f7ce4cd209fa1b3eea013101c4a9ddae
   openssl096-0.9.6m-3.i686.rpm
       880441 fe10fd1da13825a263d8ac7b659ba8f2

<Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/openssl-0.9.7d-11.src.rpm
      2926960 316469649fc5bbe5e107c661a3a06a25
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/openssl-compat-0.9.6m-10.src.rpm
      2276785 646cac3bea7f99884ea65fe12251a47c

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssl-0.9.7d-11.x86_64.rpm
      1410910 882eb3b0387420d2fda0685c7685ac98
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssl-compat-0.9.6m-10.x86_64.rpm
       850524 1ee819c898efcdeb17a9515953e2f907
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssl-devel-0.9.7d-11.x86_64.rpm
      1545953 2a721d06ef22da937fd3c3ba52faf467

<Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   openssl-0.9.6m-8.src.rpm
      2389725 61d533a261d1ac51a46788d7a0625c79

   Binary Packages
   Size: MD5

   openssl-0.9.6m-8.i586.rpm
      1447113 5f5438968f8d771f9c1c8f93c02be93a
   openssl-devel-0.9.6m-8.i586.rpm
      1160291 a97c12af246d774ca128d8fa2c5e6bd3

<Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   openssl-0.9.6m-8.src.rpm
      2389725 cb524dc01f2e276ab0076d8e866cae3b

   Binary Packages
   Size: MD5

   openssl-0.9.6m-8.i586.rpm
      1446137 55da1f7843fe3e7e010bc3c6176384f7
   openssl-devel-0.9.6m-8.i586.rpm
      1160957 48dbd7cdbc8e23121d6ab470ae27e206

<Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/openssl-0.9.7d-11.src.rpm
      2926960 3f8f7b9d4f10f492576f747f87b18033
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/openssl-compat-0.9.6m-10.src.rpm
      2276785 b90b875574073874c36f2c2316522e98

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssl-0.9.7d-11.i586.rpm
      1300984 3a7bf462baf0bd40f5974ec170d770a4
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssl-compat-0.9.6m-10.i586.rpm
       756508 59bcfb072097bfc58d37b25cbd19201b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssl-devel-0.9.7d-11.i586.rpm
      1481928 44fb529e65f0a664b67b37c870a96f05

<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/openssl-0.9.7d-11.src.rpm
      2926960 c52808a5b28c436fe8bc07b0f0c1f22e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/openssl-compat-0.9.6m-10.src.rpm
      2276785 17bdf4fb63c7008bde97f8c4a0b6cff6

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssl-0.9.7d-11.i586.rpm
      1304371 c50f86884abdf01616c8eaff2d5f1fd9
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssl-compat-0.9.6m-10.i586.rpm
       755609 0c6b8d16e20a6d07dbe7756a0322547e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssl-devel-0.9.7d-11.i586.rpm
      1483439 246c22efe4d74feb34e60d55d600927b

<Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/openssl-0.9.6m-8.src.rpm
      2389725 c3e78d6ee46b2c4b03293324d6188666

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssl-0.9.6m-8.i586.rpm
      1446537 d8e798d8df9b813c1450347b1919df52
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssl-devel-0.9.6m-8.i586.rpm
      1159683 62b4f74474405e34275934c895451afa

<Turbolinux 7 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/openssl-0.9.6m-8.src.rpm
      2389725 4470271d795cc2e32792111be9a971a1

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/openssl-0.9.6m-8.i586.rpm
      1414207 1160ddb708a37f13c3e0f004f9834bac
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/openssl-devel-0.9.6m-8.i586.rpm
      1142477 17cd93bdad5ac9257d035572a7e8abd5

CVE
   [CVE-2006-2937]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
   [CVE-2006-2940]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
   [CVE-2006-3738]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
   [CVE-2006-4343]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343

--------------------------------------------------------------------------
Revision History
    17 Oct 2006 Initial release
--------------------------------------------------------------------------

Copyright(C) 2006 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFFNNKuK0LzjOqIJMwRAgxuAJ9e7NmB1OgTiXG4AKAB19CG5acqEgCgjVtc
4UYpUx7Eq/w3YcDI3AkD4Qw=
=FER0
-----END PGP SIGNATURE-----