English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.71259
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 2454-1 (openssl)
Zusammenfassung:The remote host is missing an update to openssl;announced via advisory DSA 2454-1.
Beschreibung:Summary:
The remote host is missing an update to openssl
announced via advisory DSA 2454-1.

Vulnerability Insight:
Multiple vulnerabilities have been found in OpenSSL. The Common
Vulnerabilities and Exposures project identifies the following issues:

CVE-2012-0884

Ivan Nestlerode discovered a weakness in the CMS and PKCS #7
implementations that could allow an attacker to decrypt data
via a Million Message Attack (MMA).

CVE-2012-1165

It was discovered that a NULL pointer could be dereferenced
when parsing certain S/MIME messages, leading to denial of
service.

CVE-2012-2110

Tavis Ormandy, Google Security Team, discovered a vulnerability
in the way DER-encoded ASN.1 data is parsed that can result in
a heap overflow.


Additionally, the fix for CVE-2011-4619 has been updated to address an
issue with SGC handshakes.

For the stable distribution (squeeze), these problems have been fixed in
version 0.9.8o-4squeeze11.

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 1.0.1a-1.

Solution:
We recommend that you upgrade your openssl packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-0884
CERT/CC vulnerability note: VU#737740
http://www.kb.cert.org/vuls/id/737740
Debian Security Information: DSA-2454 (Google Search)
http://www.debian.org/security/2012/dsa-2454
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html
HPdes Security Advisory: HPSBMU02776
http://marc.info/?l=bugtraq&m=133951357207000&w=2
HPdes Security Advisory: HPSBOV02793
http://marc.info/?l=bugtraq&m=134039053214295&w=2
HPdes Security Advisory: HPSBUX02782
http://marc.info/?l=bugtraq&m=133728068926468&w=2
HPdes Security Advisory: SSRT100844
HPdes Security Advisory: SSRT100852
HPdes Security Advisory: SSRT100891
RedHat Security Advisories: RHSA-2012:0426
http://rhn.redhat.com/errata/RHSA-2012-0426.html
RedHat Security Advisories: RHSA-2012:0488
http://rhn.redhat.com/errata/RHSA-2012-0488.html
RedHat Security Advisories: RHSA-2012:0531
http://rhn.redhat.com/errata/RHSA-2012-0531.html
RedHat Security Advisories: RHSA-2012:1306
http://rhn.redhat.com/errata/RHSA-2012-1306.html
RedHat Security Advisories: RHSA-2012:1307
http://rhn.redhat.com/errata/RHSA-2012-1307.html
RedHat Security Advisories: RHSA-2012:1308
http://rhn.redhat.com/errata/RHSA-2012-1308.html
http://secunia.com/advisories/48580
http://secunia.com/advisories/48895
http://secunia.com/advisories/48916
http://secunia.com/advisories/57353
SuSE Security Announcement: openSUSE-SU-2012:0547 (Google Search)
https://hermes.opensuse.org/messages/14330767
Common Vulnerability Exposure (CVE) ID: CVE-2012-1165
BugTraq ID: 52764
http://www.securityfocus.com/bid/52764
HPdes Security Advisory: HPSBMU02786
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
HPdes Security Advisory: SSRT100877
http://www.openwall.com/lists/oss-security/2012/03/12/3
http://www.openwall.com/lists/oss-security/2012/03/12/6
http://www.openwall.com/lists/oss-security/2012/03/12/7
http://www.openwall.com/lists/oss-security/2012/03/13/2
http://www.securitytracker.com/id?1026787
http://secunia.com/advisories/48899
http://www.ubuntu.com/usn/USN-1424-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-2110
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
BugTraq ID: 53158
http://www.securityfocus.com/bid/53158
http://www.exploit-db.com/exploits/18756
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html
http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html
HPdes Security Advisory: HPSBMU02900
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
HPdes Security Advisory: SSRT101210
http://www.mandriva.com/security/advisories?name=MDVSA-2012:060
http://osvdb.org/81223
RedHat Security Advisories: RHSA-2012:0518
http://rhn.redhat.com/errata/RHSA-2012-0518.html
RedHat Security Advisories: RHSA-2012:0522
http://rhn.redhat.com/errata/RHSA-2012-0522.html
http://www.securitytracker.com/id?1026957
http://secunia.com/advisories/48847
http://secunia.com/advisories/48942
http://secunia.com/advisories/48999
SuSE Security Announcement: SUSE-SU-2012:0623 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html
SuSE Security Announcement: SUSE-SU-2012:0637 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html
SuSE Security Announcement: SUSE-SU-2012:1149 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-4619
Debian Security Information: DSA-2390 (Google Search)
http://www.debian.org/security/2012/dsa-2390
HPdes Security Advisory: HPSBUX02734
http://marc.info/?l=bugtraq&m=132750648501816&w=2
HPdes Security Advisory: SSRT100729
http://www.mandriva.com/security/advisories?name=MDVSA-2012:006
http://www.mandriva.com/security/advisories?name=MDVSA-2012:007
http://secunia.com/advisories/48528
SuSE Security Announcement: SUSE-SU-2012:0084 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html
SuSE Security Announcement: openSUSE-SU-2012:0083 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.