FreeBSD Local Security Checks : FreeBSD Ports: openssl

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71273
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: openssl
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: openssl CVE-2012-2110 The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2110 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html BugTraq ID: 53158 http://www.securityfocus.com/bid/53158 Debian Security Information: DSA-2454 (Google Search) http://www.debian.org/security/2012/dsa-2454 http://www.exploit-db.com/exploits/18756 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html HPdes Security Advisory: HPSBMU02776 http://marc.info/?l=bugtraq&m=133951357207000&w=2 HPdes Security Advisory: HPSBMU02900 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 HPdes Security Advisory: HPSBOV02793 http://marc.info/?l=bugtraq&m=134039053214295&w=2 HPdes Security Advisory: HPSBUX02782 http://marc.info/?l=bugtraq&m=133728068926468&w=2 HPdes Security Advisory: SSRT100844 HPdes Security Advisory: SSRT100852 HPdes Security Advisory: SSRT100891 HPdes Security Advisory: SSRT101210 http://www.mandriva.com/security/advisories?name=MDVSA-2012:060 http://osvdb.org/81223 RedHat Security Advisories: RHSA-2012:0518 http://rhn.redhat.com/errata/RHSA-2012-0518.html RedHat Security Advisories: RHSA-2012:0522 http://rhn.redhat.com/errata/RHSA-2012-0522.html RedHat Security Advisories: RHSA-2012:1306 http://rhn.redhat.com/errata/RHSA-2012-1306.html RedHat Security Advisories: RHSA-2012:1307 http://rhn.redhat.com/errata/RHSA-2012-1307.html RedHat Security Advisories: RHSA-2012:1308 http://rhn.redhat.com/errata/RHSA-2012-1308.html http://www.securitytracker.com/id?1026957 http://secunia.com/advisories/48847 http://secunia.com/advisories/48895 http://secunia.com/advisories/48899 http://secunia.com/advisories/48942 http://secunia.com/advisories/48999 http://secunia.com/advisories/57353 SuSE Security Announcement: SUSE-SU-2012:0623 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html SuSE Security Announcement: SUSE-SU-2012:0637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html SuSE Security Announcement: SUSE-SU-2012:1149 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html http://www.ubuntu.com/usn/USN-1424-1
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com