English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.57489
Kategorie:SuSE Local Security Checks
Titel:SuSE Security Advisory SUSE-SA:2006:058 (openssl)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory SUSE-SA:2006:058.

Several security problems were found and fixed in the OpenSSL
cryptographic library.

CVE-2006-3738/VU#547300:
A Google security audit found a buffer overflow condition within the
SSL_get_shared_ciphers() function which has been fixed.

CVE-2006-4343/VU#386964:
The above Google security audit also found that the OpenSSL SSLv2
client code fails to properly check for NULL which could lead to a
server program using openssl to crash.

CVE-2006-2937:
Fix mishandling of an error condition in parsing of certain invalid
ASN1 structures, which could result in an infinite loop which consumes
system memory.

CVE-2006-2940:
Certain types of public key can take disproportionate amounts of time
to process. This could be used by an attacker in a denial of service
attack to cause the remote side top spend an excessive amount of time
in computation.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2006:058

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-2937
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
BugTraq ID: 20248
http://www.securityfocus.com/bid/20248
BugTraq ID: 28276
http://www.securityfocus.com/bid/28276
Bugtraq: 20060928 rPSA-2006-0175-1 openssl openssl-scripts (Google Search)
http://www.securityfocus.com/archive/1/447318/100/0/threaded
Bugtraq: 20060929 rPSA-2006-0175-2 openssl openssl-scripts (Google Search)
http://www.securityfocus.com/archive/1/447393/100/0/threaded
Bugtraq: 20070110 VMware ESX server security updates (Google Search)
http://www.securityfocus.com/archive/1/456546/100/200/threaded
Bugtraq: 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues (Google Search)
http://www.securityfocus.com/archive/1/489739/100/0/threaded
Cert/CC Advisory: TA06-333A
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
CERT/CC vulnerability note: VU#247744
http://www.kb.cert.org/vuls/id/247744
Cisco Security Advisory: 20061108 Multiple Vulnerabilities in OpenSSL Library
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
Cisco Security Advisory: 20061108 Multiple Vulnerabilities in OpenSSL library
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
Debian Security Information: DSA-1185 (Google Search)
http://www.debian.org/security/2006/dsa-1185
FreeBSD Security Advisory: FreeBSD-SA-06:23.openssl
http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
http://security.gentoo.org/glsa/glsa-200610-11.xml
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
HPdes Security Advisory: HPSBMA02250
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: HPSBTU02207
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
HPdes Security Advisory: HPSBUX02174
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
HPdes Security Advisory: HPSBUX02186
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
HPdes Security Advisory: SSRT061213
HPdes Security Advisory: SSRT061239
HPdes Security Advisory: SSRT061275
HPdes Security Advisory: SSRT071299
HPdes Security Advisory: SSRT071304
HPdes Security Advisory: SSRT090208
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
http://marc.info/?l=bind-announce&m=116253119512445&w=2
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
NETBSD Security Advisory: NetBSD-SA2008-007
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
OpenBSD Security Advisory: [3.9] 20061007 013: SECURITY FIX: October 7, 2006
http://openbsd.org/errata.html#openssl2
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html
http://www.osvdb.org/29260
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10560
http://www.redhat.com/support/errata/RHSA-2006-0695.html
http://www.redhat.com/support/errata/RHSA-2008-0629.html
http://securitytracker.com/id?1016943
http://secunia.com/advisories/22094
http://secunia.com/advisories/22116
http://secunia.com/advisories/22130
http://secunia.com/advisories/22165
http://secunia.com/advisories/22166
http://secunia.com/advisories/22172
http://secunia.com/advisories/22186
http://secunia.com/advisories/22193
http://secunia.com/advisories/22207
http://secunia.com/advisories/22212
http://secunia.com/advisories/22216
http://secunia.com/advisories/22220
http://secunia.com/advisories/22240
http://secunia.com/advisories/22259
http://secunia.com/advisories/22260
http://secunia.com/advisories/22284
http://secunia.com/advisories/22298
http://secunia.com/advisories/22330
http://secunia.com/advisories/22385
http://secunia.com/advisories/22460
http://secunia.com/advisories/22487
