Test Kennung:	1.3.6.1.4.1.25623.1.0.55572
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Security Advisory (FreeBSD-SA-05:21.openssl.asc)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:21.openssl.asc The OpenSSL library implements the Secure Sockets Layer and Transport Layer Security protocols, as well as providing a large number of basic cryptographic functions. The Secure Sockets Layer protocol exists in two versions and includes a mechanism for negotiating the protocol version to be used. If the protocol is executed correctly, it is impossible for a client and server both capable of the newer version of the protocol (SSLv3) to end up using the older version of the protocol (SSLv2). In order to provide bug-for-bug compatibility with Microsoft Internet Explorer 3.02, a verification step required by the Secure Sockets Layer protocol can be disabled by using the SSL_OP_MSIE_SSLV2_RSA_PADDING option in OpenSSL. This option is implied by the frequently-used SSL_OP_ALL option. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date http://www.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-05:21.openssl.asc CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	BugTraq ID: 15647 BugTraq ID: 15071 Common Vulnerability Exposure (CVE) ID: CVE-2005-2969 http://docs.info.apple.com/article.html?artnum=302847 http://www.securityfocus.com/bid/15071 http://www.securityfocus.com/bid/15647 BugTraq ID: 24799 http://www.securityfocus.com/bid/24799 Cisco Security Advisory: 20051202 Cisco Security Notice: Response to OpenSSL - Potential SSL 2.0 Rollback http://www.cisco.com/warp/public/707/cisco-response-20051202-openssl.shtml Debian Security Information: DSA-875 (Google Search) http://www.debian.org/security/2005/dsa-875 Debian Security Information: DSA-881 (Google Search) http://www.debian.org/security/2005/dsa-881 Debian Security Information: DSA-882 (Google Search) http://www.debian.org/security/2005/dsa-882 FreeBSD Security Advisory: FreeBSD-SA-05:21 HPdes Security Advisory: HPSBUX02174 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100 HPdes Security Advisory: HPSBUX02186 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540 HPdes Security Advisory: SSRT061239 HPdes Security Advisory: SSRT071299 http://www.mandriva.com/security/advisories?name=MDKSA-2005:179 ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754 http://www.juniper.net/support/security/alerts/PSN-2005-12-025.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11454 http://www.redhat.com/support/errata/RHSA-2005-762.html http://www.redhat.com/support/errata/RHSA-2005-800.html http://www.redhat.com/support/errata/RHSA-2008-0629.html http://securitytracker.com/id?1015032 http://secunia.com/advisories/17146 http://secunia.com/advisories/17151 http://secunia.com/advisories/17153 http://secunia.com/advisories/17169 http://secunia.com/advisories/17178 http://secunia.com/advisories/17180 http://secunia.com/advisories/17189 http://secunia.com/advisories/17191 http://secunia.com/advisories/17210 http://secunia.com/advisories/17259 http://secunia.com/advisories/17288 http://secunia.com/advisories/17335 http://secunia.com/advisories/17344 http://secunia.com/advisories/17389 http://secunia.com/advisories/17409 http://secunia.com/advisories/17432 http://secunia.com/advisories/17466 http://secunia.com/advisories/17589 http://secunia.com/advisories/17617 http://secunia.com/advisories/17632 http://secunia.com/advisories/17813 http://secunia.com/advisories/17888 http://secunia.com/advisories/18045 http://secunia.com/advisories/18123 http://secunia.com/advisories/18165 http://secunia.com/advisories/18663 http://secunia.com/advisories/19185 http://secunia.com/advisories/21827 http://secunia.com/advisories/23280 http://secunia.com/advisories/23340 http://secunia.com/advisories/23843 http://secunia.com/advisories/23915 http://secunia.com/advisories/25973 http://secunia.com/advisories/26893 http://secunia.com/advisories/31492 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101974-1 SuSE Security Announcement: SUSE-SA:2005:061 (Google Search) http://www.novell.com/linux/security/advisories/2005_61_openssl.html http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://www.vupen.com/english/advisories/2005/2036 http://www.vupen.com/english/advisories/2005/2659 http://www.vupen.com/english/advisories/2005/2710 http://www.vupen.com/english/advisories/2005/2908 http://www.vupen.com/english/advisories/2005/3002 http://www.vupen.com/english/advisories/2005/3056 http://www.vupen.com/english/advisories/2006/3531 http://www.vupen.com/english/advisories/2007/0326 http://www.vupen.com/english/advisories/2007/0343 http://www.vupen.com/english/advisories/2007/2457 XForce ISS Database: hitachi-hicommand-security-bypass(35287) https://exchange.xforce.ibmcloud.com/vulnerabilities/35287
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.