http://secunia.com/advisories/22544
http://secunia.com/advisories/22626
http://secunia.com/advisories/22671
http://secunia.com/advisories/22758
http://secunia.com/advisories/22772
http://secunia.com/advisories/22799
http://secunia.com/advisories/23038
http://secunia.com/advisories/23131
http://secunia.com/advisories/23155
http://secunia.com/advisories/23280
http://secunia.com/advisories/23309
http://secunia.com/advisories/23340
http://secunia.com/advisories/23351
http://secunia.com/advisories/23680
http://secunia.com/advisories/23915
http://secunia.com/advisories/24930
http://secunia.com/advisories/24950
http://secunia.com/advisories/25889
http://secunia.com/advisories/26329
http://secunia.com/advisories/30124
http://secunia.com/advisories/31492
http://secunia.com/advisories/31531
SGI Security Advisory: 20061001-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1
SuSE Security Announcement: SUSE-SA:2006:058 (Google Search)
http://www.novell.com/linux/security/advisories/2006_58_openssl.html
SuSE Security Announcement: SUSE-SR:2006:024 (Google Search)
http://www.novell.com/linux/security/advisories/2006_24_sr.html
http://www.trustix.org/errata/2006/0054
http://www.ubuntu.com/usn/usn-353-1
http://www.vupen.com/english/advisories/2006/3820
http://www.vupen.com/english/advisories/2006/3860
http://www.vupen.com/english/advisories/2006/3869
http://www.vupen.com/english/advisories/2006/3902
http://www.vupen.com/english/advisories/2006/3936
http://www.vupen.com/english/advisories/2006/4019
http://www.vupen.com/english/advisories/2006/4036
http://www.vupen.com/english/advisories/2006/4264
http://www.vupen.com/english/advisories/2006/4327
http://www.vupen.com/english/advisories/2006/4329
http://www.vupen.com/english/advisories/2006/4401
http://www.vupen.com/english/advisories/2006/4417
http://www.vupen.com/english/advisories/2006/4750
http://www.vupen.com/english/advisories/2006/4761
http://www.vupen.com/english/advisories/2006/4980
http://www.vupen.com/english/advisories/2007/0343
http://www.vupen.com/english/advisories/2007/1401
http://www.vupen.com/english/advisories/2007/2315
http://www.vupen.com/english/advisories/2007/2783
http://www.vupen.com/english/advisories/2008/0905/references
http://www.vupen.com/english/advisories/2008/2396
XForce ISS Database: openssl-asn1-error-dos(29228)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29228
Common Vulnerability Exposure (CVE) ID: CVE-2006-2940
BugTraq ID: 20247
http://www.securityfocus.com/bid/20247
BugTraq ID: 22083
http://www.securityfocus.com/bid/22083
Debian Security Information: DSA-1195 (Google Search)
http://www.debian.org/security/2006/dsa-1195
http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en
http://www.osvdb.org/29261
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10311
http://securitytracker.com/id?1017522
http://secunia.com/advisories/22500
http://secunia.com/advisories/23794
http://secunia.com/advisories/26893
http://www.ubuntu.com/usn/usn-353-2
XForce ISS Database: openssl-publickey-dos(29230)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29230
Common Vulnerability Exposure (CVE) ID: CVE-2006-3738
BugTraq ID: 20249
http://www.securityfocus.com/bid/20249
Bugtraq: 20070602 Recent OpenSSL exploits (Google Search)
http://www.securityfocus.com/archive/1/470460/100/0/threaded
CERT/CC vulnerability note: VU#547300
http://www.kb.cert.org/vuls/id/547300
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.osvdb.org/29262
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4256
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9370
http://secunia.com/advisories/22633
http://secunia.com/advisories/22654
http://secunia.com/advisories/22791
http://secunia.com/advisories/30161
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1
http://www.vupen.com/english/advisories/2006/4314
http://www.vupen.com/english/advisories/2006/4443
XForce ISS Database: openssl-sslgetsharedciphers-bo(29237)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29237
Common Vulnerability Exposure (CVE) ID: CVE-2006-4343
BugTraq ID: 20246
http://www.securityfocus.com/bid/20246
CERT/CC vulnerability note: VU#386964
http://www.kb.cert.org/vuls/id/386964
https://www.exploit-db.com/exploits/4773
http://www.osvdb.org/29263
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10207
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4356
http://secunia.com/advisories/25420
http://www.vupen.com/english/advisories/2007/1973
XForce ISS Database: openssl-sslv2-client-dos(29240)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29240
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.